Web lists-archives.com

Re: OpenSSL disables TLS 1.0 and 1.1




On 16.08.2017 23:16, Moritz Mühlenhoff wrote:
> Marco d'Itri <md@xxxxxxxx> schrieb:
>>> The only thing you would achieve would be to force people to move
>>> away from Debian to distributions that are still able to interact
>>> with devices running ancient and highly insecure Android firmwares.
>> +1
> 
> I agree it's not something that should end up in a stable release
> (and it's even unfortunate it propagated to testing already), but
> it makes a lot of sense to disable it in unstable for a few months
> to iron out the deficiencies in the applications we ship in
> Debian (such as #802658).

You'd think that you could also find issues such as the one you
referenced by doing test rebuilds and reporting bugs off that. In fact
that particular bug did not need the ongoing breakage to be found - it
was found years ago.

At the same time holding testing hostage does not feel right to me. I
applaud the intention, but I strongly dislike the implementation.

Kind regards
Philipp Kern

Attachment: signature.asc
Description: OpenPGP digital signature