Re: OpenSSL 1.1.0
On Tue, Nov 15, 2016 at 07:03:28PM +1100, Scott Leggett wrote:
> On 2016-11-15.00:16, Adrian Bunk wrote:
> > Bugs like "With Kurt's patch, apache2 crashes on startup with an invalid free."
> > or #843988 will be a common sight on the list of RC bugs for several
> > months in any scenario with OpenSSL 1.1 as default.
> >
> > ...
> >
> > 2. move the stretch release schedule by 6-12 months to have
> > only OpenSSL 1.1 in stretch
>
> So with OpenSSL 1.1 in stretch, the release schedule is going to move by
> 6-12 months regardless?
Shipping OpenSSL 1.1 as security-supported technology preview in stretch,
and a few packages that both work with OpenSSL 1.1 and do not have
inter(r)dependencies with packages that don't work properly with OpenSSL
1.1 could use it - that would be possible without negative impact on the
release schedule.
> Regards,
> Scott.
cu
Adrian
--
"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed
Reply to: