[openssl-dev] 0.9.8 support after 31 Dec 2015
Florian Weimer
fweimer at redhat.com
Fri Jul 24 12:09:23 UTC 2015
On 07/21/2015 01:16 PM, Brad House wrote:
> I'm sure you're not the only one that will be needing to support 0.9.8
> after the
> official EOL. RedHat Enterprise Linux 5 comes to mind (supported until
> 3/2017),
> so there will definitely be others providing security related patches.
On the other hand, Red Hat will only backport critical security fixes to
Red Hant Enterprise Linux 5 because it is in Production Phase 3. This
is considerably narrower than what is currently provided by OpenSSL
upstream 0.9.8.
(The main problem people have with 0.9.8 right now is lack of TLS
1.1/1.2 support, and fixing that while preserving binary compatibility
with 0.9.8 is quite a challenge.)
--
Florian Weimer / Red Hat Product Security
More information about the openssl-dev
mailing list