[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Is it possible to downgrade openssl?

On Fri, Jul 28, 2023 at 09:10:08PM +0100, Brian wrote:
> On Fri 28 Jul 2023 at 16:04:10 -0400, Patrick Wiseman wrote:
> 
> > I have an AppImage from Creality which segfaults with a QT ssl error.
> > Googling tells me that the latest version of OpenSSL (3.x) omits some X509
> > functionality, which can be found in OpenSSL-1.1. (And someone reports that
> > installing it solves the problem.) But I can't find that package. Is there
> > any way to revert to an earlier version of OpenSSL? I'm on an up-to-date
> > bookworm system.
> 
> Install from https://snapshot.debian.org/.

Simply installing libssl1.1 is not going to change the dynamic libraries
used by installed programs.

ii  libssl1.0.2:amd64 1.0.2r-1~deb9u1  amd64        Secure Sockets Layer toolkit - shared libraries
ii  libssl1.1:amd64   1.1.1n-0+deb11u4 amd64        Secure Sockets Layer toolkit - shared libraries
ii  libssl1.1:i386    1.1.1n-0+deb11u4 i386         Secure Sockets Layer toolkit - shared libraries
ii  libssl3:amd64     3.0.9-1          amd64        Secure Sockets Layer toolkit - shared libraries
ii  libssl3:i386      3.0.9-1          i386         Secure Sockets Layer toolkit - shared libraries

If a program (e.g. /usr/bin/openssl) is dynamically linked against
libssl.so.3, then it's going to use libssl3, no matter how many older
versions of libssl with different sonames are installed.

If the issue is something like "libssl3 version 3.0.8-1 works, but
version 3.0.9-1 does not" then yeah, installing an older version of
libssl3 might work around the issue.
Reply to: