Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#44217 - [openssl] Upcoming OpenSSL 1.0.2a with high security issue
Attached to Project:
Arch Linux
Opened by Remi Gacogne (rgacogne) - Monday, 16 March 2015, 23:32 GMT
Last edited by Pierre Schmitz (Pierre) - Tuesday, 17 March 2015, 15:53 GMT
Opened by Remi Gacogne (rgacogne) - Monday, 16 March 2015, 23:32 GMT
Last edited by Pierre Schmitz (Pierre) - Tuesday, 17 March 2015, 15:53 GMT
|
DetailsHello,
OpenSSL has announced [1] that a new 1.0.2a release will be issued on 19th March 2015, fixing a "high" security issue, whatever that may be. We should be ready to update as soon as possible, as OpenSSL "high" issue tend to be bad. [1]: https://mta.openssl.org/pipermail/openssl-announce/2015-March/000020.html |
This task depends upon

I'll apply the fix when it is available. We have no access to such patches before their public release.