Udo van den Heuvel
udovdh at xs4all.nl
Fri Mar 9 04:43:43 UTC 2018
On 08-03-18 21:22, Richard Laager wrote:
>> Can't we simply enforce a reasonable level? (e.g. maximum of XX months
>> old version of openssl)
> Probably not, as backported fixes for particular issues will not
> increment the version number.
But fixes by the openssl team /will/ increment the version number.
So my opinion is that eliminating the openssl version check has only one
drawback: we lose our single possibility to influence what openssl we
build against. This /could/ have certain security implications and thus
tainting ntpsec's name.
More information about the devel