Anders Karlsson wrote:
* Rick Stevens <ricks@xxxxxxxx> [20080510 01:16]:
[snip]
Not always possible. I recently had to put OpenSSL 0.9.8g on a CentOS
5.1 machine to pass a certain certification. The latest OpenSSL for
CentOS 5.1 is 0.9.8b (farking ancient). I did it by building it from
a F9-Preview source RPM, building it (with some tweaks as F9 has some
ciphers that CentOS 5.1 doesn't have), installing the binaries and
poking various symlinks and such to make existing apps happy. So, Rule
1 can't ALWAYS be adhered to, no matter how "stock" you want your system
to be.
Don't stare yourself blind on the version string. If the only reason
for requiring OpenSSL 0.9.8g is security fixes, then the version in
CentOS may very well have all the ones you'd care about. You are aware
of Red Hat's ABI/API guarantee - right?
Saying that - I have some tools that I build for RHEL 5.x and for
Fedora 8 (soon 9) as a matter of course, as I use them elsewhere
regularly.
The bugs may have been fixed in Red Hat's 0.9.8b and that'd be peachy.
However, the certification also looks at the version strings and such
and even if the bugs WERE fixed, it wouldn't pass the certification
test if the version came back as anything less than 0.9.8f.
Yes, it's stupid, but I didn't make the rules. In some respects, it's
the "I'm the mommy and I said so!" scenario.
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer rps2@xxxxxxxx -
- Hosting Consulting, Inc. -
- -
- What is a "free" gift? Aren't all gifts free? -
----------------------------------------------------------------------
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list