FreeBSD Security Advisory FreeBSD-SA-20:33.openssl
Gordon Tetlow
gordon at tetlows.org
Sun Dec 13 22:16:22 UTC 2020
On Sun, Dec 13, 2020 at 12:12:08PM +0000, John Long via freebsd-security wrote:
> Hi Guys,
>
> What about adopting OpenBSD's libressl? I was expecting it to take a
> long time to be compatible but from my uneducated point of view it
> looks like they did an incredible job. I think everything on OpenBSD
> uses it.
>
> I was running OpenBSD until I put FreeBSD 12.2 on a new box, so I
> haven't been looking at for a year or so.
>
> Does anybody know if this is a viable option? Can we just link against
> libressl or is it (much) more involved than that?
As was mentioned elsewhere, LibreSSL isn't a great fit due to their very
limited support lifespan of a given release. Once a stable release is
made, that branch is only given 1 year of support. This doesn't mesh
well with FreeBSD's 5 year support lifespan of a given branch.
Gordon
More information about the freebsd-security
mailing list