[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#802159: New OpenSSL upstream version

Kurt Roeckx <kurt@roeckx.be> writes:

> The alternative is that I go and cherry pick the important bug
> fixes.  By this time there are really a lot that I would like to
> have in the stable releases and I think going that way actually
> has a higher chance of breaking things.

We've run into this before a number of times, and always end up
scratching our head about what to do.  Here's my thinking.

While I generally agree with the notion that we should feature-perturb
stable as little as possible, with software that gets intense upstream
scrutiny (which openssl does now thanks to the LF CII, etc), it often
seems lower risk to me to just accept a new upstream version than to do
this sort of ad-hoc cut and paste activity to back-port security fixes.

In this case, I'd be inclined to let the new version in.


Attachment: signature.asc
Description: PGP signature

Reply to: