[Pkg-openssl-devel] Bug#907015: openssl version 1.1.1 breaks multiple reverse dependencies; versioned Breaks needed
Sebastian Andrzej Siewior
sebastian at breakpoint.cc
Wed Sep 5 21:58:27 BST 2018
On 2018-08-23 09:07:31 [+0200], Paul Gevers wrote:
> 2) enable the openssl package to collect information which packages it
> breaks and which version of those package fix the issue. With that
> information the openssl package can add versioned Breaks
>
> We believe that the versioned Breaks are needed to enable a smooth
> upgrade path for testing users as well as for users that upgrade from
> stretch to buster. For users a Breaks is also required if the new
> OpenSSL just exposed an existing bug in the reverse dependency.
how is a versioned break helping anything? The minimal key limit, hash
and TLS version can be overriden via config file and this what is
causing the problems from what I can tell. So either the remote side
upgrades their things or the users enabled "lower security" mode.
Is there anything that skipped my mind?
Sebastian
More information about the Pkg-openssl-devel
mailing list