[arch-dev-public] Issues updating to openssl 1.0.2g
Hi all, I just looked into updating to openssl 1.0.2g. Unfortunately this comes with an ABI change due to SSL2 being disabled by default. This would mean we need to rebuild most packages that link against openssl. Imho re-enabling ssl2 seems to be a bad idea. I already pushed the packages into staging. We would need to do the rebuild as quickly as possible. What do you think? Greetings, Pierre -- Pierre Schmitz, https://pierre-schmitz.com
Am 01.03.2016 um 15:53 schrieb Pierre Schmitz:
Hi all,
I just looked into updating to openssl 1.0.2g. Unfortunately this comes with an ABI change due to SSL2 being disabled by default. This would mean we need to rebuild most packages that link against openssl. Imho re-enabling ssl2 seems to be a bad idea.
I already pushed the packages into staging. We would need to do the rebuild as quickly as possible.
What do you think?
Last time an ABI change happened during a release cycle, it was a bug in OpenSSL and the next release fixed it. Don't you think this is the case again?
On 01.03.2016 15:53, Pierre Schmitz wrote:
I just looked into updating to openssl 1.0.2g. Unfortunately this comes with an ABI change due to SSL2 being disabled by default. This would mean we need to rebuild most packages that link against openssl. Imho re-enabling ssl2 seems to be a bad idea.
I have updated openssl to also disable sslv3 and zlib besides sslv2. We are currently rebuilding all depending packages: https://rebuilds.foutrelis.com/?all It would b great if those packages wont get updated till we are able to finish this rebuild. Greetings, Pierre -- Pierre Schmitz, https://pierre-schmitz.com
On 02.03.2016 19:14, Pierre Schmitz wrote:
On 01.03.2016 15:53, Pierre Schmitz wrote:
I just looked into updating to openssl 1.0.2g. Unfortunately this comes with an ABI change due to SSL2 being disabled by default. This would mean we need to rebuild most packages that link against openssl. Imho re-enabling ssl2 seems to be a bad idea.
I have updated openssl to also disable sslv3 and zlib besides sslv2. We are currently rebuilding all depending packages: https://rebuilds.foutrelis.com/?all It would b great if those packages wont get updated till we are able to finish this rebuild.
The rebuild is now done and all packages have been moved to the testing repositories. Thanks to everybody who helped to make this happen! Please test and sign off the core repository candidates so we can release these soon. Greetings, Pierre -- Pierre Schmitz, https://pierre-schmitz.com
On 05.03.2016 12:16, Pierre Schmitz wrote:
The rebuild is now done and all packages have been moved to the testing repositories. Thanks to everybody who helped to make this happen! Please test and sign off the core repository candidates so we can release these soon.
Packages have been moved. I do expect some breakage especially with third party packages. maintainers of e.g. AUR PKGBUILDs should find fixes at Debian's or Fedora's repos. Greetings, Pierre -- Pierre Schmitz, https://pierre-schmitz.com
participants (2)
-
Pierre Schmitz
-
Thomas Bächler