Date: Fri, 27 Jan 2017 15:46:35 -0600 From: Benjamin Kaduk <kaduk@mit.edu> To: Xin LI <delphij@gmail.com> Cc: Oliver Pinter <oliver.pinter@hardenedbsd.org>, Xin LI <delphij@freebsd.org>, Dimitry Andric <dim@freebsd.org>, "freebsd-security@freebsd.org" <freebsd-security@freebsd.org>, Eric van Gyzen <vangyzen@freebsd.org> Subject: Re: Plan for OpenSSL in stable/10? Message-ID: <20170127214635.GT8460@kduck.kaduk.org> In-Reply-To: <CAGMYy3v_gBNcRr=39wNZvg3seJPJmhMyCf2G_0fbSbUxhBjcFQ@mail.gmail.com> References: <0a30a1c7-e9d9-7d86-ee17-267e9fb47595@FreeBSD.org> <71C413FC-2417-453E-A075-49860F105A08@FreeBSD.org> <20170113041545.GS8460@kduck.kaduk.org> <CAPQ4ffvfFYDb28bh-L%2BFmza1zRdBm8Hfh_bXD7b51DJQ9vUb4Q@mail.gmail.com> <CAGMYy3v_gBNcRr=39wNZvg3seJPJmhMyCf2G_0fbSbUxhBjcFQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Er, which three symbols? I'm not sure that I'm reading the tool properly; e.g., the 1.0.2 line has "4 removed", which seems to be comparing to 1.0.1u, which is not a fair comparison -- some symbols were added during the 1.0.1 series, e.g., for CVE fixes, that were also added to the 1.0.2 series, but were not present in 1.0.2<no-letter>. (BTW I posted to upstream about this at https://mta.openssl.org/pipermail/openssl-dev/2017-January/009042.html) -Ben On Thu, Jan 26, 2017 at 02:10:55PM -0800, Xin LI wrote: > They are not compatible: > https://abi-laboratory.pro/tracker/timeline/openssl/ > > (3 missing symbols needs to be fixed, and we need to verify if the result > is still compatible; the usage of these missing symbols should be quite > rare, though). > > On Thu, Jan 26, 2017 at 1:48 PM, Oliver Pinter < > oliver.pinter@hardenedbsd.org> wrote: > > > On 1/13/17, Benjamin Kaduk <kaduk@mit.edu> wrote: > > > On Thu, Jan 12, 2017 at 10:57:20PM +0100, Dimitry Andric wrote: > > >> On 12 Jan 2017, at 19:02, Eric van Gyzen <vangyzen@FreeBSD.org> wrote: > > >> > > > >> > Has anyone had time to discuss and form a plan for OpenSSL in > > >> > stable/10, > > >> > now that 1.0.1 is end-of-life? I don't recall seeing any public > > >> > discussion or announcement; forgive me if I missed it. > > >> > > >> Would updating to 1.0.2 change the API and/or ABI? > > > > > > IIRC upstream claims that it is ABI and API compatible, but they were > > less > > > good about enforcing that rigorously back then than they are now, so > > maybe > > > some things slipped through the cracks. > > > > > > > Is there any news regards to these questions? > > > > > -Ben > > > _______________________________________________ > > > freebsd-security@freebsd.org mailing list > > > https://lists.freebsd.org/mailman/listinfo/freebsd-security > > > To unsubscribe, send any mail to "freebsd-security-unsubscribe@ > > freebsd.org" > > > > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20170127214635.GT8460>