Re: embedding openssl source in sslcan

To: debian-security@lists.debian.org
Cc: debian-release@lists.debian.org
Subject: Re: embedding openssl source in sslcan
From: Moritz Mühlenhoff <jmm@inutil.org>
Date: Fri, 23 Dec 2016 18:53:30 +0100
Message-id: <[🔎] slrno5qp4q.ako.jmm@inutil.org>
References: <[🔎] 20161222123710.pbppawo4k6trfzyy@breakpoint.cc>

Sebastian Andrzej Siewior <sebastian@breakpoint.cc> schrieb:

Please use team@security.debian.org if you want to reach the security
team, not debian-security@ldo.

> tl;dr: Has anyone a problem if sslscan embeds openssl 1.0.2 in its
> source?

That's for post-stretch, right? Right now it can simply link against
the 1.0.2 copy,

Seems fine to me for that use case, and it won't need any security
updates to the embedded openssl copy for all practical purposes anyway.

Cheers,
        Moritz

Reply to:

Follow-Ups:
- Re: embedding openssl source in sslcan
  - From: Jonathan Yu <jawnsy@cpan.org>

References:
- embedding openssl source in sslcan
  - From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

Prev by Date: Call for testing: upcoming squid3 security update
Next by Date: Re: embedding openssl source in sslcan
Previous by thread: embedding openssl source in sslcan
Next by thread: Re: embedding openssl source in sslcan
Index(es):
- Date
- Thread