From mboxrd@z Thu Jan 1 00:00:00 1970 From: Leo Famulari Subject: Re: Upcoming OpenSSL updates Date: Tue, 23 May 2017 13:55:45 -0400 Message-ID: <20170523175545.GB18648@jasmine> References: <20170523044002.GA13076@jasmine> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="i9LlY+UWpKt15+FH" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:54790) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dDE2B-0001qz-WA for guix-devel@gnu.org; Tue, 23 May 2017 13:55:53 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dDE27-0001vu-2T for guix-devel@gnu.org; Tue, 23 May 2017 13:55:52 -0400 Received: from out1-smtp.messagingengine.com ([66.111.4.25]:45709) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dDE26-0001vo-Ur for guix-devel@gnu.org; Tue, 23 May 2017 13:55:47 -0400 Received: from localhost (50-73-210-114-philadelpia.hfc.comcastbusiness.net [50.73.210.114]) by mail.messagingengine.com (Postfix) with ESMTPA id 101D524772 for ; Tue, 23 May 2017 13:55:46 -0400 (EDT) Content-Disposition: inline In-Reply-To: <20170523044002.GA13076@jasmine> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: guix-devel@gnu.org --i9LlY+UWpKt15+FH Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, May 23, 2017 at 12:40:02AM -0400, Leo Famulari wrote: > On May 25 between 1200=E2=80=931600UTC, OpenSSL will release some bug-fix > updates: >=20 > https://mta.openssl.org/pipermail/openssl-announce/2017-May/000098.html >=20 > Apparently, none of the fixes are for security problems. >=20 > However, I still think we should apply the update of openssl@1.0.2 with > a graft, if the ABI is unchanged, unless none of the changes are > relevant for GNU / Linux systems. I thought about it some more, and now I'm not so sure we should start grafting non-security related bug fixes, in general. For this case, let's see what the changes are. I'm still interested in your thoughts! --i9LlY+UWpKt15+FH Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlkkd6EACgkQJkb6MLrK fwg3JBAAuQy+HVyMIKR0i1fPChGLa0t9KZgPnTU3xSOBlh+QMQMszU35SLH0H5qG mbnU14redvCthbpN55xnkEJnuRckcZSG1lBYgjTyiCPQaBmNl6FMy9E/EjdBOgId PUGImfToiLE1UZ9UgJyV37SGAK8k7HTA1YVU0tPzaRma6k9iRV5bXWvlHRQQ30Zb LRFSc6LFjNKr3tfr0RaMNSrXuVTGZM3BfequcF4QsXi/Nkm8RluJ0ybq75n2r23o zienul9UsJUVMsk3YLhohtMaU4V+sp4yZZ1h9LvgkCB1PPoA4e/PG5s22mIDw0Da 02gvqtU8k0zVjsvABglTnWNCjrIR9rBE9v8E4KuRZPE9NewTg6NAZ0Ibfupo1kgr vCpn/voJ1mc8dHxz/fQtWOlrgPwvjlXVUZkvbCLv7ZA7fXhjEDmGss3ApD0Wvpti b1I4RhY2Y/WrE3+L8lwFAIMlBsCKbeavCrkkYbiIguxuMnQwyqFTfkxLLFYddyek GpsSNcsGZZEXZMsCbo8wRp2TyMIx3f6xg3vRoLCFoa4vbep78mM+LZRArmZffuig cVhOa+r72erv/7BElqI6nP4eaNRlmr6UdHA1Sum2yX9DBC34jq+oxkTkSS4Nn2iu ZtJhxleShEF0aIqL8/xvAglPwr3RQFlfS5AnMNx77nbvKb8IZMA= =KGkF -----END PGP SIGNATURE----- --i9LlY+UWpKt15+FH--