殷啟聰 <[email protected]> schrieb: > Dear Debian Security Team,
Our contact address is [email protected], not debian-security... > The "android-tools" packaging team ><https://qa.debian.org/developer.php?login=android-tools-devel%40lists.alioth.debian.org> > are introducing BoringSSL, a fork of OpenSSL by Google. The latest > Android OS and its SDK no longer use OpenSSL and they use some APIs > only provided by BoringSSL, hence we are bringing BoringSSL to Debian. > You can see the ITP at <https://bugs.debian.org/823933>. No, that's not acceptable. You can try to provide that additional APIs on top of OpenSSL, but we're not going to support an entire OpenSSL fork just for Google's NIH syndrome. Cheers, Moritz
