On Mar 16, 2005, at 2:39 PM, Lars Rosengreen wrote:
Yes, I think we do. I'll try to construct a list of packages that may be affected.
Thanks Lars.
I guess once we have this, for each package we'll need to:
- Notify the upstream developers that they're sitting on a time bomb. :-)
- Do one of the following, in order of preference:
* Get permission from the upstream devel to link with OpenSSL
* Link the package against OpenTLS
* Link the package against the system OpenSSL (BuildConflict with Fink's version)
* Remove the package from the bindist, possibly from unstable too.
Any other options?
Dave
PGP.sig
Description: This is a digitally signed message part
