[arch-general] openssl 3 -- status?
Genes Lists
lists at sapience.com
Fri Jul 1 11:13:59 UTC 2022
On 6/30/22 23:17, David C. Rankin via arch-general wrote:
...
>
> Not to mention the security problems with it:
>
> OpenSSL 3.0.5 awaits release to fix potential worse-than-Heartbleed flaw
>
Thanks for bringing that up David.
I am wondering if some folks might be leaning toward libressl, which at
least did not (appear to) have the last few security issues that openssl
suffered? Of course Theo de Raadt, who is driving libressl, was key in a
similar effort with openssh. However, I suspect libressl, lacking FIPS
support, will not gain sufficient traction - but who knows.
gene
More information about the arch-general
mailing list