Mail archive

Re: [alpine-devel] Proposed change: openssl 1.1 as default system openssl implementation

From: William Pitcock <>
Date: Fri, 9 Feb 2018 14:10:04 -0600


On Fri, Feb 9, 2018 at 11:38 AM, Natanael Copa <> wrote:
> Hi,
> On Thu, 8 Feb 2018 11:23:26 -0600
> William Pitcock <> wrote:
>> libressl promised to retain compatibility with 1.0.1g APIs, but has
>> failed to do so. As such, there is an increasing workload to keep
>> packages compatible with libressl as it evolves. Therefore, it is
>> obviously not truly a suitable provider for the openssl package, and
>> we should switch back to proper openssl as the default. We will
>> however retain libressl for packages which require it (for example,
>> ones using the new libtls APIs).
>> If there is no objection to this proposed change, I intend to do the
>> swap next week.
> I'd like to wait with the switch til we fully solved the kernel issues
> in stable branches.

Well, I can do the vanilla backports this weekend, but we still need
to decide what to do with hardened. I propose we keep the hardened
kernels around in stable branches and allow people to make their own
decision about it for now. That seems to be the easiest way forward.


Received on Fri Feb 09 2018 - 14:10:04 UTC