Another bug on OpenSSL

Paul paul at nohats.ca
Sun Jun 8 16:21:08 UTC 2014


That bug was not found by the rampaging libressl people either.

Perhaps moving from OpenSSL to NSS would be better if you are that worried about OpenSSL bugs 

Sent from my iPhone

> On Jun 8, 2014, at 10:21, Álvaro Castillo <netsys at fedoraproject.org> wrote:
> 
> Dear mailing list,
> 
> Few days was built an patch to solve an another vulnerability into
> OpenSSL(http://bits.blogs.nytimes.com/2014/06/05/new-bug-found-in-widely-used-openssl-encryption/?_php=true&_type=blogs&_r=0).
> Some sources talks about that's bug was discovered a long time ago but
> does not fixed.
> 
> However, OpenBSD was created a fork called LibreSSL try to solve this
> issues. Should Fedora to move LibreSSL (http://www.libressl.org/)? Or
> still use OpenSSL and wait what's bug could be found today, or
> tomorrow, or few months to go similar Adobe Flash bugs?
> -- 
> devel mailing list
> devel at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct


More information about the devel mailing list