stunnel 5.06 not yet linked against OpenSSL 1.0.1t on debian jessie
Hi, that's the log on a debian jessie, starting stunnel: 2018.10.24 ..: stunnel 5.06 on x86_64-pc-linux-gnu platform 2018.10.24 ..: Compiled with OpenSSL 1.0.1k 8 Jan 2015 2018.10.24 ..: Running with OpenSSL 1.0.1t 3 May 2016 2018.10.24 ..: Update OpenSSL shared libraries or rebuild stunnel All debian packages are upgraded: $ sudo apt-get update ... $ sudo apt-get upgrade 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. $ $ dpkg -l|egrep 'openssl|stunnel' ... ii openssl 1.0.1t-1+deb8u9 ... ii stunnel4 3:5.06-2+deb8u1 $ Guess the log tells the current stunnel-package is not linked against openssl 1.0.1t lib yet. No pinning is active: $ ls -l /etc/apt/preferences -rw-r--r-- 1 root root 0 Jun 4 2010 /etc/apt/preferences $ Is that - stunnel not being linked against the current openssl-lib - a serious problem? Will there soon be a stunnel-package being linked against openssl 1.0.1t? Thanks in Advance -- Hans
Hi, On 2018-10-24 17:29, Johann Hörmann wrote:
Is that - stunnel not being linked against the current openssl-lib - a serious problem?
It is usually not necessary to rebuild all packages using a specific lib just because it got updated.
Will there soon be a stunnel-package being linked against openssl 1.0.1t?
The debian people are doing that, so that would be something to ask them, specifically the package maintainers (see https://packages.debian.org/jessie/stunnel4). But since jessie support ended last June and LTS won't rebuild , I would not hold my breath. Why do you care about this in the first place? You are using a stunnel version that is 4 years old and got last patched more than 3 years ago. If it's of any importance to you, you should really upgrade to stretch (optionally with bpo) or at least use jessie-backports. Regards Jakob
participants (2)
-
Jakob Hirsch -
Johann Hörmann