Re: [RFC] Switching back to OpenSSL

Github messages for voidlinux
 help / color / mirror / Atom feed

From: fosslinux <fosslinux@users.noreply.github.com>
To: ml@inbox.vuxu.org
Subject: Re: [RFC] Switching back to OpenSSL
Date: Tue, 11 Aug 2020 09:47:08 +0200	[thread overview]
Message-ID: <20200811074708.Mc-265pxrwthG6LpUYFMfMBsQyG8uDD5-notmyTTKuo@z> (raw)
In-Reply-To: <gh-mailinglist-notifications-41a7ca26-5023-4802-975b-f1789d68868e-void-packages-20935@inbox.vuxu.org>

[-- Attachment #1: Type: text/plain, Size: 1047 bytes --]

New comment by fosslinux on void-packages repository

https://github.com/void-linux/void-packages/issues/20935#issuecomment-671787206

Comment:
CVEs are an interesting thing, and actually a point I brought up much earlier, I think on IRC, when I wasn't convinced of moving back to OpenSSL. Basically, OpenSSL is a far more audited codebase and receives more auditing attention than LibreSSL.

I don't see linters/static analysis code checking tools, alone, as evidence of poor coding practices. An OpenSSL dev said in one of those threads that many are false positives.

In addition, each of the articles you linked above (excluding the recent vuln, which was discussed earlier in this thread) are 3+ years old. Again, I am of the opinion that the code quality has improved in that time.

Anyway, I don't think I'll go back and forth, let others lay down their opinions on your data if they would like.

Thanks for the threads, btw, interesting reads, which do reinforce Void's position for originally changing to LibreSSL... at the time.

next prev parent reply	other threads:[~2020-08-11  7:47 UTC|newest]

