[clamav-users] ClamAV®: ClamAV 0.98.4rc1 is now available!
Charles Swiger
cswiger at mac.com
Fri May 30 17:02:54 UTC 2014
Hi--
On May 30, 2014, at 6:37 AM, Andreas Schulze <andreas.schulze at datev.de> wrote:
> Am 16.05.2014 16:08 schrieb Martin Preen:
>> The compilation with Solaris OpenSSL 0.9.7 stops with
>>
>> "crypto.c", line 834: undefined symbol: X509_VERIFY_PARAM
>> "crypto.c", line 834: undefined symbol: param
>> "crypto.c", line 834: syntax error before or at: =
>> "crypto.c", line 860: warning: implicit function declaration: X509_VERIFY_PARAM_new
>
> same here: SLES9, openssl 0.9.7d
>
> crypto.c: In function `cl_validate_certificate_chain':
> crypto.c:834: error: `X509_VERIFY_PARAM' undeclared (first use in this function)
> crypto.c:834: error: (Each undeclared identifier is reported only once
> crypto.c:834: error: for each function it appears in.)
> crypto.c:834: error: `param' undeclared (first use in this function)
>
> Is there a chance the codepath could be disabled?
Of course. Source code is available; and anyone is welcome to create a patch.
> Yes, I know the target is old, yes. But that's not the point here.
> I would like to update too but it's simply no option.
A second point to note is that openssl-0.9.7d not only has a bunch of known security
issues, it's obsolete and will not be getting fixes. It should be easier to update
your OpenSSL to something secure than it would be to create a patch ClamAV to have it
work with obsolete versions of OpenSSL.
Regards,
--
-Chuck
More information about the clamav-users
mailing list