Bug#828236: Processed: tagging 828236

To: Kurt Roeckx <kurt@roeckx.be>
Cc: 828236@bugs.debian.org
Subject: Bug#828236: Processed: tagging 828236
From: Stefan Fritsch <sf@sfritsch.de>
Date: Wed, 09 Nov 2016 23:44:49 +0100
Message-id: <[🔎] 3490345.EyZ6badYtM@k>
Reply-to: Stefan Fritsch <sf@sfritsch.de>, 828236@bugs.debian.org
In-reply-to: <handler.s.C.14748329439961.transcript@bugs.debian.org>
References: <20160925194901.A1EBF1FE0784@intrepid.roeckx.be> <handler.s.C.14748329439961.transcript@bugs.debian.org>

Hi Kurt,

On Sunday, 25 September 2016 19:51:08 CET Debian Bug Tracking System wrote:
> Processing commands for control@bugs.debian.org:
> > tags 828236 + patch
> 
> Bug #828236 [src:apache2] apache2: FTBFS with openssl 1.1.0
> Added tag(s) patch.

I am sorry, but I don't feel qualified to review that patch (or the upstream 
branch 2.4.x-openssl-1.1.0-compat which has a different implementation). In 
apache, there is lots of subtle interaction between TLS-renegotiation and 
access control. Therefore I want to have the patch reviewed by someone who 
knows mod_ssl well before I include it in Debian. Also, having openssl 1.1 
support only in testing/unstable won't give apache enough exposure to ensure 
that nothing is broken in complex configurations. 

Currently there is no movement upstream to finish the openssl 1.1 support any 
time soon. This means that it is very unlikely that apache2 will get fixed in 
time for stretch.

Cheers,
Stefan

Reply to:

Follow-Ups:
- Bug#828236: Apache2 with openssl 1.1.0
  - From: Kurt Roeckx <kurt@roeckx.be>

Prev by Date: Processed: canl-c: FTBFS with openssl 1.1.0
Next by Date: Bug#839977: marked as done (apache2: please make the build reproducible (timestamps/timezones))
Previous by thread: Re: canl-c/gridsite: FTBFS with openssl 1.1.0
Next by thread: Bug#828236: Apache2 with openssl 1.1.0
Index(es):
- Date
- Thread