[OE-core] [PATCH 00/26] thud patch review
Martin Jansa
martin.jansa at gmail.com
Tue Mar 19 13:55:38 UTC 2019
On Tue, Mar 19, 2019 at 12:35:59PM +0100, Alexander Kanavin wrote:
> Just to remind once more, all upstream support for OpenSSL 1.0.2 ceases in 9 months, so shipping products with it may not be the best idea.
Just to remind once more, shipping products isn't as easy as building
the few recipes included in oe-core.
For example:
Believe it or not, some projects need to use old Qt 5.6 due to license
change in newer version and 5.6 doesn't support openssl 1.1,
backporting the necessary changes would violate the license as well.
Providing clean room re-implementation is also difficult, because there
aren't many other options how to implement this than how it was done in
newer qt already, see:
https://bugreports.qt.io/browse/QTBUG-71623
https://development.qt-project.narkive.com/RW4wxYXY/openssl-1-1-x-support-on-qt-5-6-5-9
Yes, it's not the best idea, but even backporting security fixes to old
openssl might be cheaper than buying commercial qt license...
Cheeers,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: Digital signature
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20190319/af95d46d/attachment.sig>
More information about the Openembedded-core
mailing list