Hi, Today I encountered an error response in my browser when attempting to use my locally-installed Trac projects. Notice that Trac, as it is installed on my system, uses Python 2.x. Inspecting /var/log/httpd/error_log I tracked the error down to the hashlib-Module in Python 2.7.18-5. Attempting to import that module in Python2 reproduced the error logged by apache precisely. So I tried to install python2-2.7.18-8 from the AUR. This required gdb and xorg-server-xvfb. After having them installed, another dependency on openssl-1.1 was reported by makepkg. Notice that the package itself is called openssl-1.1, the -1.1 is *not* the Arch Package version, which is at the moment 1.1.1.s-2. While googling to resolve the issue, before attempting to make the AUR python2 package, in some way I spotted openssl as a probable reason for the issue. It got updated from 1.1.1.q-1 to 3.0.7-2 quite recently on my system (pacman.log). As a result of this guess, I tried to downgrade from 3.0.7-2 back to 1.1.1.q-1, which failed because it would break some dependencies. Now, I installed the openssl-1.1 package (which resolves to openssl-1.1-1.1.1.s-2), as it was required to build the AUR python2-2.7.18-8 package. After having installed openssl-1.1, 'import hashlib' worked in Python2 from Arch upstream (i.e., python2-2.7.18-5), and after a machine restart my Trac projects are now up and running again as well. So there was no need to build the AUR package in the end. I am proposing to add 'openssl-1.1' to the list of requirements for the 'python2' package. 'openssl-1.1' can peacefully coexist with the 'openssl' package, AFAICT from my system. At the moment, 'python2' depends on 'openssl'. I do not know if *both* openssl (3.0.7-2) *as well as* openssl-1.1 (1.1.1.s-2) are required, or if the openssl-dependency can be dropped. For all I know, keeping them both would not harm. Best, Friedrich