On April 7, 2018 5:42:26 PM CDT, Bruce Dubbs <bruce.du...@gmail.com> wrote: >It's disturbing that openssh still requires a 60K patch to build with >openssl-1.1.0. openssl-1.1.0. has been in release since August 2916.
Memory is fuzzy, but IIRC, this was due to lack of FIPS, which has weak ciphers as part of the standard. Unfortunately, no fancy buzzword means you get a big fat red X, despite exceeding the technical requirements, on the pretty version of your audit report (the one the non-technical people read). There are multiple upstream packages that can't update until this is addressed in 1.1.1. --DJ -- Sent from my Android device with K-9 Mail. Please excuse my brevity. -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page