> there would be no ABI changes, right? That'd would be ideal, yes. :) But it's sadly not the case.
Every six months when we prepare a new release, we incorporate newer OpenSSL packages, and it's astonishing how often things are broken, either ABI breaks or regressions introduced in newer versions. OpenSSL upstream's QA process is perhaps not as tuned to discovering this as our processes are. (This makes sense -- they maintain one package that uses OpenSSL. We maintain hundreds that use OpenSSL.) We see enough breaks that we're in no hurry to ship OpenSSL's upstream releases on their schedule. We'll continue to backport security fixes as they are prepared and after they pass our QA process. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1649657 Title: OpenSSL version is not dependable To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1649657/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
