On Thu, Apr 10, 2014 at 03:33:09PM -0400, Steven Kneizys wrote:
> But from what I am reading it seems like we have
> a patched version but that the problem isn't fully fixed.
The specific problem is fully fixed. The ongoing discussion is
about structural improvements to the code to make similar issues
less likely or likely to have less impact in the future.
> I am trying to
> decide if
> some of the unimplemented bug-fixes submitted are worth putting in at this
> time.
You should probably wait.
> I am trying to figure out what extra things, if any, I should include in a
> compile. Should I start with 1.0.1f and just disable heartbeats?
This is one option.
> Or do that on 1.0.1g?
Also an option, but not essential.
> Of the unimplemented bug-fixes or issues outstanding, which should we be
> working on with the highest priority?
There are no publically known outstanding high-urgency issues.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
