[openssl-dev] 0.9.8 support after 31 Dec 2015
Erwann Abalea
erwann.abalea at opentrust.com
Tue Jul 21 11:18:28 UTC 2015
Bonjour,
> Le 21 juil. 2015 à 13:11, Vincent Maury <vmaury at denyall.com> a écrit :
>
> Yes of course.
> But will the dev team suggest backports on this unofficial branch? Can I reasonably expect fixes?
*Suggest* backports, that may or may not be reasonable, depending on growing difference between 0.9.8 and head version at the time of vulnerability detection.
*Expect* fixes, this seems incompatible with an EOL decision.
> -----Message d'origine-----
> De : openssl-dev [mailto:openssl-dev-bounces at openssl.org] De la part de Salz, Rich
> Envoyé : mardi 21 juillet 2015 13:04
> À : openssl-dev at openssl.org
> Objet : Re: [openssl-dev] 0.9.8 support after 31 Dec 2015
>
>> could we (0.9.8 users!) expect patch suggestions from the community on potential vulnerabilities found in 2016, in a best effort approach of course, without any official release?
>
> The best thing to do will probably be to fork the branch into a new repository on github and work there. We will not be checking anything into the "official" stable branch.
>
Cordialement,
Erwann Abalea
More information about the openssl-dev
mailing list