OTC VOTE: Revert the commits merged from PR #16027 in 1.1.1
Matt Caswell
matt at openssl.org
Thu Aug 12 09:20:00 UTC 2021
On 11/08/2021 20:20, Kurt Roeckx wrote:
> But fixing them in stable
> branches is going to cause people problems and prevent them from
> upgrading to a newer version and getting other security fixes.
This is actually an important point. We *want* people to upgrade to the
latest patch release of a stable branch to ensure they get the latest
security fixes. If we introduce "fixes" that actually break people's
applications then their response will be to *not* upgrade at all.
Therefore, even though such a breaking fix might have been introduced
with the best of intentions (to fix a possible (unspecified) security
risk), it might actually have the opposite effect and make our users
*more* vulnerable to security risks.
Matt
More information about the openssl-project
mailing list