> Hi, > > On Thu, Jun 07, 2012 at 11:48:37AM +0200, Paul Bakker wrote: >> Agreed as well.. > So what...? 1.1.4 or "1.1.0, and put the responsibility on the distro"? > I think this question is related to our project policies, not just to PolarSSL support. Do we want to try to protect packagers and those building from source from security issues by trying to force them to use latest libraries? In practice, some OS/distro packagers (e.g. for Debian stable) would have to circumvent our version checks due their own project policies.
Anyways, whatever we decide, I think we should at least be consistent. Samuli