[busterb]

The question of whether LibreSSL has fixes for OpenSSL issues comes up frequently enough that it made sense to note it directly.

Fixes and improvements have certainly been shared between the Boring, Open and LibreSSL teams, and we look forward to further cooperation. It is obviously beneficial.

LibreSSL has in the past mitigated issues that later became known in OpenSSL through security updates. Sometimes, it has been still vulnerable to OpenSSL issues as well. Hopefully we'll fall into the former camp this time around.

To the security researchers and developers who have reached out, we are very grateful.