FreeBSD Security Advisory FreeBSD-SA-20:33.openssl
John-Mark Gurney
jmg at funkthat.com
Mon Dec 14 06:54:19 UTC 2020
Benjamin Kaduk wrote this message on Sat, Dec 12, 2020 at 18:07 -0800:
> On Sat, Dec 12, 2020 at 04:57:08PM -0800, John-Mark Gurney wrote:
> >
> > If FreeBSD is going to continue to use OpenSSL, better testing needs to
> > be done to figure out such breakage earliers, and how to not have them
> > go undetected for so long.
>
> I don't think anyone would argue against increasing test coverage.
> The most important question seems to be how to know what should be getting
> tested but isn't. Do you have any ideas for where to start looking?
Is there a CI pipeline setup for OpenSSL testing on -current and the
stable branches? If so, where the results posted? Are the existing
test suite being run? Why was the engine test not being run? Has that
now been fixed?
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
More information about the freebsd-security
mailing list