Given the recent TLS attack reviewed here http://www.schneier.com/blog/archives/2013/02/really_clever_t.html ... I was looking at what the deal was for OpenSSL, considering I just had to do lost of mask stuff to get an update done. I discovered that Gentoo describes 1.0.1c as supporting TLSv1 whereas in fact it supports TLSv1.1 and partially TLSv1.2 according to http://www.openssl.org/news/news.html and http://stackoverflow.com/questions/12032623/about-tls-1-2-support-in-openssl Reproducible: Always Steps to Reproduce: 1. emerge --search dev-libs/openssl Actual Results: See bad description claiming TLSv1 support. Expected Results: See correct description with TLSv1/1.1/partial 1.2 support. Considering the security impact around this package I think it should be resolved quickly.
i'll just drop the version numbers entirely
should be all set now in the tree; thanks for the report! Commit message: Tweak DESCRIPTION to remove protocol version info to be lazy and avoid keeping it up-to-date http://sources.gentoo.org/dev-libs/openssl/openssl-1.0.1e-r1.ebuild?rev=1.1
