Packages

  • Status Closed
  • Percent Complete
    100%
  • Task Type Security Issue
  • Category Any
  • Assigned To
    Emulatorman
    coadde
  • Operating System All
  • Severity Critical
  • Priority Very High
  • Reported Version Any
  • Due in Version Milky Way v0.3
  • Due Date Undecided
  • Votes 2
  • Private
Attached to Project: Packages
Opened by Emulatorman - 11/01/2018
Last edited by Emulatorman - 24/01/2019

FS#191 - [libressl] add package as OpenSSL replacement and default provider of SSL/TLS for Hyperbola Project

LibreSSL is a version of the TLS/crypto stack forked from OpenSSL in 2014, with goals of modernizing the codebase, improving security, and applying best practice development processes.

It was forked from the OpenSSL in April 2014 as a response by OpenBSD developers to the Heartbleed security vulnerability in OpenSSL, [4] [5] [6] [7] with the aim of refactoring the OpenSSL code so as to provide a more secure implementation. [8]

As LibreSSL follow the same goals than Hyperbola Packaging Guidelines in stability and security concerns, it should be the default provider of SSL and TLS protocols for Hyperbola Project.

Closed by  Emulatorman
24.01.2019 00:55
Reason for closing:  Implemented

Now this is awesome. Thank you for moving to LibreSSL. Hyperbola will be the second gnu/linux distro to move to LibreSSL I believe. The first is voidlinux

I absolutely support this decision. :)

Although, Hyperbola will be the first fully free software distro to do so. :)

I await seeing Hyperbola on the list of fully free distros.

hmm it appears I may be wrong? I think guixsd uses it already. Still though, its a good thing to switch to. :)

Admin

GuixSD contains OpenSSL (1.1.0g and 1.0.2n) and LibreSSL in their repositories, therefore LibreSSL is a selectable provider of TLS for that distro.

Our case is different than GuixSD since LibreSSL will be used by default and OpenSSL will be blacklisted like Alpine, Void, OpenBSD, Dragonfly, HardenedBSD, Morpheus, OpenELEC and TrueOS are doing currently. [0]

Interesting, Then I guess Hyperbola will be the first gnu/linux distro to have LibreSSL by default.

:)

Actually what I meant was the first GNU/Linux distro that is free software to have LibreSSL by default. :)

ps, I look forward to 3.0 very much for this reason. :)

whoops, I mean 0.3 xD

Hello,

How is the integration of LibreSSL progressing ?

I wish you best lads ;)

I am curious as well. I look forward to this.

Admin

For now, our build server is under maintenance by coadde yet. It needs some required configurations such as increase SSH security, certification and improve Xen hypervisor structure + virtual machines + chroots.
Then, when it will be ready, i will begin with Milky Way v0.3 development + LibreSSL :)

Okay, when do you think it will be ready even in development? And from then, when do you think it will be completely ready for stable. Just wondering...

ps, Virtual machines are what I would use to see how libressl is doing. :)

Date User Effort (H:M)
watch my effort tracking timers

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing