Home > mailing lists

Re: Cutting support for OpenSSL 1.0.1 and 1.0.2 in 17~? - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: Cutting support for OpenSSL 1.0.1 and 1.0.2 in 17~?
Date	March 30 23:59:46
Msg-id	551806.1711832386@sss.pgh.pa.us Whole thread Raw
In response to	Re: Cutting support for OpenSSL 1.0.1 and 1.0.2 in 17~? (Thomas Munro <thomas.munro@gmail.com>)
Responses	Re: Cutting support for OpenSSL 1.0.1 and 1.0.2 in 17~?
List	pgsql-hackers

Tree view

Thomas Munro <thomas.munro@gmail.com> writes:
> I was reminded of this thread by ambient security paranoia.  As it
> stands, we require 1.0.2 (but we very much hope that package
> maintainers and others in control of builds don't decide to use it).
> Should we skip 1.1.1 and move to requiring 3 for v17?

I'd be kind of sad if I couldn't test SSL stuff anymore on my
primary workstation, which has

$ rpm -q openssl
openssl-1.1.1k-12.el8_9.x86_64

I think it's probably true that <=1.0.2 is not in any distro that
we still need to pay attention to, but I reject the contention
that RHEL8 is not in that set.

            regards, tom lane

pgsql-hackers by date:

From: Robert Haas
Date: 30 March, 23:50:26
Subject: Re: Security lessons from liblzma

From: Andres Freund
Date: 31 March, 00:12:44
Subject: Re: Security lessons from liblzma

Re: Cutting support for OpenSSL 1.0.1 and 1.0.2 in 17~? - Mailing list pgsql-hackers

Previous

Next