The following reply was made to PR bin/31120; it has been noted by GNATS.

From: christos@zoulas.com (Christos Zoulas)
To: gnats-bugs@NetBSD.org, gnats-admin@netbsd.org,
	netbsd-bugs@netbsd.org, zafer@gmx.org
Cc: 
Subject: Re: bin/31120 (update openssl in 3beta)
Date: Wed, 7 Jun 2006 19:12:41 -0400

 On Jun 7, 11:00pm, woods@weird.com ("Greg A. Woods") wrote:
 -- Subject: Re: bin/31120 (update openssl in 3beta)
 
 |  That seems like a very much less than ideal approach to maintenance.
 |  
 |  People will no doubt be running systems built from the NetBSD-3 branch
 |  in production for years yet to come, and for something as central to
 |  many security-related applications as OpenSSL is, it would seem
 |  important to keep it as up to date as possible in _all_ supported
 |  branches.
 
 Greg, what version is running on 3.0? Are there any known vulnerabilities
 against it? The problem is that openssl is such a large package, and it
 affects other things (ssh), so we have to weigh the risk/benefit of the
 upgrade.
 
 christos