[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20130509140852.GJ20323@brightrain.aerifal.cx>
Date: Thu, 9 May 2013 10:08:52 -0400
From: Rich Felker <dalias@...ifal.cx>
To: musl@...ts.openwall.com
Subject: Re: High-priority library replacements?
On Thu, May 09, 2013 at 09:36:18AM +0200, Daniel Cegiełka wrote:
> 2013/5/9 <idunham@...abit.com>:
>
> > Tropicssl is a fork of polarssl, but as far as I can tell they haven't
> > fixed CVEs 2013-0169, 2013-1621, and 2013-1622 yet.
> >
> > While I agree with their view of the license switch, the activity (or
> > lack thereof) does not seem promising.
>
> The problem is that we have the choice to either accept the GPL
> (CyaSSL, PolarSSL) or write own implementation of a ssl from
> scratch... or use eg tropicssl as a ssl base.
>
> btw. license issue - can we legally link noxcuse (GPL) with musl (MIT)? :)
Of course; otherwise musl would be rather useless since there's a huge
corpus of GPL code you want to link and run. The point of a permissive
license is that it does not restrict you from doing things like this.
BTW, I'll probably relicense noxcuse anyway. I just never got around
to doing much/anything with it after initially publishing it. The main
app in it that's really useful right now though is iconv, since
Busybox lacks iconv and glibc iconv is glibc-specific.
Rich
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
