On Wed, Aug 15, 2018 at 09:52:53PM -0500, Douglas R. Reno wrote:
> On Wed, Aug 15, 2018 at 9:44 PM DJ Lucas <[email protected]> wrote:
>
> We also need to consider the backlash possible if we do not update to the
> latest OpenSSL version prior to release.
>
One further comment: if openssl was still in BLFS I think we would
have updated it in the run-up to a release, even if (like the last
curl vulnerability) the risk was low (only for people using curl via
SMTP in that case) and we did not initially rush to update.
ĸen
--
Entropy not found, thump keyboard to continue
--
http://lists.linuxfromscratch.org/listinfo/lfs-dev
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
