[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#802159: New OpenSSL upstream version

Personally I'm in favour of following the openssl point updates and I'd
like to add an additional data point to the discussion:

CVE-2015-3196 was already fixed as a plain bugfix in an earlier point
release, but the security impact was only noticed later on, so following
the point updates would have fixed this bug five months ago.

(http://www.openssl.org/news/secadv/20151203.txt for details)


Reply to: