Bug#844160: Bug#828236: [Pkg-openssl-devel] Bug#844160: openssl 1.1 and apache2
On Wed, Nov 16, 2016 at 11:05:13PM +0100, Stefan Fritsch wrote:
> BTW, I am pretty sure that support for enhanced master secret and chacha20
> will appear for openssl 1.0.2 before the release of stretch+1, if only because
> redhat needs it for its long support cycles. Back-porting that to stretch in a
> year or so in a stable-point-release would IMHO be the best option.
At least for ChaCha20 there are patches available for OpenSSL 1.0.2 that
are already being used elsewhere.
> Apache httpd 2.4 came out, I was also quite disappointed that it could not be
> included in squeeze, but mod_perl was not ready at the time and it would not
> have made any sense to include an inofficial forward-port of mod_perl to 2.4 in
> Debian. In the same way, I don't think it is a good idea to include lots of
> patches for openssl 1.1, with little testing.
"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed