On Wed, Jun 11, 2014 at 10:32:54AM +0100, Ben Laurie wrote:
> We (the OpenSSL team) are considering a more aggressive EOL strategy.
> In particular, we may EOL 0.9.8 right now, and 1.0.0 when 1.0.2 comes
> out (currently in beta).
> Going forward we would only maintain two versions, so when 1.0.3
On 11 June 2014 06:59, Jonathan Anderson wrote:
> Dan Lukes wrote:
>> 9.3 can be patched during it's lifetime, but 9.3-pX and 9.3-pY needs to be
>> binary compatible.
>>
>> If it is not compatible, then it's no 9.3 anymore.
>>
>>> One modification I'd be prepared to contemplate is that 1.0.1 (for
On 06/11/14 18:49, Jonathan Anderson:
I propose that we be a bit more careful about the libraries that we're
willing to commit to an ABI on, restricting ourselves to things that we
are able to maintain internally as a project or where upstream changes
don't break the ABI (e.g. an executable where
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 11.06.2014 15:56, Dan Lukes wrote:
> On 06/11/14 15:00, Ben Laurie:
>>> What about ongoing FreeBSD 9.3 release ? According tradition,
>>> it's EOL should occur two years past release. But what we will
>>> do if embedded version of OpenSSL become u
Hi, Ben--
Thanks for soliciting feedback.
On Jun 11, 2014, at 2:32 AM, Ben Laurie wrote:
> We (the OpenSSL team) are considering a more aggressive EOL strategy.
>
> In particular, we may EOL 0.9.8 right now, and 1.0.0 when 1.0.2 comes
> out (currently in beta).
>
> Going forward we would only
Dan Lukes wrote:
In such case, the content of /usr/src/contrib needs to be reevaluated
very carefully. The OpenSSL is not only external library here ...
OpenSSL is a bit special, though. The ABI for, e.g., jemalloc isn't
likely to change very much upstream, nor are we likely to break it for
s
First I have read "OpenSSL end of life" and I started to get happy
that this project goes away... :)
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail t
On 06/11/14 15:59, Jonathan Anderson:
Once we officially move to the 5-year branch lifetime
5-year ?
In such case, the content of /usr/src/contrib needs to be reevaluated
very carefully. The OpenSSL is not only external library here ...
It seems to me that the only solution is to remove th
Dan Lukes wrote:
> 9.3 can be patched during it's lifetime, but 9.3-pX and 9.3-pY needs
to be binary compatible.
>
> If it is not compatible, then it's no 9.3 anymore.
>
>> One modification I'd be prepared to contemplate is that 1.0.1 (for
>> example) is supported for some known period of time,
On 06/11/14 15:00, Ben Laurie:
What about ongoing FreeBSD 9.3 release ? According tradition, it's EOL
should occur two years past release. But what we will do if embedded version
of OpenSSL become unsupported just this winter ?
I don't know - for a start, just because the OpenSSL team don't
sup
On 11 June 2014 13:14, Dan Lukes wrote:
> On 06/11/14 11:32, Ben Laurie:
>
>> Going forward we would only maintain two versions, so when 1.0.3 comes
>> out, 1.0.1 would be EOL.
>
>
> So, the date of EOL of 1.0.1 will not be known. Just some day the 1.0.3 will
> be released and 1.0.1 become damned.
On 06/11/14 15:00, Ben Laurie:
Some of them wish to declare lifetime of particular version at the time of
release. It will be possible no longer as embedded OpenSSL may become
obsolete at any time.
This is already true, because of bugs. And, in practice, no version of
OpenSSL (or anything else,
On 06/11/14 11:32, Ben Laurie:
Going forward we would only maintain two versions, so when 1.0.3 comes
out, 1.0.1 would be EOL.
So, the date of EOL of 1.0.1 will not be known. Just some day the 1.0.3
will be released and 1.0.1 become damned.
Also, I consider its not so friendly to projects us
We (the OpenSSL team) are considering a more aggressive EOL strategy.
In particular, we may EOL 0.9.8 right now, and 1.0.0 when 1.0.2 comes
out (currently in beta).
Going forward we would only maintain two versions, so when 1.0.3 comes
out, 1.0.1 would be EOL.
What do people think about this?
__
14 matches
Mail list logo
