On 07/21/2015 01:16 PM, Brad House wrote: > I'm sure you're not the only one that will be needing to support 0.9.8 > after the > official EOL. RedHat Enterprise Linux 5 comes to mind (supported until > 3/2017), > so there will definitely be others providing security related patches.
On the other hand, Red Hat will only backport critical security fixes to Red Hant Enterprise Linux 5 because it is in Production Phase 3. This is considerably narrower than what is currently provided by OpenSSL upstream 0.9.8. (The main problem people have with 0.9.8 right now is lack of TLS 1.1/1.2 support, and fixing that while preserving binary compatibility with 0.9.8 is quite a challenge.) -- Florian Weimer / Red Hat Product Security _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
