[Info-vax] Open source usage, Was Python and various libraries updated

[Scott Dorsey]

Craig A. Berry <craigberry at nospam.mac.com> wrote:
>On 8/14/20 2:21 PM, Scott Dorsey wrote:
>> =?UTF-8?Q?Arne_Vajh=c3=b8j?=  <arne at vajhoej.dk> wrote:
>>> I have heard about problems getting VMS changes incorporated many times.
>>> Maybe it has gotten better over time.
>> 
>> A few years ago when OpenSSL ran into some security issues that were the
>> result of it having turned into a cobbled-together mess, a concerted effort
>> was made to clean it up.  One of the first things they did was to drop all
>> the VMS support stuff in it, because there was nobody to protest.
>
>That's not quite what happened. After HeartBleed, LibreSSL was started
>as a fork/rewrite of OpenSSL and *that* is where the VMS code was
>dropped.  The OpenSSL project addressed its problems, got more support
>because people realized how critical it was, and has a well-defined
>roadmap of new releases. The VMS port is actively maintained as part of
>the authoritative sources (still by Richard Levitte as far as I know).
>VSI releases kits based on OpenSSL every other week or so (very slight
>exaggeration).

Ahh, thank you!  That makes sense!  That wasn't what was announced initially
but things were a bit of a mess at the time.  I am glad to hear of the split.
--scott

-- 
"C'est un Nagra. C'est suisse, et tres, tres precis."