1. 9

  2. 8

    This is progess:

    And while I will reiterate, stop mailing us privately and asking, I can confirm that the situation has changed, and core LibreSSL developers have now had disclosure from OpenSSL. We will be keeping discusssion of all details strictly to that group until such time as OpenSSL releases publicly.


    email to misc@openbsd.org

    1. 4

      “The LibreSSL team is not typically apprised of OpenSSL-related security issues in advance. We will address any previously-unknown issues that are found to affect LibreSSL in future releases.”

      This is actually quite sad…