Your message dated Thu, 4 Feb 2016 09:45:08 +0000 with message-id <20160204094508.GA6402@chase.mapreri.org> and subject line Re: Bug#797926: transition: openssl: remove SSLv3 methods has caused the Debian Bug report #797926, regarding transition: openssl: remove SSLv3 methods to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: transition: openssl: remove SSLv3 methods
- From: Kurt Roeckx <kurt@roeckx.be>
- Date: Thu, 3 Sep 2015 20:51:05 +0200
- Message-id: <20150903185104.GA15837@roeckx.be>
Package: release.debian.org Hi, I would like to remove the last support for SSLv3 in openssl. This means that I'll be dropping 3 symbols from the shared library: SSLv3_method(); SSLv3_server_method(); SSLv3_client_method(); Those can still be used to set up SSLv3 connections, while using the SSLv23_* methods won't talk SSLv3. This change will result in the define OPENSSL_NO_SSL3_METHOD becoming defined. Some software in Debian already checks for either that define or the presence of the functions to enable support for it or not. I find those changes very unfortunate, they should just have dropped SSLv3 support completly. My question is how you want to proceed with this. I see a few options: - Change the soname, rebuild everything against that new soname. - Just drop the symbols, adding Breaks on at least some packages like curl and python that are known to need a rebuild against the changed headers. As far as I know all the major packages making use of those symbols should be fixed now, or have a fix available. Kurt
--- End Message ---
--- Begin Message ---
- To: 797926-done@bugs.debian.org
- Subject: Re: Bug#797926: transition: openssl: remove SSLv3 methods
- From: Mattia Rizzolo <mattia@debian.org>
- Date: Thu, 4 Feb 2016 09:45:08 +0000
- Message-id: <20160204094508.GA6402@chase.mapreri.org>
- In-reply-to: <[🔎] 56AFE2F3.7050305@debian.org>
- References: <20151101152247.GA16353@roeckx.be> <56365148.4020606@debian.org> <20151101180415.GA23427@roeckx.be> <563DE0C3.5020402@debian.org> <563DE0C3.5020402@debian.org> <564075DE.5070602@debian.org> <5640D220.8030109@debian.org> <5641E74C.8050802@debian.org> <[🔎] 20160201171453.GB17271@chase.mapreri.org> <[🔎] 56AFE2F3.7050305@debian.org>
On Mon, Feb 01, 2016 at 11:57:55PM +0100, Emilio Pozuelo Monfort wrote: > On 01/02/16 18:14, Mattia Rizzolo wrote: > > If I'm looking right at this transition the only remaining package is > > pbbam, where the maintainer-built binary was built against the old > > libssl. > > > > Please binNMU it. > > > > Does it being ma:same implies you should binNMU all archs to preserve > > coinstallability? > > Rebuilt on amd64 and i386. thanks also to your other binNMU of rem, this is now done. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. more about me: http://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `-Attachment: signature.asc
Description: PGP signature
--- End Message ---