[openssl-dev] version script patch from Debian
Matt Caswell
matt at openssl.org
Thu Jan 21 17:14:32 UTC 2016
On 21/01/16 16:53, Tom Kacvinsky wrote:
> I ran into this problem with the OpenSSL 1.0.1e I built from source on a
> Debian based system (Ubuntu):
>
> libssl.so.1.0.0: no version information available (required by python)
>
> Found this page:
>
> http://ubuntuforums.org/showthread.php?t=1905963
>
> to work around the issue, but the question is, is the version script
> they provide good enough for 1.0.1e?
A few things spring to mind here. Firstly 1.0.1e is really old
(pre-heartbleed) and really shouldn't be used. I'd suggest you upgrade
to 1.0.2e if you can (or 1.0.1q if it has to be 1.0.1).
The simplest fix for this is to ensure that system installed
applications always pick up the system installed libraries, and only use
your locally compiled version for applications that need it.
The version script that debian provide should be fine generally, but
there is always the risk of a mismatch, i.e. if there are symbols
defined in your local version not in the version script. The link in the
above thread is for precise which was based on 1.0.1 (not 1.0.1e) so if
there were any symbols added between 1.0.1 and 1.0.1e then you would be
missing those (generally new symbols are avoided in letter releases so
there may not be any).
Finally, I'd point out that I recently added symbol version information
(for linux) into the forthcoming 1.1.0, so in the future this
(hopefully) won't be a problem.
Matt
More information about the openssl-dev
mailing list