Moses, we've already released updates for the March 2016 roundup of issues from OpenSSL http://www.ubuntu.com/usn/usn-2914-1/ . We do not ship point updates from OpenSSL for security updates because they sometimes break ABI or introduce other regressions (see e.g. https://bugs.gentoo.org/show_bug.cgi?id=576128 ).
Note that since we've disabled SSLv2 for years DROWN did not apply to our packages, but of course the other issues did. If you wish to prepare a debdiff that removes the -ssl2 options from manpages and so on we'd consider including it in future updates. It's not a high priority for us so we're unlikely to get to it. Thanks ** Bug watch added: Gentoo Bugzilla #576128 https://bugs.gentoo.org/show_bug.cgi?id=576128 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/955675 Title: openssl s_client's '-ssl2' option no longer works in 12.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/955675/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
