Hi, On 16/10/14 21:12, Kurt Roeckx wrote: > This would actually make things for me much more simple. I > sometimes run into problems because of missing bug fixes that have > been done earlier in the branch. And I generaly think that the > 1.0.1j version is much better than then 1.0.1e version. AIUI that would enable TLS v1.1, v1.2, and GCM cipher modes not available in the current wheezy version? These are highly desirable in production for me. FWIW the latter is specified by NSA Suite B. The wheezy-pu's of Tor might be some precedent for keeping crypto software up-to-date. OTOH Heartbleed only affected those who'd upgraded already from openssl 0.9.8 -> 1.0.x, so one takes a risk either way? Regards, -- Steven Chamberlain steven@pyro.eu.org
Attachment:
signature.asc
Description: OpenPGP digital signature