[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL


Mike Hommey:
> Well, it kind of is. Because those versioned symbols in openssl come
> from a debian patch, afaict. So while debian may be fine (as long as all
> build-rdeps have been rebuilt since openssl got those versioned
> symbols), other distros aren't covered, as well as binaries not
> compiled on debian.
I am, frankly, not at all concerned with binaries not compiled on Debian
at this point. Data point: Fedora uses a different symbol versioning
scheme for openssl, so openssl-linked binaries from there won't run on
Debian anyway.

It's far more imperative to educate upstream (in general, not just openssl
– but them in particular) about the fact that adding versioning to their
libraries is a Very Good Idea which will save them (and, more to the point,
anybody using their code) a whole lot of hassle – as well as potential
security holes – if/when their ABI changes.

-- Matthias Urlichs

Reply to: