Re: OpenSSL 1.1.0 / transition process
On 15/11/16 16:54, Ian Jackson wrote:
> Lots of people have posted in this thread that they see problems with
> our current approach to the openssl transition.
>
> Do the openssl maintainers have an response ?
I just started looking at this thread 2 minutes ago. I really don't
know where to start.
Would the OpenSSL maintainers and/or release managers consider making a
wiki page about the transition with the most common questions about it,
similar to the upstream wiki but with a Debian focus?
The questions which come to my mind (and may already be answered):
- will it definitely go ahead for stretch?
- will the stretch freeze and release dates be delayed to allow people
to catch up?
- is it expected that package maintainers spend time patching for this,
or we can wait for upstreams to support it?
- given the huge number of packages listed on the transition page, I
couldn't help feeling that it would be useful to be able to get some
reports about how many packages have now had a bug forwarded upstream,
how many upstreams have released a newer version with the fix, how many
upstreams have a fix that is not released, etc
Wearing my upstream hat, I do hope to ensure my own packages support it
sooner rather than later. Some of them will go into NEW though because
they have ABI or API version numbers in the binary package names, so
they won't be available immediately.
Regards,
Daniel
Reply to: