[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Minium version of OpenSSL required by "pkgsrc"
On Mon, Feb 10, 2014 at 02:04:37PM +0100, Thomas Klausner wrote:
> On Sun, Feb 09, 2014 at 11:42:17AM +0000, Matthias Scheler wrote:
> > the minimum OpenSSL API version that we currently accept in "pkgsrc"
> > is 0.9.6m. I would like to bump this to 1.0.1c (same as the API dependency)
> > for security reasons:
> We usually don't bump for security reasons (that's what
> pkg-vulnerabilities is for), ...
But we cannot use "pkg-vulnerabilities" to warn that Mac OS X Lion or
NetBSD 5.1 ship with an outdated builtin OpenSSL.
> ... but the other reasons sound convincing.
> Fine with me!
BTW: if I bump the API version I need to perform a recursive bump, don't I?
Matthias Scheler https://zhadum.org.uk/
Main Index |
Thread Index |