Hi
On Tue, Jun 10, 2014 at 8:44 PM, Darin Perusich wrote:
>
>
> Perhaps maintaining FIPS support as a patch set, much like how "features"
> such as acl, slp, openssl, etc are added to rsync, would be a suitable
> approach. This would keep the extra crap like FIPS out of LibreSSL then if
> some
On Tue, Jun 10, 2014 at 8:13 PM, Kevin Kofler
wrote:
> Álvaro Castillo wrote:
> > However, OpenBSD was created a fork called LibreSSL try to solve this
> > issues. Should Fedora to move LibreSSL (http://www.libressl.org/)? Or
> > still use OpenSSL and wait what's bug could be found today, or
> >
Paul wrote:
> Perhaps moving from OpenSSL to NSS would be better if you are that worried
> about OpenSSL bugs
The problem is that nss-compat-ossl is not a drop-in replacement and as such
basically useless. Upstream projects tend to support only OpenSSL.
Kevin Kofler
--
devel mailing li
Álvaro Castillo wrote:
> However, OpenBSD was created a fork called LibreSSL try to solve this
> issues. Should Fedora to move LibreSSL (http://www.libressl.org/)? Or
> still use OpenSSL and wait what's bug could be found today, or
> tomorrow, or few months to go similar Adobe Flash bugs?
Since th
It's not stable yet, and it's not ported to other operating systems.
the folks over at OpenBSD do import some powerful security tools and
keep them clean, such SSH. (No, they didn't writ it, they ported it
and maintain the core code.)
But that means it's unlikely to work well on other operating sy
On Sun, 8 Jun 2014, Tomasz Torcz wrote:
On Sun, Jun 08, 2014 at 12:21:08PM -0400, Paul wrote:
That bug was not found by the rampaging libressl people either.
Perhaps moving from OpenSSL to NSS would be better if you are that worried
about OpenSSL bugs
We've tried that: http://fedoraproject
On Sun, Jun 08, 2014 at 12:21:08PM -0400, Paul wrote:
> That bug was not found by the rampaging libressl people either.
>
> Perhaps moving from OpenSSL to NSS would be better if you are that worried
> about OpenSSL bugs
We've tried that: http://fedoraproject.org/wiki/FedoraCryptoConsolidation
That bug was not found by the rampaging libressl people either.
Perhaps moving from OpenSSL to NSS would be better if you are that worried
about OpenSSL bugs
Sent from my iPhone
> On Jun 8, 2014, at 10:21, Álvaro Castillo wrote:
>
> Dear mailing list,
>
> Few days was built an patch to solv
On Sun, Jun 8, 2014 at 4:42 PM, Reindl Harald wrote:
>
> Am 08.06.2014 16:21, schrieb Álvaro Castillo:
>> Few days was built an patch to solve an another vulnerability into
>> OpenSSL(http://bits.blogs.nytimes.com/2014/06/05/new-bug-found-in-widely-used-openssl-encryption/?_php=true&_type=blogs&_r
On Sun, Jun 08, 2014 at 03:21:04PM +0100, Álvaro Castillo wrote:
> However, OpenBSD was created a fork called LibreSSL try to solve this
> issues. Should Fedora to move LibreSSL (http://www.libressl.org/)? Or
> still use OpenSSL and wait what's bug could be found today, or
> tomorrow, or few months
Am 08.06.2014 16:42, schrieb Reindl Harald:
> Am 08.06.2014 16:21, schrieb Álvaro Castillo:
>> Few days was built an patch to solve an another vulnerability into
>> OpenSSL(http://bits.blogs.nytimes.com/2014/06/05/new-bug-found-in-widely-used-openssl-encryption/?_php=true&_type=blogs&_r=0).
>> Som
Am 08.06.2014 16:21, schrieb Álvaro Castillo:
> Few days was built an patch to solve an another vulnerability into
> OpenSSL(http://bits.blogs.nytimes.com/2014/06/05/new-bug-found-in-widely-used-openssl-encryption/?_php=true&_type=blogs&_r=0).
> Some sources talks about that's bug was discovered a
At present I have more trust in the OpenBSD guys than OpenSSL based upon
their previous work. So I'd prefer to move to LibreSSL once stable
Just my 2c worth.
Jon
On 8 Jun 2014 15:21, "Álvaro Castillo" wrote:
> Dear mailing list,
>
> Few days was built an patch to solve an another vulnerability
Dear mailing list,
Few days was built an patch to solve an another vulnerability into
OpenSSL(http://bits.blogs.nytimes.com/2014/06/05/new-bug-found-in-widely-used-openssl-encryption/?_php=true&_type=blogs&_r=0).
Some sources talks about that's bug was discovered a long time ago but
does not fixed
14 matches
Mail list logo
