All of today's OpenSSL vulnerabilities are in code that was replaced long ago in *ring* & webpki, so nothing for me to do today. Boring.
-
-
Replying to @BRIAN_____
@BRIAN_____@sleevi_ long ago? No. Some just had fixes/feedback from@davidben__2 replies 0 retweets 0 likes -
Replying to @RichSalz
@RichSalz@sleevi_@davidben__ Anyway, let's not interpret me saying something good about *ring* as saying something bad about other forks.1 reply 0 retweets 0 likes -
Replying to @BRIAN_____
@BRIAN_____@sleevi_@davidben__ sure no problem with that.1 reply 0 retweets 0 likes -
Replying to @RichSalz
@RichSalz@sleevi_@davidben__ Also, almost all of my 167+ of my BoringSSL patches are licensed under the OpenSSL license, for y'all to use.1 reply 0 retweets 0 likes -
Replying to @BRIAN_____
@BRIAN_____@sleevi_@davidben__ neat! where can we find them?2 replies 0 retweets 0 likes
@RichSalz @sleevi_ @davidben__ The 167 number refers to the ones that already landed in BoringSSL: https://boringssl.googlesource.com/boringssl/ .
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.