On 16/12/15 09:24, Gert Doering wrote: > > OTOH, 0.9.8 and 1.0.0 will be discontinued end of this year, so we should > see vendor upgrades.
Enterprise distributions will not rebase OpenSSL on their supported distroes. RHEL5 will continue to ship the openssl-0.9.8 base. But it will be, as it always has, maintained by Red Hat. So security and critical bugs will be provided. I expect SuSE does something similar to their enterprise release as well. FTR ... RHEL 5 is fully supported until end of March 2017. Customers paying for an extended life cycle support add-on (ELS) will get critical-impact security fixes. For more information: <https://access.redhat.com/support/policy/updates/errata> Even though I know it would be good to get rid of the support for these old OpenSSL versions ... we can't just kick them out like that. Not yet. James have asked us to keep RHEL 5 support as long as it is supported by Red Hat. I think it is fine for us to aim for March 2017. Then it will be RHEL 6 which is our next target (openssl-1.0.1 base). With that said. I do not not think it is necessarily worthwhile to insist on 'git master' being supported on RHEL 5, especially if it begins to be painful to support RHEL 5 on our bleeding edge code base. In that perspective I would not mind if we consider the coming OpenVPN 2.4 to be the newest OpenVPN release we support on RHEL 5. I would prefer not going any older than 2.4 though. -- kind regards, David Sommerseth
signature.asc
Description: OpenPGP digital signature
