-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL version 1.1.1f released
===
OpenSSL - The Open Source toolkit for SSL/TLS
https://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 1.1.1f of our open
I don't see why we hurry so much for 1.1.1f
>
> we got into this situation because everything moves so quickly,
> why does everyone here think we should move even faster now?
>
> What is the reason for this?
>
> Bernd.
>
>> Tim.
>>
>> On Fri, 27 Mar 2020,
There seems to be broad support for a 1.1.1f release. Unless I hear an
OMC objection I will formally announce this tomorrow.
Matt
On 27/03/2020 00:10, Viktor Dukhovni wrote:
> On Thu, Mar 26, 2020 at 11:33:40PM +, Matt Caswell wrote:
>
>> On 26/03/2020 23:15, Viktor Du
On Thu, Mar 26, 2020 at 11:33:40PM +, Matt Caswell wrote:
> On 26/03/2020 23:15, Viktor Dukhovni wrote:
> > On Thu, Mar 26, 2020 at 09:13:32PM +0100, Bernd Edlinger wrote:
> >
> >> we got into this situation because everything moves so quickly,
> >> why does everyone here think we should
On 26/03/2020 23:15, Viktor Dukhovni wrote:
> On Thu, Mar 26, 2020 at 09:13:32PM +0100, Bernd Edlinger wrote:
>
>> we got into this situation because everything moves so quickly,
>> why does everyone here think we should move even faster now?
>>
>> What is the reason for this?
>
> We've
On Thu, Mar 26, 2020 at 09:13:32PM +0100, Bernd Edlinger wrote:
> we got into this situation because everything moves so quickly,
> why does everyone here think we should move even faster now?
>
> What is the reason for this?
We've published a bug-fix release (1.1.1e) that's liable to cause
On 3/26/20 9:10 PM, Tim Hudson wrote:
> We don't guarantee constant time.
>
#11411 does, I don't see why we hurry so much for 1.1.1f
we got into this situation because everything moves so quickly,
why does everyone here think we should move even faster now?
What is the
Todd wrote:
> >>> This type of API-braking change should be reserved for something like
> >>> 3.0, not a patch release.
> >>>
> >>> Despite it being a "incorrect", it is expected behavior.
> >>>
> >>
> >> Right
t;>> Despite it being a "incorrect", it is expected behavior.
>>>
>>
>> Right - but the question now is not whether we should revert it (it has
>> been reverted) - but whether this should trigger a 1.1.1f release soon?
>>
>> Matt
>>
revert it (it has
> been reverted) - but whether this should trigger a 1.1.1f release soon?
>
> Matt
>
> > --
> > -Todd Short
> > // tsh...@akamai.com <mailto:tsh...@akamai.com>
> > // “One if by land, two if by sea, three if by the Internet."
> &g
it (it has
been reverted) - but whether this should trigger a 1.1.1f release soon?
Matt
> --
> -Todd Short
> // tsh...@akamai.com <mailto:tsh...@akamai.com>
> // “One if by land, two if by sea, three if by the Internet."
>
>> On Mar 26, 2020, at 11:03 AM, Dr. M
gt;
>
> From: openssl-project On Behalf Of
> Dmitry Belyavsky
> Sent: Thursday, March 26, 2020 3:48 PM
> To: Matt Caswell
> Cc: openssl-project@openssl.org
> Subject: Re: 1.1.1f
>
>
> On Thu, Mar 26, 2020 at 5:14 PM Matt Caswell <mailto:m...@opens
bit of stuff, I propose
> that we do a 1.1.1f soon (possibly next Tuesday - 31st March).
>
> Thoughts?
>
How about adding #11411 constant time AES no-asm support then?
that should be safe, as it is something that is not enabled by default.
> Matt
>
> Please also consider reverting the change for the 3.0 alpha release as well,
> see Daniel Stenbergs comment
> https://github.com/openssl/openssl/issues/11378#issuecomment-603730581
Never mind my last comment. I noticed a lot of discussion has been going on in
issue #11378 and I was not
quite
:48 PM
To: Matt Caswell
Cc: openssl-project@openssl.org
Subject: Re: 1.1.1f
On Thu, Mar 26, 2020 at 5:14 PM Matt Caswell
mailto:m...@openssl.org>> wrote:
The EOF issue (https://github.com/openssl/openssl/issues/11378) has
resulted in us reverting the original EOF change in the 1.1.1 branch
ken quite a bit of stuff, I propose
> that we do a 1.1.1f soon (possibly next Tuesday - 31st March).
>
> Thoughts?
>
I strongly support this idea.
--
SY, Dmitry Belyavsky
ve broken quite a bit of stuff, I propose
> that we do a 1.1.1f soon (possibly next Tuesday - 31st March).
>
> Thoughts?
I think my opinion is clear from the discussions in GitHub. But for the
record: Yes, I agree with it, unless we know of anything major just
ahead.
--
Tomáš Mráz
No matte
a bit of stuff, I propose
> that we do a 1.1.1f soon (possibly next Tuesday - 31st March).
>
> Thoughts?
>
slow down?
> Matt
>
The EOF issue (https://github.com/openssl/openssl/issues/11378) has
resulted in us reverting the original EOF change in the 1.1.1 branch
(https://github.com/openssl/openssl/pull/11400).
Given that this seems to have broken quite a bit of stuff, I propose
that we do a 1.1.1f soon (possibly next
19 matches
Mail list logo