[Bug 1991] openssl version checking needs updating

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Fri Mar 30 11:50:11 EST 2012


--- Comment #7 from Darren Tucker <dtucker at zip.com.au> 2012-03-30 11:50:11 EST ---
Thinking about it some more, the cases you need to consider:
#1: you upgrade openssl to a newer fix version.  obviously you don't
want ssh to stop working and with this diff, it won't.

#2: you upgrade ssh with something built against the same major and
minor version but a newer fix version.  Right now, you can't deploy
that unless you upgrade openssl first.

is #2 a reasonable thing to do?  I would argue that it is.

Damien's counter-argument is from the OpenSSL home page: "OpenSSL 1.0.1
is now available, including new features".

Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list