Announcement

Collapse
No announcement yet.

OpenSSL Affected By Four More Security Vulnerabilities

Collapse
X
Collapse
 
  • Page of 2
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 template Next
  • #11
    Originally posted by darkbasic View Post
    Is it already possible to build a gentoo system with libressl instead of openssl?
    I would like that too, just with GnuTLS instead of OpenSSL, but unfortunately Portage insists on OpenSSL at the moment.

    Comment

    • #12
      Originally posted by joecool View Post


      Yep, I've been running libressl gentoo systems for over 6 months now. Just add libressl overlay and set libressl global useflag. The only notable project that can't be patched easily is the last two major versions of NodeJS, but they also lack support for OpenSSL 0.9.x, but that project also seems to be run by crazy people with 0 interest in stability (pushing two API breaking releases in a month).

      Oh and bitcoin.... their devs don't trust libressl on their spaghetti. Need to patch out the check for it and it works fine.
      How lucky, I use both node and bitcoin.
      ## VGA ##
      AMD: X1950XTX, HD3870, HD5870
      Intel: GMA45, HD3000 (Core i5 2500K)

      Comment

      • #13
        Originally posted by bpetty View Post
        Is LibreSSL affected?
        Yes, they applied the fixes for CVE-2015-319{4,5}. CVE-2015-319{3,6} are not affected: http://marc.info/?l=openbsd-tech&m=144920913324251&w=2
        Last edited by wretched_dutchman; 04 December 2015, 04:34 AM.

        Comment

        • #14
          Originally posted by tigerroast View Post
          And there it is.

          Does LibreSSL have the occasional heart-stopper that's far quieter or can you run Fort Knox on it?
          ignore joecool. it's designed for things like Fort Knox.

          Comment

          Previous 1 2 template Next
          Working...
          X