anticipating also a possible (likely?) OpenSSL 3.0.1, as a common
then when releases are done and the test base broadens significantly.
+1 for 3.0.1
Steffen
On Monday 13/09/2021 at 10:08, ste...@eissing.org wrote:
Am 13.09.2021 um 07:23 schrieb Dennis Clarke <dcla...@blastwave.org>:
ALL :
I may receive no reply to this but in general I have been able to
build
Apache httpd from any release tarball as well as from trunk. When
httpd
needed to get TLS 1.3 working it was a slam dunk to get that working
and
it did. However now we have OpenSSL 3.0.0 and it seems that neither
the
latest RC works nor does trunk.
So then ... how to proceed ?
The plan is to make a "OpenSSL 3.0" ready release soon after 2.4.49,
anticipating also a possible (likely?) OpenSSL 3.0.1, as a common
then when releases are done and the test base broadens significantly.
That's my understanding.
One could argue, that 2.4.49 should do that as well, which would mean
delaying it. And there are security relevant changes, not visible in
the candidate, that sit on a timeline.
My personal opinion is that we need to release every other month and
take into it what is ready. The old model of waiting till all stars
align - which is nice as a developer - does not work for CVEs.
- Stefan
--
Dennis Clarke
RISC-V/SPARC/PPC/ARM/CISC
UNIX and Linux spoken
GreyBeard and suspenders optional
PS: trunk 1893292 fails even autoreconf and then more horror follows
