[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#828236: Processed: tagging 828236

Hi Kurt,

On Sunday, 25 September 2016 19:51:08 CET Debian Bug Tracking System wrote:
> Processing commands for control@bugs.debian.org:
> > tags 828236 + patch
> Bug #828236 [src:apache2] apache2: FTBFS with openssl 1.1.0
> Added tag(s) patch.

I am sorry, but I don't feel qualified to review that patch (or the upstream 
branch 2.4.x-openssl-1.1.0-compat which has a different implementation). In 
apache, there is lots of subtle interaction between TLS-renegotiation and 
access control. Therefore I want to have the patch reviewed by someone who 
knows mod_ssl well before I include it in Debian. Also, having openssl 1.1 
support only in testing/unstable won't give apache enough exposure to ensure 
that nothing is broken in complex configurations. 

Currently there is no movement upstream to finish the openssl 1.1 support any 
time soon. This means that it is very unlikely that apache2 will get fixed in 
time for stretch.


Reply to: