Date: Sun, 13 Dec 2020 12:12:08 +0000 From: John Long <codeblue@inbox.lv> To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-20:33.openssl Message-ID: <20201213121208.54f8a8ed@inbox.lv> In-Reply-To: <20201213020727.GP64351@kduck.mit.edu> References: <20201209230300.03251CA1@freefall.freebsd.org> <20201211064628.GM31099@funkthat.com> <813a04a4-e07a-9608-40a5-cc8e339351eb@FreeBSD.org> <20201213005708.GU31099@funkthat.com> <20201213020727.GP64351@kduck.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Guys, What about adopting OpenBSD's libressl? I was expecting it to take a long time to be compatible but from my uneducated point of view it looks like they did an incredible job. I think everything on OpenBSD uses it. I was running OpenBSD until I put FreeBSD 12.2 on a new box, so I haven't been looking at for a year or so. Does anybody know if this is a viable option? Can we just link against libressl or is it (much) more involved than that? /jl On Sat, 12 Dec 2020 18:07:27 -0800 Benjamin Kaduk <kaduk@mit.edu> wrote: > On Sat, Dec 12, 2020 at 04:57:08PM -0800, John-Mark Gurney wrote: > > > > If FreeBSD is going to continue to use OpenSSL, better testing > > needs to be done to figure out such breakage earliers, and how to > > not have them go undetected for so long. > > I don't think anyone would argue against increasing test coverage. > The most important question seems to be how to know what should be > getting tested but isn't. Do you have any ideas for where to start > looking? > > Thanks, > > Ben > _______________________________________________ > freebsd-security@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to > "freebsd-security-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20201213121208.54f8a8ed>