- Status Closed
- Percent Complete
- Task Type Security Issue
- Category Any
-
Assigned To
coadde Emulatorman - Operating System All
- Severity Critical
- Priority Very High
- Reported Version Any
- Due in Version Milky Way v0.3
-
Due Date
Undecided
-
Votes
2
- Emulatorman (17/12/2018)
- zapper (14/12/2018)
- Private
Attached to Project: Packages
Opened by Emulatorman - 11/01/2018
Last edited by Emulatorman - 24/01/2019
Opened by Emulatorman - 11/01/2018
Last edited by Emulatorman - 24/01/2019
FS#191 - [libressl] add package as OpenSSL replacement and default provider of SSL/TLS for Hyperbola Project
LibreSSL is a version of the TLS/crypto stack forked from OpenSSL in 2014, with goals of modernizing the codebase, improving security, and applying best practice development processes.
It was forked from the OpenSSL in April 2014 as a response by OpenBSD developers to the Heartbleed security vulnerability in OpenSSL, [4] [5] [6] [7] with the aim of refactoring the OpenSSL code so as to provide a more secure implementation. [8]
As LibreSSL follow the same goals than Hyperbola Packaging Guidelines in stability and security concerns, it should be the default provider of SSL and TLS protocols for Hyperbola Project.
Loading...
Available keyboard shortcuts
- Alt + ⇧ Shift + l Login Dialog / Logout
- Alt + ⇧ Shift + a Add new task
- Alt + ⇧ Shift + m My searches
- Alt + ⇧ Shift + t focus taskid search
Tasklist
- o open selected task
- j move cursor down
- k move cursor up
Task Details
- n Next task
- p Previous task
- Alt + ⇧ Shift + e ↵ Enter Edit this task
- Alt + ⇧ Shift + w watch task
- Alt + ⇧ Shift + y Close Task
Task Editing
- Alt + ⇧ Shift + s save task
Now this is awesome. Thank you for moving to LibreSSL. Hyperbola will be the second gnu/linux distro to move to LibreSSL I believe. The first is voidlinux
I absolutely support this decision. :)
Although, Hyperbola will be the first fully free software distro to do so. :)
I await seeing Hyperbola on the list of fully free distros.
hmm it appears I may be wrong? I think guixsd uses it already. Still though, its a good thing to switch to. :)
GuixSD contains OpenSSL (1.1.0g and 1.0.2n) and LibreSSL in their repositories, therefore LibreSSL is a selectable provider of TLS for that distro.
Our case is different than GuixSD since LibreSSL will be used by default and OpenSSL will be blacklisted like Alpine, Void, OpenBSD, Dragonfly, HardenedBSD, Morpheus, OpenELEC and TrueOS are doing currently. [0]
Interesting, Then I guess Hyperbola will be the first gnu/linux distro to have LibreSSL by default.
:)
Actually what I meant was the first GNU/Linux distro that is free software to have LibreSSL by default. :)
ps, I look forward to 3.0 very much for this reason. :)
whoops, I mean 0.3 xD
Hello,
How is the integration of LibreSSL progressing ?
I wish you best lads ;)
I am curious as well. I look forward to this.
For now, our build server is under maintenance by coadde yet. It needs some required configurations such as increase SSH security, certification and improve Xen hypervisor structure + virtual machines + chroots.
Then, when it will be ready, i will begin with Milky Way v0.3 development + LibreSSL :)
Okay, when do you think it will be ready even in development? And from then, when do you think it will be completely ready for stable. Just wondering...
ps, Virtual machines are what I would use to see how libressl is doing. :)