After upgrade from RoL 9.6 to 9.7 warning messages start to appear in the Postfix log:
postfix/smtpd[727080]: warning: run-time library vs. compile-time header version mismatch: OpenSSL 3.5.0 may not be compatible with OpenSSL 3.2.0
Postfix works fine but this message is logged each connection. If it is expected behavior is there a way how to suppress these messages?
Googling this error message gives lots of hits on this problem. But nothing to worry about. And no, there doesn’t seem to be a way of suppressing it.
Assuming postfix daemon has already been restarted after the update, and the problem didn’t go away.
Actually this means, that postfix was not rebuild against newer openssl.
Explanation
OpenSSL provides TWO variants of getting the version:
If they differ, the client-app (in this case: postfix) was not rebuilt against the newer libs that came in the 9.7 update.
The only way to get rid of this, is to rebuild postfix.
Verifying that on a rocky9..6 system that just was upgraded to rocky9.7
rpm -qi postfix reports:
Install Date: Fri Nov 22 17:03:26 2024 which is from before the 9.7 upgrade.
So:
Either RedHat forgot to rebuild postfix against the newer openssl or maybe not all packages are distributed on all mirrors yet.
Cheers
-Fritz
From the google results I read, it isn’t a big problem. Mainly because the most important part is the OpenSSL major version, so 3. So doesn’t matter if 3.0, 3.1, 3.2 or 3.5. Sure, postfix complains about it, and yes rebuilding will fix that. Other than the warning, there is no need to rebuild it since it still works.
Red Hat would have rebuilt it, if postfix would have completely stopped working, for example, OpenSSL 4 instead of OpenSSL 3. The minor point release isn’t a big problem. Unfortunately the log entries cause a little bit of spam.