On 03/03/2012 12:19, Jerry wrote: > On Fri, 02 Mar 2012 23:43:32 +0000 > Matthew Seaman articulated: > >> Stable/9, but this hasn't changed in 9.0-RELEASE: >> >> worm:~:# /usr/bin/openssl version >> OpenSSL 0.9.8q 2 Dec 2010 > > Matthew, why does FreeBSD continue to use an older version of OPENSSL > for the base system when a newer version is available? While I could > understand, even if not fully approve the use of an older version in > the same major version, its continues use as the de facto standard in an > entirely new major version release is counter productive. There have > been many improvements in the 1.x release of OPENSSL so I fail to see > the logical use of the older version. If anything, they (the FreeBSD > developers) could keep this older version available in the ports system > and use the newer version as the default in the base system.
Unfortunately I can't answer that. I'm not in any position to decide
such things.
However I can hazard a guess at some of the possible reasons:
* openssl API changes between 0.9.x and 1.0.0 mean updating the
shlibs is not a trivial operation, and it was judged that the
benefits obtained from updating did not justify the effort.
* no one had any time to import the new version. There's plenty of
security-critical stuff depending on openssl, and making sure all
of that didn't suffer from any regressions is not a trivial job.
* simply that no one thought of doing the upgrade.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
JID: [email protected] Kent, CT11 9PW
signature.asc
Description: OpenPGP digital signature
