Bug#929907: implications for libgnutls-openssl27?
Andreas Metzler
ametzler at bebt.de
Sun Jun 16 05:42:03 BST 2019
On 2019-06-15 Ross Boylan <rossboylan at stanfordalumni.org> wrote:
> I've been following this bug because it came up as an issue for a
> security upgrade to libgnutls-openssl27 in buster. I'm still seeing
> 3.6.7-3 as the upgrade target.
Hello Ross,
I do not know whether this bug applies to packages using GnuTLS via the
openssl wrapper library. There aren't a lot of rdepends, and the wrapper
is thin and does not expose the complete functionality.
> Will an openssl27 variant be coming? Or perhaps this problem never
> applied to -openssl27 and apt-listbugs just got over-eager?
If the bug applies to libgnutls-openssl27 it will be fixed exactly when
the underlying libgnutls is fixed. There is no separate step involved,
it is just a wrapper.
> I came
> here for ..ssl27; the original report is for ..ssl28;
Where?
> the package the
> bug is filed against is apparently ..ssl30. The versioning is a bit
> mysterious to me :)
It is pretty mch straightforward, when the ABI breaks we bump the
soname. ;-)
Anyway, obviously I do not want to ship buster with this bug, it is
fixed in sid and there is an unblock request for buster.
cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Pkg-gnutls-maint
mailing list