Re: Prefer pkgsrc OpenSSL after 2016Q1.

[Manuel Bouyer <bouyer%antioche.eu.org@localhost>]

On Wed, Mar 09, 2016 at 09:55:49AM +0000, coypu%SDF.ORG@localhost wrote:
> On Wed, Mar 09, 2016 at 10:46:43AM +0100, Tobias Nygren wrote:
> > 
> > How will you prevent bind, postfix, racoon, wpa_supplicant, sshd and
> > others from breaking? Across two major release branches + current?
> > 
> 
> This is why the current proposed change is to prefer pkgsrc OpenSSL.
> It will not break anything in base and offer most of the benefits.

it will break in the sense that you'll have two openssl installed
on the system with different version and different behavior.
Updating the pkgsrc openssl won't fix the enventual security issue with
the tools in base.
updating the base system will fix openssl-related security issues for both
base and packages.

So what you propose is clearly a step in the wrong direction.

-- 
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
     NetBSD: 26 ans d'experience feront toujours la difference
--