On 10/30/2017 04:05, Julian Elischer wrote: > On 29/10/17 8:36 am, Eric McCorkle wrote: >> On 10/28/2017 09:15, Poul-Henning Kamp wrote: >>> -------- >>> In message <[email protected]>, Benjamin Kaduk >>> writes: >>> >>>> I would say that the 1.1.x series is less bad, especially on the >>>> last count, >>>> but don't know how much you've looked at the differences in the new >>>> branch. >>> While "less bad" is certainly a laudable goal for OpenSSL, I hope >>> FreeBSD has higher ambitions. >>> >> I'm curious about your thoughts on LibreSSL as a possible option. > > what gives any evidence as to it being any better?
At least as about its first year and a half, LibreSSL had a markedly better track record than OpenSSL (zero high-severity CVEs vs 5 from OpenSSL, about half as many mid- and low-security CVEs). _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
