On Wednesday, April 26, 2023 at 1:46:41 PM UTC-7 Dima Pasechnik wrote: we can barely keep up with security updates for e.g. openssl. It took Thierry to provide a patch today, and me converting it into a PR, else we probably would be still shipping openssl version with severe CVEs.
You know as well as I do that - this update is done with the single command "./sage -package update openssl 3.0.5 --commit". - openssl is not used in any security-relevant way in Sage. (I will not discuss this further.) -- You received this message because you are subscribed to the Google Groups "sage-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to sage-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/sage-devel/078a14fa-8971-4fab-921a-45d17829bf7bn%40googlegroups.com.
