| 1 |
> On Sun, 2021-01-03 at 21:47 +0100, Michał Górny wrote: |
| 2 |
> Hello, |
| 3 |
|
| 4 |
> > Please review the news item inlined below. This is based on what |
| 5 |
> > I discussed with blueness (LibreSSL team lead). The news item is kinda |
| 6 |
> > long-ish because I wanted to include the full rationale since I believe |
| 7 |
> > our users will find it desirable to know it. |
| 8 |
|
| 9 |
> > If it's ok, I'd like to push it soonish. This will give people around |
| 10 |
> > 4 weeks to prepare and/or migrate their systems manually before being |
| 11 |
> > hit by the masks. Afterwards, we'll mask libressl with a prolonged |
| 12 |
> > removal date. I'm thinking of 3 months since I suspect that our |
| 13 |
> > packages will start strongly requiring OpenSSL by then. |
| 14 |
|
| 15 |
> > I'm mentioning the LibreSSL overlay since one of our users is |
| 16 |
> > interested in maintaining it. It will probably be the best alternative |
| 17 |
> > for users who want to continue fighting the lost cause without causing |
| 18 |
> > major problems for Gentoo mainline. |
| 19 |
|
| 20 |
> Thank you all for feedback. I've just pushed the last version. |
| 21 |
|
| 22 |
> Best regards, |
| 23 |
> Michał Górny |
| 24 |
|
| 25 |
Just a couple days ago, I found an article through Distrowatch: Void Linux is dropping LibreSSL in favor of OpenSSL. |
| 26 |
|
| 27 |
2021-02-28 Void to switch back to OpenSSL |
| 28 |
void At the start of the year we mentioned the Gentoo project was considering dropping support for LibreSSL, a fork of the OpenSSL cryptography library. While LibreSSL was intended to be smaller, lighter, and more secure, a lot of work and improvements have gone into OpenSSL while not many Linux packages are tested against LibreSSL, causing problems for their maintainers. The extra effort to maintain compatibility with LibreSSL while new features arrive in OpenSSL first has caused the Void team to switch from running LibreSSL back to OpenSSL. "The Void Linux team is switching back to OpenSSL on March 5th, 2021 (2021-03-05). For most users, there should be no noticeable change. If you have any packages installed that are no longer provided by Void, or your system has explicit dependencies on LibreSSL, you will of course need to take action to ensure your system continues to function after the switch." |
| 29 |
|
| 30 |
URL of Void Linux article is |
| 31 |
|
| 32 |
https://voidlinux.org/news/2021/02/OpenSSL.html |
| 33 |
|
| 34 |
Tom |
Archives