[Pkg-openssl-devel] Bug#983722: Bug#983722: libssl1.1: drop upgrade support from old-old-old-stable from maintainer script

[Helmut Grohne]

Hi Kurt,

On Sun, Feb 28, 2021 at 09:48:04PM +0100, Kurt Roeckx wrote:
> I think you at least misunderstand the purpose of the script, but
> we've also not used it in a very long time.

I think I do understand the purpose, but it does not presently serve the
stated purpose. Given that the checked version is so ancient, it is
effectively dead code.

> It's meant to restart all services that make use of openssl when a
> security update is released. I guess I switched to "checkrestart"
> myself, so never had the need to use it myself anymore.

That or needrestart. I don't think that the general expectation these
days is that upgrading a library restarts affected services. Exceptions
to this rule include nss (libc6) and pam updates as failing to restart
services can result in them becoming dysfunctional. For most other
cases, an external checker is the recommended best practice.

Unless you wish to reactivate this code with a current version, I think
it should be deleted. If you do, please close this bug with a wontfix
tag.

Helmut