[Pkg-openssl-devel] Bug#907015: openssl version 1.1.1 breaks multiple reverse dependencies; versioned Breaks needed

[Paul Gevers]

Source: openssl
Version: 1.1.1~~pre9-1
Severity: serious
User: debian-ci at lists.debian.org
Usertags: breaks
Control: affects -1 src:ganeti src:libnet-ssleay-perl src:ruby-openssl
Control: affects -1 src:m2crypto src:python2.7 src:python3.6
Control: affects -1 src:python3.7 src:stunnel4 isync
Control: block -1 by 900161 906981 906955

Dear openssl maintainers,

With the upload of 1.1.1~~pre9-1 of openssl packages need to be ready
for the default security level bump that was introduced in openssl.
Currently we are seeing multiple packages that fail to run their
autopkgtest. We suspect that there may be quite some packages that have
similar run time issues that haven't been detected yet. There is also
already a first user bug report about a non-working reverse dependency.

We file this bug to:
1) allow reverse dependencies some time (we let you judge how long is
reasonable for the serious severity) to adapt to the new situation
2) enable the openssl package to collect information which packages it
breaks and which version of those package fix the issue. With that
information the openssl package can add versioned Breaks

We believe that the versioned Breaks are needed to enable a smooth
upgrade path for testing users as well as for users that upgrade from
stretch to buster. For users a Breaks is also required if the new
OpenSSL just exposed an existing bug in the reverse dependency.

Paul and Adrian

PS: I'll file (blocking) bugs against the reverse dependencies with
broken autopkgtests soon.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-openssl-devel/attachments/20180823/df7588cf/attachment.sig>