[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: libressl
From: |
Ludovic Courtès |
Subject: |
Re: libressl |
Date: |
Wed, 02 Mar 2016 22:33:33 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) |
Leo Famulari <address@hidden> skribis:
> On Wed, Mar 02, 2016 at 12:03:17PM +0100, Danny Milosavljevic wrote:
>> Hi,
>>
>> with these openssl security problems lately that don't affect
>> libressl, wouldn't it be better to just use libressl as input
>> everywhere? For the non-removed API, it's compatible, and they merge
>> fixes from openssl anyway - and the attack surface is smaller. (the
>> ABI differs - so it's not advisable to just replace the openssl binary
>> without recompilation of the clients)
>
> If a Scheme wizard can programatically replace all references of openssl
> to libressl in the code base, I would be interested in testing it
> locally.
You can also test with things like this (info "(guix) Package
Transformation Options"):
guix build --with-input=openssl=libressl something
Ludo’.
- libressl, Danny Milosavljevic, 2016/03/02