From owner-freebsd-security@freebsd.org Fri Jan 13 04:21:02 2017 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 11FA4CADE0A for ; Fri, 13 Jan 2017 04:21:02 +0000 (UTC) (envelope-from kaduk@mit.edu) Received: from dmz-mailsec-scanner-4.mit.edu (dmz-mailsec-scanner-4.mit.edu [18.9.25.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8847A125E; Fri, 13 Jan 2017 04:21:01 +0000 (UTC) (envelope-from kaduk@mit.edu) X-AuditID: 1209190f-0cbff70000001694-c3-58785475ef89 Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by (Symantec Messaging Gateway) with SMTP id 3B.CC.05780.57458785; Thu, 12 Jan 2017 23:15:50 -0500 (EST) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id v0D4FmHb021224; Thu, 12 Jan 2017 23:15:49 -0500 Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id v0D4Fjdl014239 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Thu, 12 Jan 2017 23:15:48 -0500 Date: Thu, 12 Jan 2017 22:15:45 -0600 From: Benjamin Kaduk To: Dimitry Andric Cc: Eric van Gyzen , freebsd-security@FreeBSD.org Subject: Re: Plan for OpenSSL in stable/10? Message-ID: <20170113041545.GS8460@kduck.kaduk.org> References: <0a30a1c7-e9d9-7d86-ee17-267e9fb47595@FreeBSD.org> <71C413FC-2417-453E-A075-49860F105A08@FreeBSD.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <71C413FC-2417-453E-A075-49860F105A08@FreeBSD.org> User-Agent: Mutt/1.6.1 (2016-04-27) X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrKIsWRmVeSWpSXmKPExsUixG6nrlsWUhFhcP+IiMWSrn2MFj2bnrBZ 3Di6l9GB2WPGp/ksAYxRXDYpqTmZZalF+nYJXBl77zYwFjxjqbj+9CpTA+NT5i5GTg4JAROJ dZMmMYHYQgJtTBL3m8W6GLmA7I2MErNvnmaCcK4ySUzZvB+sikVAVWLvyx0sIDabgIpEQ/dl sEkiQPbfWXvYQGxmAXeJxtsTGUFsYQFticbJZ9hBbF4BY4kL1xYyQ2wrljg97S0zRFxQ4uTM JywQvVoSN/69BNrFAWRLSyz/xwFicgrYS3y6mgNSISqgLNEw4wHzBEaBWUiaZyFpnoXQvICR eRWjbEpulW5uYmZOcWqybnFyYl5eapGuiV5uZoleakrpJkZQiHJK8u9gnNPgfYhRgINRiYd3 wu3yCCHWxLLiytxDjJIcTEqivN9VKyKE+JLyUyozEosz4otKc1KLDzFKcDArifB2BQPleFMS K6tSi/JhUtIcLErivJcy3SOEBNITS1KzU1MLUotgsjIcHEoSvLtAGgWLUtNTK9Iyc0oQ0kwc nCDDeYCGzwEbXlyQmFucmQ6RP8Woy3Hq04WXTEIsefl5qVLivMogRQIgRRmleXBzQKlFInt/ zStGcaC3hHm1Qap4gGkJbtIroCVMQEsu2pSDLClJREhJNTA2ye9OShUQn69859X+t9XnDjed rIrOOLxlHbOtZrhr2mV9pTbNoKOBN3f16cQvbN+x4kyJq+hS16jSnS8eSa++YVfmerXa942t hn7e0r+tXA9+hwj3GR/af2hHeMmsi0LqPmJlq/UOiSbWz+huKFu8J2+f2pn669JP7Vs3C2sb datn2sfdmKzEUpyRaKjFXFScCAAZcqCgCAMAAA== X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jan 2017 04:21:02 -0000 On Thu, Jan 12, 2017 at 10:57:20PM +0100, Dimitry Andric wrote: > On 12 Jan 2017, at 19:02, Eric van Gyzen wrote: > > > > Has anyone had time to discuss and form a plan for OpenSSL in stable/10, > > now that 1.0.1 is end-of-life? I don't recall seeing any public > > discussion or announcement; forgive me if I missed it. > > Would updating to 1.0.2 change the API and/or ABI? IIRC upstream claims that it is ABI and API compatible, but they were less good about enforcing that rigorously back then than they are now, so maybe some things slipped through the cracks. -Ben