Re: [stable] openssl rfc5746 / renegotiation support
On Fri, 19 Nov 2010 11:35:48 +0100, Peter Palfrader wrote:
> What's the verdict here?
> Are we going to update openssl in stable (either via -security or with
> the next point release), and if yes, what are we doing with tor?
The decision was made a while back to fix this in an SPU. Kurt put out
packages a few weeks ago and called for testing, but I've only seen one
response so far. So I think that what needs to happen is a little more