Latest openssl 1.0.2 for Jessie backports
Hi,
I uploaded openssl_1.0.2l-1~bpo8+1 to jessie backports which got
rejected because this version is not in stable. The stretch backports
announcement said "From time to time … please talk to us on the list
**before** upload the package.". So technically it is after but here I
am :)
In stable we have the source package openssl which contains the 1.1
branch of openssl and the source package openssl1.0 which contains the
1.0.2 branch of openssl. For Jessie backports we would need to keep
uploading the 1.0.2 branch as the openssl package.
It is the same upstream source as in the openssl1.0 package. The
package is not identical to the openssl1.0 source package for a few
reasons:
- in backports we need to provide a different binary package for the
library (libssl1.0.2 vs libssl1.0.0)
- we also need to provide the openssl binary package (which is not
provided by the openssl1.0 source package but by openssl in stable).
- in stable we disable RC4 and 3DES from the SSL suite. We can't do this
for Jessie because people will come screaming (they did after the
change made it to Stretch).
This backport is meant as a drop-in replacement for openssl package in
Jessie which provides additional features like ALPN (used by nginx bpo).
Sebastian
Reply to: