Re: [alpine-devel] Switching back to OpenSSL
On Thu, Oct 11, 2018 at 5:17 PM Natanael Copa <ncopa_at_alpinelinux.org> wrote:
> Are there any good reasons to not switch back to OpenSSL for v3.9?
> Some reasons why I think we should switch back to OpenSSL:
> - better upstream support from projects
> - To my understanding, various of the issues in OpenSSL that made us
> switch to libressl have been resolved. (for example memory management)
> - libressl failed to retain compability with OpenSSL
> - libressl breaks ABI every 6 months, OpenSSL does not
> - FIPS support
> Some reasons to why we may continue with libressl may be:
> - its smaller
> - has fewer CVEs (due to their approach to remove stuff)
> - libtls
> Previous thread on the issue:
I think that the package maintenance work alone doesn't justify LibreSSL
pros, not to mention that some packages never worked with LibreSSL (not
implying that is due to LibreSSL fault).
+1 to revert.
Received on Thu Oct 11 2018 - 18:39:14 GMT