[Pkg-openssl-devel] Bug#908567: libssl 1.1.1 TLS_MAX_VERSION ABI breakage

Adrian Bunk bunk at debian.org
Tue Sep 11 10:57:17 BST 2018


Control: severity 908567 serious
Control: severity 907774 serious
Control: block 907774 by 908567

On Tue, Sep 11, 2018 at 11:00:00AM +0200, Jan-Marek Glogowski wrote:
> Package: libssl1.1
> Version: 1.1.1~~pre9-1
> Severity: important
> 
> I'm on buster and with the latest updates from yesterday came qtbase-opensource-src 5.11.1+dfsg-7
> and SSL started to fail in Qt5 programs. This was reported in bug 907774 ~ 2 weeks ago.
> 
> Basically libssl 1.1.1 (in whatever 1.1.1 version - my guess is 1.1.1~~pre9-1 from the changelog)
> changed the definition of TLS_MAX_VERSION from TLS1_2_VERSION to TLS1_3_VERSION, which will start to
> break all software in buster using that symbol, until libssl1.1 moves to buster.

I'd say that at least for the SSL_CTX_ctrl() symbol the created 
dependency has to be increased.

Raising the severity of both bugs to RC to make the problem more visible,
and to avoid further duplicate bugs.

Since the new OpenSSL won't enter buster anytime soon, the reasonable 
short-term workaround for testing would be an upload to use 
TLS1_2_VERSION instead of TLS_MAX_VERSION in qtbase-opensource-src.

cu
Adrian

-- 

       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed



More information about the Pkg-openssl-devel mailing list