the reason is that wolfssl does not support semantic versioning and will bump the soname even with a minor release: e.g. 5.6.4 -> soname 41 5.6.6 -> soname 42.
I think it is managed by the wolfssl rpm package in kamailio repo. When we update wolfssl and then build new kamailio release, then kamailio-wolssl package will be linked with correct wolssl package. Please check [`kamailio-tls_wolfssl-5.8.0-0.el9.centos.x86_64.rpm`](https://rpm.kamailio.org/centos/9/master/master/x86_64/Packages/k/kamailio-t...) `REQUIRES` content ``` libc.so.6()(64bit) libc.so.6(GLIBC_2.14)(64bit) libc.so.6(GLIBC_2.2.5)(64bit) libc.so.6(GLIBC_2.33)(64bit) libm.so.6()(64bit) libwolfssl.so.41()(64bit) rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1 rpmlib(PayloadIsZstd) <= 5.4.18-1 rtld(GNU_HASH) ``` So, when this package was selected for update it automatically tried to install `wolfssl` package which provides ``` libwolfssl.so.41()(64bit) ``` And required wolfssl rpm package is located in the same repo. I prefer to use a dedicated package because when need to analyze the core stack will be easier to install and use debug files for a dedicated package instead of a statically linked file.
"dnf update" will work you execute the simultaneous update of kamailio and wolfssl. But does not work if the same server installed other programs that use old wolfssl ABI. In this case, static linking will be an option. But it is a very rare case.