https://marc.info/?l=openbsd-announce&m=150996307120987&w=2
I wonder how many memory leaks it'll take for OpenSSL to finally get their act together or for major projects to drop it entirely.
I know Gentoo did https://bugs.gentoo.org/762847
Python 3.10 did https://peps.python.org/pep-0644/
Void Linux did https://voidlinux.org/news/2021/02/OpenSSL.html
Etc.
Seems like a lot of that was due to OpenSSL breaking API compat that LibreSSL promised not to break though.
I know Gentoo did https://bugs.gentoo.org/762847
Python 3.10 did https://peps.python.org/pep-0644/
Void Linux did https://voidlinux.org/news/2021/02/OpenSSL.html
Etc.
Seems like a lot of that was due to OpenSSL breaking API compat that LibreSSL promised not to break though.