Here we go again.
>The OpenSSL project team would like to announce the forthcoming release of OpenSSL versions 1.0.2f, 1.0.1r. These releases will be made available on 28th January between approx. 1pm and 5pm (UTC). They will fix two security defects, one of "high" severity affecting 1.0.2 releases, and one "low" severity affecting all releases.
No, you clearly are an uneducated faggot and your comment made no sense at all.
OpenSSL is a fuckhuge, very complex and always under scrutiny project, there will always be bugs in something like that no matter how good the programmers are.
Also, since shit is open source you can join the project and help them write better code.
People still use OpenSSL?
WTF? Don't they know that it's unaudited garbage?
LibreSSL has been its successor since Heartbleed, and unlike OpenSSL it's actually constantly audited to make sure there aren't any major vulnerabilities.
I wasn't him, and without you going into why a comment doesnt made no sense is just you being lazy and cheap. Get off your high horse, stop shit posting, stop making ad hominem arguments, and stop suggesting random people to do better instead (closely related to an ad ignorantiam).
>"high" severity affecting 1.0.2
And that's why your server should be on Debian stable$ apt-cache policy openssl
*** 1.0.1k-3+deb8u2 0
500 http://http.debian.net/debian/ jessie/main amd64 Packages
500 http://security.debian.org/ jessie/updates/main amd64 Packages
>You should be on FreeBSD, which is run by the creators of LibreSSL, and thus is more secure anyway.
What the hell are you on about?
From the libressl homepage:
>LibreSSL is supported financially by the OpenBSD Foundation and the OpenBSD Project. Please consider helping our efforts.
What the fuck does that have to do with FreeBSD?
Piss off you fucking faggot. The first reply in this thread is the most retarded piece of shit I've seen on 4chan today. The programmers ARE competent, the problem is the size of the project as well as the fact that it needs to be extremely multiplatform as well as secure. This is no easy task.
>What is reading comprehension?
I wasn't defending they weren't. I was defending
>>52629968 by pointing out that this >>52630077 comment was lazy and cheap without going into it further.
Again. Lay off, stop using insults as a cheap way to defend your assertion, stop shit posting, stop making ad hominem and ad ignorantiam fallacies by suggesting random people to do better themselves.
That's what happens when a bunch of under toe cheese eatering asswipes are put in charge of security. Wasn't their open sores code available for review for like almost 20 years?