[opensuse-factory] getting openSSL up-to-date?
I can imagine most people around here are over their head busy with testing the new milestone, but.... Any chance op doing some major steps (11.2, 11.2, not just 11.3) for openssl? afaicr it was not so long ago that the path for moving to the "K" version was distributed here. But when looking at the openssl site i noticed: 25-feb: OpenSSL 0.9.8m is now available, including important bug and security fixes 24-mar: OpenSSL 0.9.8n is now available, including important bug and security fixes 29-mar: OpenSSL 1.0.0 is now available, a major release I might say that openssl is just as important as packages like apache, which _is_ up-to-date. Specially as it concerns security, and other packages like vpn, stunnel, asterisk are build upon openssl, one might give it a higher priority, not? hw -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org
On Fri, Apr 09, 2010 at 08:29:34PM +0200, Hans Witvliet wrote:
I can imagine most people around here are over their head busy with testing the new milestone, but....
Any chance op doing some major steps (11.2, 11.2, not just 11.3) for openssl?
No chance...
afaicr it was not so long ago that the path for moving to the "K" version was distributed here. But when looking at the openssl site i noticed:
25-feb: OpenSSL 0.9.8m is now available, including important bug and security fixes
Is in factory already.
24-mar: OpenSSL 0.9.8n is now available, including important bug and security fixes
29-mar: OpenSSL 1.0.0 is now available, a major release
Hopefully in 11.3.
I might say that openssl is just as important as packages like apache, which _is_ up-to-date. Specially as it concerns security, and other packages like vpn, stunnel, asterisk are build upon openssl, one might give it a higher priority, not?
We backport security fixes to the old openssl versions, so there is no need for a version upgrade. The fixes for the last issues got released last week btw. Ciao, Marcus -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org
On Fri, Apr 09, 2010 at 08:32:53PM +0200, Marcus Meissner wrote:
On Fri, Apr 09, 2010 at 08:29:34PM +0200, Hans Witvliet wrote:
I can imagine most people around here are over their head busy with testing the new milestone, but....
Any chance op doing some major steps (11.2, 11.2, not just 11.3) for openssl?
No chance...
Oh and for why ... It is a very lowlevel library with high risk of an update breaking things. 0.9.8* was not ABI stable judging from some comments, so a version upgrade might have broken apps (or not). Ciao, Marcus -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org
participants (2)
-
Hans Witvliet
-
Marcus Meissner