Just woke up to 5 vulnerability alerts (4 high severity) of the openSSL Rust crate.
-
Just woke up to 5 vulnerability alerts (4 high severity) of the openSSL Rust crate. Now I'm even more thankful we've made the switch to rustls in lychee. I've only seen advantages so far. The transition was totally smooth, and now we have faster, more stable and apparently more secure TLS.
Thank you @djc, @ctz et al. for this amazing piece of software!
-
Just woke up to 5 vulnerability alerts (4 high severity) of the openSSL Rust crate. Now I'm even more thankful we've made the switch to rustls in lychee. I've only seen advantages so far. The transition was totally smooth, and now we have faster, more stable and apparently more secure TLS.
Thank you @djc, @ctz et al. for this amazing piece of software!
Here we switched before the last release in February: https://github.com/lycheeverse/lychee/pull/1928
It resolved multiple inconsistencies as lychee behaved differently on each target platform as the target platform's openSSL implementation was used. Switching to rustls has resolved multiple long-standing issues and we haven't received any related bug reports since.
-
R relay@relay.infosec.exchange shared this topic
