Upgrade OpenSSL = relink PHP?

**petersprc** · Jan 4 '07, 03:35 AM

Re: Upgrade OpenSSL = relink PHP?

I would think that yeah it would be necessary...

Dan M wrote:

I just learned that the version of OpenSSL I'm running (on a RedHat EL)
server has some vulnerabilities that I'd like to close. I'm running PHP
5.1.4. My question is this: I've got PHP 5.1.4, and it's built with
"--with-openssl=shared" in the ./configure command line. If install the
latest version of OpenSSL, do I need to relink PHP?

**petersprc** · Jan 4 '07, 03:45 AM

Re: Upgrade OpenSSL = relink PHP?

Actually maybe you don't have to recompile. Though I'm not entirely
sure. Here's a note from openssl:

Whether you choose to upgrade to a new version or to apply the
patch, make sure to recompile any applications statically linked
to OpenSSL libraries if these applications use the OpenSSL
SSL/TLS server implementation.

>From http://www.openssl.org/news/secadv_20051011.txt.

petersprc wrote:

I would think that yeah it would be necessary...
>
Dan M wrote:

I just learned that the version of OpenSSL I'm running (on a RedHat EL)
server has some vulnerabilities that I'd like to close. I'm running PHP
5.1.4. My question is this: I've got PHP 5.1.4, and it's built with
"--with-openssl=shared" in the ./configure command line. If install the
latest version of OpenSSL, do I need to relink PHP?

Upgrade OpenSSL = relink PHP?

Upgrade OpenSSL = relink PHP?

Comment

Comment