[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Latest openssl 1.0.2 for Jessie backports

On 2017-06-28 13:51:57 [+0200], Alexander Wirt wrote:
> I don't see any reasoning for such a big exeception.
> Why do you need that, for what? Currently I don't think it is a good idea and
> openssl is not just a simple package.

We have openssl in jessie-backports already. This release brings only
minor improvement over the one we have currently in backports (AMD Ryzen
support is one thing I remember). According to upstream, 1.0.2l did not
include any security patches. If you disagree to include 1.0.2l what do
you suggest we do once upstream releases 1.0.2m+ which contains security
related changes?

> Alex


Reply to: