[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Should we upgrade openssl?
From: |
Ludovic Courtès |
Subject: |
Re: Should we upgrade openssl? |
Date: |
Wed, 17 Apr 2019 14:28:13 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.2 (gnu/linux) |
Hi Gábor,
Gábor Boskovits <address@hidden> skribis:
> I would go for the upgrade. As this is a change affecting lots of packages,
> and this upgrade would allow us to reduce the chances to stuck with a
> vulnerable version. I also suppose, that there areg- some changes on
> core-updates we would like to merge anyways before 1.0, so if the upgrade
> goes smoothly, then this is not a big loss of time. Wdyt?
Merging ‘core-updates’ is no longer an option for 1.0: I’m seriously
still aiming for around April 30th. Let’s get our act together!
Likewise, I don’t think the OpenSSL upgrade can be merged on time. But
that’s OK: we can start working on it and have it merged as soon as
possible, possibly with all of ‘core-updates’.
Thoughts?
Thanks,
Ludo’.