Announcement

**dante** · 09 September 2016, 08:51 AM

Originally posted by nomadewolf View Post

All they had to do was fix the heartbleed problem...
Now M$ and bunch other companies dumped millions on the OpenSSL project.
Bottom line: we a well funded project that everyone is leaving for an underfunded newer project...

Not the FOSS best moment.

OpenSSL has many vulnerabilities , heartbleed is only one of them take a look at nvd.nist.gov or www.cvsdetails.com

**nomadewolf** · 12 September 2016, 12:36 PM

Originally posted by dante View Post

OpenSSL has many vulnerabilities , heartbleed is only one of them take a look at nvd.nist.gov or www.cvsdetails.com

But can't they get fixed?
Can't patches be submited?
Every piece of software has bugs...
Unless you te'll me the OpenSSL maintainers are averse to fix bugs/vulnerabilities once discovered, i don't see what you expect to be different over at LibreSSL...

**dante** · 14 September 2016, 08:10 PM

Originally posted by nomadewolf View Post

But can't they get fixed?
Can't patches be submited?
Every piece of software has bugs...
Unless you te'll me the OpenSSL maintainers are averse to fix bugs/vulnerabilities once discovered, i don't see what you expect to be different over at LibreSSL...

Every software has flaws but at least OpenBSD developers follow better programming practices in terms of security

**starshipeleven** · 14 September 2016, 08:40 PM

Originally posted by nomadewolf View Post

But can't they get fixed?
Can't patches be submited?
Every piece of software has bugs...
Unless you te'll me the OpenSSL maintainers are averse to fix bugs/vulnerabilities once discovered, i don't see what you expect to be different over at LibreSSL...

LibreSSL dumps code doing debatable things to reduce attack surface, among other things.
That's the usual reason it is claimed to be better.

Announcement

DragonFlyBSD Switches Over To LibreSSL By Default

Comment

Comment

Comment

Comment