

OpenSSL Releases Bugfixes, Advance Notice To Some Vendors But Not OpenBSD - zdw
http://undeadly.org/cgi?action=article&sid=20140605202211

======
Bluerise
OpenBSD did not want to be on the list of distros to be notified[0].

It's no conspiracy due to LibreSSL, but maybe rather Theo's ignorance.

[0] [http://marc.info/?l=oss-
security&m=139906348230995&w=2](http://marc.info/?l=oss-
security&m=139906348230995&w=2)

~~~
forgottenpass
There is a process in place. Even though OpenBSD was not engaged with the
process, the people that knew they should notify OpenBSD didn't because:
bureaucracy.

And people say Theo is the one that's hard to work with? (Yeah, he is, but you
get the point right?)

I too can link to marc.info [0] to reframe the decision.

[0] [http://marc.info/?l=openbsd-
misc&m=140200815827477&w=2](http://marc.info/?l=openbsd-
misc&m=140200815827477&w=2)

