|
|
|
|
|
|
by notaplumber
2254 days ago
|
|
|
No, LibreSSL is a fork of OpenSSL that predates this vulnerability, it even predates the OpenSSL 1.1.x API break (some compatibility has since been added), and has an entirely separate and new TLS 1.3 implementation. https://www.openbsd.org/papers/bsdcan2019-tls13.pdf (video: https://www.youtube.com/watch?v=MCVIBwGOwNY) It maintains source compatibility with OpenSSL at an API and command-line level (e.g. openssl(1) utility). LibreSSL cannot copy code from later versions of OpenSSL as they relicensed it under the Apache 2.0 license. |
|
|