Re: OpenSSL 1.1.0
On Mon, Nov 14, 2016 at 10:45:50AM -0300, Lisandro Damián Nicanor Pérez Meyer wrote:
> And yes, I would step back and switch libssl-dev to provide libssl1.0-dev and
> have libssl1.1-dev around for anyone who can really do the switch.
That's the only viable alternative I see.
It looks like an increasing number of packages, including apache2,
openssh, qt4 and qt5, picked to build-depend on libssl1.0-dev.
So OpenSSL 1.0 won't go away, and through packages indirectly depending
on both versions, we'll get very difficult to solve conflicts.
As removing all those packages clearly is not an option, the release
will be significantly delayed if we don't revert the default to be
OpenSSL 1.0.
(It's fine if packages which depend on libssl-dev get an RC-bug if they
can't be compiled with OpenSSL 1.1. Packages which can't be ported
should explicitly depend on libssl1.0-dev. That way we'll make progress
towards a point where we can start a smooth transition.)
I'd be glad to have a quick transition to OpenSSL 1.1 now, but I honestly
don't see a way how this may work.
Please revert the default back to 1.0 for now.
Jan
Reply to: