https://bugzilla.mindrot.org/show_bug.cgi?id=1991
Tim Rice <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #8 from Tim Rice <[email protected]> 2012-03-30 14:18:55 EST --- (In reply to comment #7) > Thinking about it some more, the cases you need to consider: > #1: you upgrade openssl to a newer fix version. obviously you don't > want ssh to stop working and with this diff, it won't. > > #2: you upgrade ssh with something built against the same major and > minor version but a newer fix version. Right now, you can't deploy > that unless you upgrade openssl first. > > is #2 a reasonable thing to do? I would argue that it is. > > Damien's counter-argument is from the OpenSSL home page: "OpenSSL 1.0.1 > is now available, including new features". #2 would allow "bad" practice in the general sense. Meaning, while it may be reasonable for a binary built against an older lib to be expected to run with a newer lib, it is not reasonable to expect a binary built with a newer lib to run with an older lib. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
