As we only push static linked jars against boringssl during the release process (we not release one for libressl / openssl) we only are worried about boringssl here.
And yes we are doing a new release once there is a security vuln discovered. Google engineers are also part of the Netty team :) Bye, Norman > On 27 Jun 2016, at 05:08, [email protected] wrote: > > Hi, just wanted to double check that netty-tcnative makes a new release after > any security issues are are fixed for the statically linked SSL library. If > there is just a fix in OpenSSL for example but not the other two, is a new > release made anyway? > > > -- > You received this message because you are subscribed to the Google Groups > "Netty discussions" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] > <mailto:[email protected]>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/netty/40b4d98f-4e73-4a69-9814-ca49a7b94ef4%40googlegroups.com > > <https://groups.google.com/d/msgid/netty/40b4d98f-4e73-4a69-9814-ca49a7b94ef4%40googlegroups.com?utm_medium=email&utm_source=footer>. > For more options, visit https://groups.google.com/d/optout > <https://groups.google.com/d/optout>. -- You received this message because you are subscribed to the Google Groups "Netty discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/netty/2F2356B1-DB45-4544-B0AA-2583E268D8C8%40googlemail.com. For more options, visit https://groups.google.com/d/optout.
