[openssl-users] Applying security patches to 0.9.8a

Rob Marshall rob.marshall17 at gmail.com
Tue Apr 17 22:36:09 UTC 2018


The OS is SLES 10 SP3 and there are currently close to 80 binaries
that appear to use libssl.so.0.9.8. They are from a bunch of different
packages, so I would imagine that updating to anything more recent
than 0.9.8 would be a major hassle and possibly not even possible.

I did find openssl-0.9.8zh.tar.gz which was last modified in 2015
which is way better than 0.9.8a which hasn't been touched since 2005.
I'm trying to install 0.9.8zh now to see if that works.

But I know someone is going to ask: Can you apply all of the newer
security fixes to 0.9.8zh? So I'll ask...can I?



On Tue, Apr 17, 2018 at 6:22 PM, Salz, Rich via openssl-users
<openssl-users at openssl.org> wrote:
>>    I have an application that runs on an old OS that currently has
>     OpenSSL 0.9.8a
> So you should be able to compile and install the last 0.9.8 release, https://www.openssl.org/source/old/0.9.x/openssl-0.9.8zc.tar.gz  Note that this is more than two years old.  Many fixes have happened since then.
> Good luck.
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

More information about the openssl-users mailing list