Slackware Stable Roadmap - specifically Openssl 3 support
by dalacor from LinuxQuestions.org on (#6PPAT)
Is there an official roadmap for Slackware stable. Openssl 1.1.1 has been obsolete for nearly a year, yet Slackware 15 stable is still using Openssl 1.1.1w.
I am a bit concerned security wise that Openssl 3 has not been implemented yet. While I don't think that there are any major CVE's to be concerned about, the fact is that Passwords and lack of updates are the two main causes of all Cyber Security breaches. So we really need to be able to update Openssl.
This is also the second time that Slackware has failed to keep Openssl up to date. Years ago, I had to move to current because Slackware 14.2 only supported 1.1.0 and this broke a critical program I was using (not to mention that Openssl 1.1.0 was also obsolete).
Upgrading to Slackware Current should not be my only option to run a secure version of Slackware. Can anyone advise of a roadmap and why Slackware keeps repeating the same mistake of not updating critical software like Openssl which is a very huge security concern given how many programs use Openssl and given that Openssl has been exploited in the past.
I am a bit concerned security wise that Openssl 3 has not been implemented yet. While I don't think that there are any major CVE's to be concerned about, the fact is that Passwords and lack of updates are the two main causes of all Cyber Security breaches. So we really need to be able to update Openssl.
This is also the second time that Slackware has failed to keep Openssl up to date. Years ago, I had to move to current because Slackware 14.2 only supported 1.1.0 and this broke a critical program I was using (not to mention that Openssl 1.1.0 was also obsolete).
Upgrading to Slackware Current should not be my only option to run a secure version of Slackware. Can anyone advise of a roadmap and why Slackware keeps repeating the same mistake of not updating critical software like Openssl which is a very huge security concern given how many programs use Openssl and given that Openssl has been exploited in the past.