507322 – dev-libs/openssl - drop tls-heartbeat from IUSE defaults

Bug 507322 - dev-libs/openssl - drop tls-heartbeat from IUSE defaults

Summary: dev-libs/openssl - drop tls-heartbeat from IUSE defaults

Status:	RESOLVED DUPLICATE of bug 507130

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	[OLD] Library (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo's Team for Core System packages

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2014-04-10 12:36 UTC by Jorge Manuel B. S. Vicetto
Modified:	2014-04-10 12:40 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jorge Manuel B. S. Vicetto (RETIRED) Gentoo Infrastructure

2014-04-10 12:36:10 UTC

Given the recent CVE-2014-0160, the impact it had and apparently some doubts about how much valid use tls-heartbeat really has, it seems it would be advisable to leave to users enabling tls-heartbeat. In this case, I argue the "better safe then sorry" approach, makes sense.

Comment 1 Alex Legler (RETIRED) archtester

2014-04-10 12:40:18 UTC


*** This bug has been marked as a duplicate of bug 507130 ***