Openembedded Core Discussions
 help / color / mirror / Atom feed
From: Mark Hatle <mark.hatle@windriver.com>
To: Khem Raj <raj.khem@gmail.com>
Cc: "Gupta, Rahul KumarXX" <rahul.kumarxx.gupta@intel.com>,
	"openembedded-core@lists.openembedded.org"
	<openembedded-core@lists.openembedded.org>
Subject: Re: openssl: OpenSSL 1.1.x update
Date: Thu, 6 Oct 2016 09:21:26 -0500	[thread overview]
Message-ID: <687e0950-a18a-5d44-aeae-18517df275e6@windriver.com> (raw)
In-Reply-To: <CAMKF1spG=v7_wb_VYktNBL7NTan28NbB47G7u2B_-E43jBL8vQ@mail.gmail.com>

On 10/5/16 9:59 PM, Khem Raj wrote:
> On Wed, Oct 5, 2016 at 7:33 PM, Mark Hatle <mark.hatle@windriver.com> wrote:
>> On 10/5/16 9:11 PM, Tan, Raymond wrote:
>>> Greetings, I would like to know if there is any plan / schedule to upgrade to openssl 1.1.0 into OE-core?
>>
>> Currently 1.0.2 is the LTS version of OpenSSL.  1.1.0 is not scheduled to be LTS.
>>
>> For the upcoming release (soon), I would NOT expect 1.1.0 to be in it.  There
>> are still too many incompatibilities with other components.
>>
>> For the next version of OE, I think it is appropriate to include 1.1.0, but I
>> would also like to maintain 1.0.2 for the time being.  (Beside LTS, it also is
>> still the only way to have FIPS-140-2 module, as there is currently no module in
>> the 1.1.0 -- and there may not be for a while.)
> 
> What do we get with 1.1.0 ?

Latest and greatest code of course.. :)

Reality, not a lot more over 1.0.2... there are some significant redesigns that
should help improve overall security of the OpenSSL library and items using the
library.  But various things will have to be updated to make use of this.

The OpenSSL community itself is looking at 1.1.0 as a transition to newer and
better design/api/etc... which is why it is not marked as a LTS release.

Beside my basic understanding (above) there should be information as part of the
1.1.0 release notes.

--Mark

>>
>> --Mark
>>
>>> Thanks!
>>>
>>> Raymond Tan
>>>
>>
>> --
>> _______________________________________________
>> Openembedded-core mailing list
>> Openembedded-core@lists.openembedded.org
>> http://lists.openembedded.org/mailman/listinfo/openembedded-core



  reply	other threads:[~2016-10-06 14:21 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-10-06  2:11 openssl: OpenSSL 1.1.x update Tan, Raymond
2016-10-06  2:33 ` Mark Hatle
2016-10-06  2:59   ` Khem Raj
2016-10-06 14:21     ` Mark Hatle [this message]
2016-10-06 15:22       ` Khem Raj
2016-10-06 15:39         ` Mark Hatle
2016-10-13 10:35           ` Tan, Raymond
2016-10-13 10:49             ` Hatle, Mark
2016-12-13 16:00           ` Alexander Kanavin
2016-10-06  2:44 ` Paul Eggleton

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=687e0950-a18a-5d44-aeae-18517df275e6@windriver.com \
    --to=mark.hatle@windriver.com \
    --cc=openembedded-core@lists.openembedded.org \
    --cc=rahul.kumarxx.gupta@intel.com \
    --cc=raj.khem@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox