

Ask HN: 6 months later, which projects have switched from OpenSSL to LibreSSL? - Mojah


======
JoshTriplett
Better yet, which projects have abandoned any project derived from OpenSSL and
switched to something else, like gnutls or NSS?

OpenSSL has a rather painfully error-prone programming interface (as in, it's
easy to make mistakes that result in serious security holes), and an obnoxious
license that's incompatible with one of the most popular FOSS licenses.
LibreSSL can't fix the latter, and has a very limited ability to fix the
former.

------
vtlynch
no comment on this, but... to anyone who is using LibreSSL, make sure to patch
to 2.1.2:

[http://www.cvedetails.com/cve/CVE-2014-9424/](http://www.cvedetails.com/cve/CVE-2014-9424/)

