Bug#664383: openssh: Too strict openssl check again.

To: submit@bugs.debian.org
Subject: Bug#664383: openssh: Too strict openssl check again.
From: Kurt Roeckx <kurt@roeckx.be>
Date: Sat, 17 Mar 2012 17:37:46 +0100
Message-id: <[🔎] 20120317163746.GA16947@roeckx.be>
Reply-to: Kurt Roeckx <kurt@roeckx.be>, 664383@bugs.debian.org

Source: openssh
Version: 1:5.9p1-3
Severity: important

Hi,

I was preparing a new version of openssl 1.0.1, and after I
installed it and wanted to use ssh, I got this:
OpenSSL version mismatch. Built against 1000007f, you have 1000100f

At some point we removed that check, but then there is this
changelog entry in 1:5.4p1-1:
  * Drop Debian-specific removal of OpenSSL version check.  Upstream ignores
    the two patchlevel nybbles now, which is sufficient to address the
    original reason this change was introduced, and it appears that any
    change in the major/minor/fix nybbles would involve a new libssl package
    name.  (We'd still lose if the status nybble were ever changed, but that
    would mean somebody had packaged a development/beta version rather than
    a proper release, which doesn't appear to be normal practice.)

And we have the same problem again.

Openssl has changed the way it numbers it's versions, and now
1.0.x would stay abi compatible with 1.0.0.  But I think the
check is bogus in any case.

So I'm waiting with uploading the 1.0.1 version until openssh
is fixed, and I'll add a Breaks.


Kurt

Reply to:

Follow-Ups:
- Bug#664383: marked as done (openssh: Too strict openssl check again.)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: [bts-link] source package openssh
Next by Date: Accepted openssh 1:5.9p1-4 (source i386 all)
Previous by thread: Processed: [bts-link] source package openssh
Next by thread: Bug#664383: marked as done (openssh: Too strict openssl check again.)
Index(es):
- Date
- Thread