|
|
|
|
|
|
by _delirium
5606 days ago
|
|
|
There also wasn't a lot of time before the freeze--- OpenSSL 1.0.0 was released on March 29, and the Debian "Squeeze" freeze was August 6. Dropping in a new version of OpenSSL four months before the freeze wasn't considered prudent. Even if OpenSSL itself could be tested in that time and considered rock-solid (probably possible), a lot of different packages depend on / link with OpenSSL, and linking them with a new version might expose subtle bugs or incompatibilities in those apps, which you'd want some time to notice/debug/fix, especially since it might require waiting on upstream developers to debug/fix things in their apps. Post-release, OpenSSL 1.0.0 will now be migrated to unstable, and then any problems that causes or exposes can be found and fixed on a more generous schedule. |
|
|