openssl commit

Udo van den Heuvel udovdh at
Fri Mar 9 04:43:43 UTC 2018

On 08-03-18 21:22, Richard Laager wrote:
>> Can't we simply enforce a reasonable level? (e.g. maximum of XX months
>> old version of openssl)
> Probably not, as backported fixes for particular issues will not
> increment the version number.

But fixes by the openssl team /will/ increment the version number.

So my opinion is that eliminating the openssl version check has only one
drawback: we lose our single possibility to influence what openssl we
build against. This /could/ have certain security implications and thus
tainting ntpsec's name.


More information about the devel mailing list