[MacPorts] #68766: openssl3 @3.2.0_0+universal may have broken PRNG on Mavericks and older
MacPorts
noreply at macports.org
Tue Nov 28 01:58:28 UTC 2023
#68766: openssl3 @3.2.0_0+universal may have broken PRNG on Mavericks and older
------------------------+------------------------
Reporter: fhgwright | Owner: neverpanic
Type: defect | Status: assigned
Priority: Normal | Milestone:
Component: ports | Version:
Resolution: | Keywords:
Port: openssl3 |
------------------------+------------------------
Comment (by RobK88):
It looks like `opnssl at 3.2.0` builds and runs fine on the latest macOS
releases. The port breaks with older macOS releases.
If you want to keep and maintain just one `openssl` port, perhaps the
simple solution is for the `openssl` port to install `@3.2.0_0` on the
latest macOS releases and instal `#3.1.4_0` on older macOS releases. This
has been done with other ports like `go`.
The downsides with this approach are possible security vulnerabilities for
users of `openssl` on older Macs. If security vulnerabilities are found
with `@3.1.4` which are not fixed, then MacPosrts users of `openssl` may
be exposed to security vulnerabilities. Often developers only fix
security vulnerabilities with the latest releases and will not fix older
releases.
--
Ticket URL: <https://trac.macports.org/ticket/68766#comment:50>
MacPorts <https://www.macports.org/>
Ports system for macOS
More information about the macports-tickets
mailing list