Re: Another bug on OpenSSL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

It's not stable yet, and it's not ported to other operating systems.
the folks over at OpenBSD do import some powerful security tools and
keep them clean, such SSH. (No, they didn't writ it, they ported it
and maintain the core code.)

But that means it's unlikely to work well on other operating systems
until it's ported back: The folks there have some interesting policies
about randomization, chroot behavior, and coding to OpenBSD, not any
other OS, that will keep  it unstable for a while on other operating
systems.

Now, if you've got the expertise and time to help with that, it seems
a well founded and sensible project.


On Sun, Jun 8, 2014 at 10:34 AM, Jon Kent <jon.kent@xxxxxxxxx> wrote:
> At present I have more trust in the OpenBSD guys than OpenSSL based upon
> their previous work. So I'd prefer to move to LibreSSL once stable
>
> Just my 2c worth.
>
> Jon
>
> On 8 Jun 2014 15:21, "Álvaro Castillo" <netsys@xxxxxxxxxxxxxxxxx> wrote:
>>
>> Dear mailing list,
>>
>> Few days was built an patch to solve an another vulnerability into
>>
>> OpenSSL(http://bits.blogs.nytimes.com/2014/06/05/new-bug-found-in-widely-used-openssl-encryption/?_php=true&_type=blogs&_r=0).
>> Some sources talks about that's bug was discovered a long time ago but
>> does not fixed.
>>
>> However, OpenBSD was created a fork called LibreSSL try to solve this
>> issues. Should Fedora to move LibreSSL (http://www.libressl.org/)? Or
>> still use OpenSSL and wait what's bug could be found today, or
>> tomorrow, or few months to go similar Adobe Flash bugs?
>> --
>> devel mailing list
>> devel@xxxxxxxxxxxxxxxxxxxxxxx
>> https://admin.fedoraproject.org/mailman/listinfo/devel
>> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
>
>
> --
> devel mailing list
> devel@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/devel
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux