On Fri, Nov 19, 2010 at 10:28:08AM -0500, Michael Gilbert wrote: > On Fri, 19 Nov 2010 11:35:48 +0100, Peter Palfrader wrote: > > What's the verdict here? > > > > Are we going to update openssl in stable (either via -security or with > > the next point release), and if yes, what are we doing with tor? > > The decision was made a while back to fix this in an SPU. Kurt put out > packages a few weeks ago and called for testing, but I've only seen one > response so far. So I think that what needs to happen is a little more > testing? You might want to point us to that decision. We'd prefer to have this handled by security. Thanks Philipp Kern
Attachment:
signature.asc
Description: Digital signature