Thread overview: 143+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-04-12 21:44 [ISSUE] " Johnnynator
2020-04-13  0:45 ` travankor
2020-04-13  0:46 ` xtraeme
2020-04-13  0:48 ` protonesso
2020-04-13  0:55 ` q66
2020-04-13  0:57 ` q66
2020-04-13  0:58 ` q66
2020-04-13  1:00 ` travankor
2020-04-13  1:01 ` travankor
2020-04-13  8:58 ` pullmoll
2020-04-13  9:09 ` xtraeme
2020-04-13 10:57 ` xtraeme
2020-04-13 11:29 ` Duncaen
2020-04-13 12:02 ` Hoshpak
2020-04-13 12:04 ` xtraeme
2020-04-13 12:06 ` xtraeme
2020-04-13 12:09 ` xtraeme
2020-04-13 12:09 ` xtraeme
2020-04-16 12:16 ` Johnnynator
2020-04-16 12:18 ` xtraeme
2020-04-16 12:19 ` xtraeme
2020-04-16 12:20 ` xtraeme
2020-04-16 12:22 ` xtraeme
2020-04-16 12:26 ` Johnnynator
2020-04-16 12:29 ` Johnnynator
2020-04-16 12:29 ` xtraeme
2020-04-16 12:31 ` travankor
2020-04-16 12:32 ` xtraeme
2020-04-16 12:33 ` xtraeme
2020-04-16 12:34 ` travankor
2020-04-16 12:34 ` travankor
2020-04-16 12:34 ` travankor
2020-04-16 12:34 ` travankor
2020-04-16 12:35 ` xtraeme
2020-04-16 12:35 ` xtraeme
2020-04-16 12:37 ` xtraeme
2020-04-16 12:40 ` Johnnynator
2020-04-16 12:40 ` Johnnynator
2020-04-16 12:42 ` Johnnynator
2020-04-16 12:43 ` xtraeme
2020-04-16 12:45 ` xtraeme
2020-04-16 12:45 ` xtraeme
2020-04-16 12:51 ` travankor
2020-04-16 12:52 ` travankor
2020-04-16 12:53 ` xtraeme
2020-04-16 12:53 ` Johnnynator
2020-04-16 12:54 ` Johnnynator
2020-04-16 12:55 ` travankor
2020-04-16 12:58 ` travankor
2020-04-16 13:04 ` xtraeme
2020-04-16 13:04 ` xtraeme
2020-04-16 13:05 ` xtraeme
2020-04-16 13:06 ` travankor
2020-04-16 13:07 ` q66
2020-04-16 13:09 ` q66
2020-04-16 13:11 ` xtraeme
2020-04-16 13:12 ` xtraeme
2020-04-16 13:15 ` xtraeme
2020-04-16 13:15 ` q66
2020-04-16 13:18 ` xtraeme
2020-04-16 13:18 ` xtraeme
2020-04-16 13:19 ` q66
2020-04-16 13:21 ` xtraeme
2020-04-16 13:21 ` q66
2020-04-16 13:23 ` xtraeme
2020-04-16 13:24 ` q66
2020-04-16 13:26 ` Johnnynator
2020-04-16 13:28 ` q66
2020-04-16 13:33 ` xtraeme
2020-04-16 13:33 ` xtraeme
2020-04-16 13:35 ` xtraeme
2020-04-16 13:37 ` xtraeme
2020-04-17  6:18 ` Ypnose
2020-04-17  6:18 ` Ypnose
2020-04-17 10:06 ` travankor
2020-04-17 10:06 ` travankor
2020-04-17 10:06 ` travankor
2020-04-17 14:54 ` mobinmob
2020-04-21 21:35 ` howtologinquickwiththirtyninecharacters
2020-04-22 12:16 ` Hoshpak
2020-04-22 12:19 ` xtraeme
2020-04-22 15:05 ` q66
2020-04-23  2:36 ` the-maldridge
2020-04-23  3:35 ` eli-schwartz
2020-04-23  4:43 ` constptr
2020-04-23  7:59 ` fosslinux
2020-04-23  8:23 ` travankor
2020-04-23 10:25 ` Duncaen
2020-04-23 10:29 ` Duncaen
2020-04-23 11:19 ` q66
2020-04-23 11:20 ` constptr
2020-04-24  6:34 ` Ypnose
2020-04-24  7:32 ` the-maldridge
2020-04-24 14:01 ` q66
2020-04-24 16:48 ` q66
2020-04-27 20:31 ` Vaelatern
2020-04-30 21:38 ` CameronNemo
2020-05-01 17:59 ` marmeladema
2020-05-01 18:08 ` marmeladema
2020-05-04  3:56 ` concatime
2020-05-04  3:56 ` concatime
2020-05-04  3:58 ` concatime
2020-05-04  4:00 ` concatime
2020-05-04 12:28 ` travankor
2020-05-15 19:48 ` imrn
2020-05-15 20:55 ` Vaelatern
2020-05-15 20:55 ` Vaelatern
2020-07-30 15:02 ` marmeladema
2020-07-31  0:34 ` fosslinux
2020-08-09  7:37 ` bugcrazy
2020-08-09  9:40 ` Duncaen
2020-08-09  9:41 ` Duncaen
2020-08-09 23:06 ` fosslinux
2020-08-09 23:06 ` fosslinux
2020-08-11  7:07 ` bugcrazy
2020-08-11  7:47 ` fosslinux [this message]
2020-08-11 16:37 ` concatime
2020-08-11 16:37 ` concatime
2020-08-11 19:42 ` q66
2020-08-12  0:35 ` fosslinux
2020-08-12  1:03 ` q66
2020-08-12  1:53 ` fosslinux
2021-01-04 23:06 ` mgorny
2021-01-06 10:19 ` marmeladema
2021-01-06 18:31 ` AngryPhantom
2021-01-06 18:32 ` AngryPhantom
2021-02-11  0:48 ` kawaiiamber
2021-02-11  1:02 ` eli-schwartz
2021-02-11  1:06 ` kawaiiamber
2021-02-11  1:13 ` eli-schwartz
2021-02-11  1:28 ` ericonr
2021-02-22  9:12 ` mikhailnov
2021-03-01 20:36 ` Logarithmus
2021-03-01 20:44 ` Logarithmus
2021-03-01 21:06 ` eli-schwartz
2021-03-01 21:27 ` ericonr
2021-09-19 13:10 ` dm17
2021-09-19 16:07 ` Vaelatern
2021-09-19 16:07 ` Vaelatern
2021-09-19 16:07 ` Vaelatern
2021-09-19 17:31 ` mgorny
2021-09-20 18:17 ` bugcrazy
2021-09-20 18:32 ` Duncaen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200811074708.Mc-265pxrwthG6LpUYFMfMBsQyG8uDD5-notmyTTKuo@z \
    --to=fosslinux@users.noreply.github.com \
    --cc=ml@inbox.vuxu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).