In message <[EMAIL PROTECTED]> on Fri, 22 
Nov 2002 06:05:15 -0500 (EST), Rich Salz <[EMAIL PROTECTED]> said:

rsalz> Anyone who can crack root will just install a trojan openssl library,
rsalz> anyway.  Seems little point in holding up a release for this.

Possible.  I still want us to get some extra time to assess that,
rather than doing a too quick release, have someone write to us,
bugtraq and the gods know who about the lack of security, and we might
have to make a 0.9.6i with those things "corrected" anyway.

-- 
Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken  \ S-168 35  BROMMA  \ T: +46-8-26 52 47
                    \      SWEDEN       \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis                -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/

Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to