Hi,
On 2014-09-09 04:47, Maxim Dounin wrote:
What make you think that there are any vulnerabilities? As far as
I know, OpenSSL 0.9.7* (the oldest branch nginx currently supports
compilation with) is still commercially supported as a part of at
least one OS, and will be supported till 2017.
Hey Maxim,
After looking into http://trac.nginx.org/nginx/ticket/618,
I'm rather sceptical about BoringSSL-related fixes.
To be fair, it was a regression that was fixed pretty fast once reported.
On the other hand, if they indeed remove something we use, it may
be a good enough reason to
Wouldn't it be better to drop support for ancient OpenSSL versions? It
would be a great step for performance and security. Are there any good
reasons to support old OpenSSL versions?
Richard
On 9/8/2014 10:06 AM, Piotr Sikora wrote:
Hey Maxim,
After looking into
Hello!
On Mon, Sep 08, 2014 at 11:48:28PM +0200, Richard Fussenegger, BSc wrote:
On 9/8/2014 7:22 PM, Maxim Dounin wrote:
Hello!
On Mon, Sep 08, 2014 at 01:01:02PM +0200, Richard Fussenegger, BSc wrote:
Wouldn't it be better to drop support for ancient OpenSSL versions? It would
be a
Hello!
On Wed, Sep 03, 2014 at 02:53:23PM -0700, Piotr Sikora wrote:
# HG changeset patch
# User Piotr Sikora pi...@cloudflare.com
# Date 1409780995 25200
# Wed Sep 03 14:49:55 2014 -0700
# Node ID 9c59138cd7030a88a761856f849c581924ca1a3b
# Parent
# HG changeset patch
# User Piotr Sikora pi...@cloudflare.com
# Date 1409780995 25200
# Wed Sep 03 14:49:55 2014 -0700
# Node ID 9c59138cd7030a88a761856f849c581924ca1a3b
# Parent 3f5f0ab59b359064db16e1aa52dfca335720dff6
SSL: guard use of all SSL options for bug workarounds.
Some of the