[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#827061: transition: openssl

On 2016-10-26 10:55:19 [+0200], Emilio Pozuelo Monfort wrote:
> So let's do this. Let's try to get it finished and only ship openssl 1.1. We
> still have three months until the full freeze, and depending on how many
> packages (and which ones, for risk management etc) are left to be fixed after
> that, I may be happy to grant exceptions. But worst case we just ship both.

I've been playing with ben. I tried a few things and this is the best I
was able to achieve [0]:

title = "openssl 1.0";
is_affected = .build-depends ~ /libssl1.0-dev/;
is_good = .depends ~ /libssl1.0.2/;
is_bad = .depends ~ /libssl1.1/;

And

title = "openssl 1.1";
is_affected = .build-depends ~ /libssl-dev/;
is_good = .depends ~ /libssl1\.1/;
is_bad = .depends ~ /libssl1\.0\.2/;

The first one will keep a list of all packages that want to stay with
1.0.2. The bad state of the second tracker should keep track of
everything that needs action.
You might also want to add [1] if you think it is usefull here.

I noticed that people close the bug referenced in [1] and stay with
1.0.2. Shouldn't they just unblock this transition bug and downgrade
severity to important?

[0] it seems ben can't match something like ".build-depends ~
    /libssl-dev/ & .depends ~ /libssl1.0.2/" but this would allow to
    keep everything in one page.
[1] https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=openssl-1.1-trans;users=pkg-openssl-devel-request@lists.alioth.debian.org

> Cheers,
> Emilio

Sebastian
Reply to: