From: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com> |
---|---|
To: | Andres Freund <andres(at)anarazel(dot)de> |
Cc: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Use EVP API pgcrypto encryption, dropping support for OpenSSL 0.9.6 and older |
Date: | 2015-10-05 15:37:48 |
Message-ID: | 20151005153748.GE8531@alvherre.pgsql |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Andres Freund wrote:
> But more seriously: Given the upstream support policies from
> https://www.openssl.org/policies/releasestrat.html :
> "
> Support for version 0.9.8 will cease on 2015-12-31. No further releases of 0.9.8 will be made after that date. Security fixes only will be applied to 0.9.8 until then.
> Support for version 1.0.0 will cease on 2015-12-31. No further releases of 1.0.0 will be made after that date. Security fixes only will be applied to 1.0.0 until then.
>
> We may designate a release as a Long Term Support (LTS) release. LTS
> releases will be supported for at least five years and we will specify
> one at least every four years. Non-LTS releases will be supported for at
> least two years.
> "
> and the amount of security fixes regularly required for openssl, I don't
> think we'd do anybody a favor by trying to continue supporting older
> versions for a long while.
>
> Note that openssl's security releases are denoted by a letter after the
> numeric version, not by the last digit. 0.9.7 was released 30 Dec 2002.
Yeah. Last of the 0.9.7 line (0.9.7m) was in 2007:
commit 10626fac1569ea37839c37b105681cd08dbe6658
Author: cvs2svn <cvs2svn>
AuthorDate: Fri Feb 23 12:49:10 2007 +0000
CommitDate: Fri Feb 23 12:49:10 2007 +0000
This commit was manufactured by cvs2svn to create tag 'OpenSSL_0_9_7m'.
Current 0.9.8 is 0.9.8zg, in June this year:
commit 0823ddc56e9aaa1de6c4f57bb45457d5eeca404d
Author: Matt Caswell <matt(at)openssl(dot)org>
AuthorDate: Thu Jun 11 15:20:22 2015 +0100
CommitDate: Thu Jun 11 15:20:22 2015 +0100
Prepare for 0.9.8zg release
Reviewed-by: Stephen Henson <steve(at)openssl(dot)org>
--
Álvaro Herrera http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
From | Date | Subject | |
---|---|---|---|
Next Message | Alvaro Herrera | 2015-10-05 15:40:32 | Re: Less than ideal error reporting in pg_stat_statements |
Previous Message | Alvaro Herrera | 2015-10-05 15:33:28 | Re: No Issue Tracker - Say it Ain't So!] |