Fw: version question
Nico Kadel-Garcia
nkadel at gmail.com
Fri Nov 21 14:03:05 EST 2014
On Thu, Nov 20, 2014 at 9:31 PM, Damien Miller <djm at mindrot.org> wrote:
> On Wed, 19 Nov 2014, Nico Kadel-Garcia wrote:
>
>> Use 6.6p1, or consider patching the check for openssl version in
>> openbsd-compat/openssl-compat.h to ignore the failure, on the basis
>> that RHEL has been backporting patches to openssl for RHEL 5..
>
> Do you understand why that check exists in the first place?
That's why I asked. A bit more digging shows that the HeartBleed bug
apparently never applied to 0.9.8 versions of OpenSSL, the version
used in RHEL 5, so that shouldn't be an issue there. OpenSSH version
6.6 was indeed, compatible with that older OpenSSL on RHEL 5, I even
just tested its basic functionalit, so I assume it's not a major API
incompatibility introduced with OpenSSH 6.7p1.
So I'm now quite curious.
More information about the openssh-unix-dev
mailing list