[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#844160: Bug#828236: [Pkg-openssl-devel] Bug#844160: openssl 1.1 and apache2

On Wed, Nov 16, 2016 at 11:05:13PM +0100, Stefan Fritsch wrote:
> BTW, I am pretty sure that support for enhanced master secret and chacha20 
> will appear for openssl 1.0.2 before the release of stretch+1, if only because 
> redhat needs it for its long support cycles. Back-porting that to stretch in a 
> year or so in a stable-point-release would IMHO be the best option.

At least for ChaCha20 there are patches available for OpenSSL 1.0.2 that 
are already being used elsewhere.

> When 
> Apache httpd 2.4 came out, I was also quite disappointed that it could not be 
> included in squeeze, but mod_perl was not ready at the time and it would not 
> have made any sense to include an inofficial forward-port of mod_perl to 2.4 in 
> Debian. In the same way, I don't think it is a good idea to include lots of 
> patches for openssl 1.1, with little testing.
> Cheers,
> Stefan



       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed

Reply to: