Matthew Summers posted on Tue, 15 Jul 2014 09:18:23 -0500 as excerpted: > So, libressl is really nowhere near ready for prime time or even late > night TV (perhaps the day time talk shows, but that is a stretch given > the PRNG situation). I think preparing a virtual and updating dependent > ebuilds for the explosion of replacements is grand, however we should > make it _very_ clear to everyone that issues exist that make libressl > unsafe for anything other than play time.
Here's another link for those following along: Ars-technica (via LWN): OpenSSL fork LibreSSL is declared "unsafe for Linux" http://lwn.net/Articles/605509/rss Basically it's a pid-duplication issue, aka an "I'm my own grandpa" issue, as someone mentions in the comments. There's also a note both in the comments and now on the original Ars article saying a patch has already been pushed, but the point stands, "nowhere near ready for prime time" indeed. It'll take a bit of time, but for now as already suggested, introducing the virtual with the single openssl provider does seem reasonable. -- Duncan - List replies preferred. No HTML msgs. "Every nonfree program has a lord, a master -- and if you use the program, he is your master." Richard Stallman