On Sun, May 17, 2015, at 16:08, Roger Marquis wrote: > Mark Felder wrote: > >> Considering the time to write and test patches is the same in either case > >> it is still an open question. > > > Again, this is not possible. You can't just "replace" the base OpenSSL. > > That port or package would also have to replace every binary and library > > in the base system linked to an OpenSSL library such as libcrypt with a > > version that was built against the updated OpenSSL. > > Sure, when you must change the ABI you also have to rebuild linked libs > and bins, but how many openssl 0.9 updates have required ABI changes? > > Roger
This entire discussion has been about doing MAJOR updates to OpenSSL in base. Updates that obviously require ABI changes. Please tell me about a feature change between FreeBSD 9.3's OpenSSL 0.9.8za and the latest compatible 0.9.8ze that validates a port for OpenSSL that replaces base. I cannot find any that justify the effort. _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
