And while I will reiterate, stop mailing us privately and asking, I
can confirm that the situation has changed, and core LibreSSL
developers have now had disclosure from OpenSSL. We will be keeping
discusssion of all details strictly to that group until such time as
OpenSSL releases publicly.
“The LibreSSL team is not typically apprised of OpenSSL-related security issues in advance. We will address any previously-unknown issues that are found to affect LibreSSL in future releases.”
This is progess:
email to misc@openbsd.org
“The LibreSSL team is not typically apprised of OpenSSL-related security issues in advance. We will address any previously-unknown issues that are found to affect LibreSSL in future releases.”
This is actually quite sad…