Active Topics
-
Sailfish OS for the Motorola Moto G7 Power (XT1955-5) - (ocean) (3)
to SailfishOS by edp17 - 10 hrs, 9 mins ago -
The N900 is now 15 years old! (6)
to Nokia N900 by Macros - 1 day, 14 hrs ago -
F(x)tec Pro1x (QWERTY) for sale (0)
to Buy & Sell by aln00000 - 2 days, 2 hrs ago -
n770 youtube video (0)
to General by nmdv - 6 days, 2 hrs ago - more...
| The Following 4 Users Say Thank You to For This Useful Post: | ||
|
2013-11-13
, 09:38
|
|
Posts: 804 |
Thanked: 1,598 times |
Joined on Feb 2010
@ Gdynia, Poland
|
#2
|
> crucial security package
> not in repositories, on dropbox
> no sources
No, thank you. Is it packaged in a way that it replaces the default Maemo one? If so, have you checked if it is fully binary compatible with 0.9.8 branch?
Sorry for rants, apart from concerns I stated in this post, nice job
> not in repositories, on dropbox
> no sources
No, thank you. Is it packaged in a way that it replaces the default Maemo one? If so, have you checked if it is fully binary compatible with 0.9.8 branch?
Sorry for rants, apart from concerns I stated in this post, nice job
| The Following 3 Users Say Thank You to misiak For This Useful Post: | ||
|
|
2013-11-13
, 09:49
|
|
Guest |
Posts: n/a |
Thanked: 0 times |
Joined on
|
#3
|
Originally Posted by misiak
1. Yes, crucial security package
> crucial security package
> not in repositories, on dropbox
> no sources
No, thank you. Is it packaged in a way that it replaces the default Maemo one? If so, have you checked if it is fully binary compatible with 0.9.8 branch?
Sorry for rants, apart from concerns I stated in this post, nice job
propably a fair reason to update 2. On dropbox, simply because I dont have the hang on garage (yet) and - I basically needed this for my own pentesting purposes (together with ruby1.93) for Metasploit.
3. Right, sources are available. This is compiled straight of original sources ( http://www.openssl.org/source/openssl-1.0.1e.tar.gz )
No, not a rant
I completely understand Your security concerns, as well as compatibility. I only tested this personally, and I an not guarantee issues, as it does make a replacement of the standard 0.98 installed version (this was needed for me).So, I am sure further testing and more complex testing will be a good idea, before it will/can/should make it into any official repositories.
|
|
2013-11-13
, 11:01
|
|
Posts: 804 |
Thanked: 1,598 times |
Joined on Feb 2010
@ Gdynia, Poland
|
#4
|
Originally Posted by nieldk
I think there's a reason why openssl keeps updating their old branches at the same time why new and there might be some binary incompatibilities and api breaking changes. In my oppinion we should rather update to 0.9.8y instead of 1.0.1e (they were published the same week, and each contains newest bugfixes, just in different branches). And, if you need 1.0.1e, you could package it e.g. as "openssl1" (i think in MeeGo Harmattan the "libssl.so.0.9.8" was replaced with "libssl1.so.1.0.0", so if we follow the scheme, we could have both openssls installed and the newer one could be distributed via extras).
1. Yes, crucial security package
2. On dropbox, simply because I dont have the hang on garage (yet) and - I basically needed this for my own pentesting purposes (together with ruby1.93) for Metasploit.
[...]
No, not a rant
So, I am sure further testing and more complex testing will be a good idea, before it will/can/should make it into any official repositories.
Originally Posted by nieldk
If you're paranoid, you can never be sure
[...]
3. Right, sources are available. This is compiled straight of original sources ( http://www.openssl.org/source/openssl-1.0.1e.tar.gz )
[...]
And, Debian and/or Maemo usually add platform-specific patches for the sources, so it might be good idea to append those while packaging, too.
| The Following 2 Users Say Thank You to misiak For This Useful Post: | ||
|
|
2014-04-16
, 20:57
|
|
Posts: 1,163 |
Thanked: 1,873 times |
Joined on Feb 2011
@ The Netherlands
|
#6
|
Again same as the other thread is it safe from heartbleed?
Edit: NO, maybe a newer version but definitly a warning is needed.
Last edited by mr_pingu; 2014-04-16 at 21:01.
Edit: NO, maybe a newer version but definitly a warning is needed.
__________________
N900 loaded with:
CSSU-T (Thumb)
720p recording,
Pierogi, Lanterne, Cooktimer, Frogatto
N9 16GB loaded with:
Kernel-Plus
--
[TCPdump & libpcap | ngrep]
--
donate
N900 loaded with:
CSSU-T (Thumb)
720p recording,
Pierogi, Lanterne, Cooktimer, Frogatto
N9 16GB loaded with:
Kernel-Plus
--
[TCPdump & libpcap | ngrep]
--
donate
Last edited by mr_pingu; 2014-04-16 at 21:01.
| The Following 2 Users Say Thank You to mr_pingu For This Useful Post: | ||
|
|
2014-04-17
, 06:08
|
|
Guest |
Posts: n/a |
Thanked: 0 times |
Joined on
|
#7
|
Originally Posted by mr_pingu
Updated first post with my version 1.0.1g
Again same as the other thread is it safe from heartbleed?
Edit: NO, maybe a newer version but definitly a warning is needed.
Still didnt figure out garage :/
 |
|
2014-04-17
, 06:46
|
|
Posts: 1,348 |
Thanked: 1,863 times |
Joined on Jan 2009
@ fr/35/rennes
|
#8
|
same question for harmattan
--
http://rzr.online.fr/q/ssl
--
http://rzr.online.fr/q/ssl
__________________
Current obsession:
https://purl.org/rzr/abandonware
Please help to list all maemo existing apps :
https://github.com/abandonware/aband...ment-578143760
https://wiki.maemo.org/Apps#
I am looking for " 4 inch TFT LCD display screen " for Nokia n950 HandSet
http://rzr.online.fr/q/lcd
Also, I need online storage to archive files :
http://db.tt/gn5Qffd6#
https://my.pcloud.com/#page=register...e=g8ikZmcfEJy#
Current obsession:
https://purl.org/rzr/abandonware
Please help to list all maemo existing apps :
https://github.com/abandonware/aband...ment-578143760
https://wiki.maemo.org/Apps#
I am looking for " 4 inch TFT LCD display screen " for Nokia n950 HandSet
http://rzr.online.fr/q/lcd
Also, I need online storage to archive files :
http://db.tt/gn5Qffd6#
https://my.pcloud.com/#page=register...e=g8ikZmcfEJy#
| The Following User Says Thank You to www.rzr.online.fr For This Useful Post: | ||
|
|
2014-04-17
, 07:48
|
|
Guest |
Posts: n/a |
Thanked: 0 times |
Joined on
|
#9
|
Originally Posted by www.rzr.online.fr
done, is on my openrepos
same question for harmattan
--
http://rzr.online.fr/q/ssl
openssl-1.0.1g and openssl1.0.1g-devel packages
| The Following 3 Users Say Thank You to For This Useful Post: | ||
The OpenSSL package contains management tools and libraries relating to cryptography. These are useful for providing cryptography functions to other packages, such as OpenSSH, email applications and web browsers (for accessing HTTPS sites).
Sorry, it is not in repositories, but sharing on my dropbox for you.
https://www.dropbox.com/s/wppzs1vhn9...0.1g_armel.deb
Last edited by nieldk; 2014-04-17 at 06:07.