On Fri 2015-06-12 15:13:18 -0400, Georg Koppen wrote:
> We actually rebuilt parts of the 4.5.2 bundles mentioned above to
> include the latest Tor (0.2.6.9) and above all a fixed OpenSSL (1.0.1n).
Please use OpenSSL 1.0.1o, and not 1.0.1n.
1.0.1n had an ABI breakage which was fixed in 1.0.1o. This might not be
an issue for TBB in the common use case, particularly, if you're
building all of TBB from source in one go, and nothing interacts with
TBB's OpenSSL from outside TBB. But if any of your components were
built against 1.0.1m or earlier (or end up being built against 1.0.1o or
later in the future) and they need to interact with the 1.0.1n, you risk
memory corruption.
Regards,
--dkg