On 08-03-18 21:22, Richard Laager wrote: >> Can't we simply enforce a reasonable level? (e.g. maximum of XX months >> old version of openssl) > > Probably not, as backported fixes for particular issues will not > increment the version number.
But fixes by the openssl team /will/ increment the version number. So my opinion is that eliminating the openssl version check has only one drawback: we lose our single possibility to influence what openssl we build against. This /could/ have certain security implications and thus tainting ntpsec's name. Udo _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel