> On a couple of occasions I've taken the bait and linked to the LibreSSL source to show that the relevant bits are in fact not changed at all, so they were both vulnerable.
That's not a bulletproof way to assess bugs in LibreSSL because its authors also removed vulnerabilities from general helpers functions, proactively fixing issues in the code that uses them.
That's not a bulletproof way to assess bugs in LibreSSL because its authors also removed vulnerabilities from general helpers functions, proactively fixing issues in the code that uses them.