[Pkg-openssl-devel] Bug#965041: Bug#965041: closed by Debian FTP Masters <ftpmaster at ftp-master.debian.org> (reply to Sebastian Andrzej Siewior <sebastian at breakpoint.cc>) (Bug#965041: fixed in openssl 3.3.1-5)

[Colin Watson]

On Wed, Aug 14, 2024 at 07:57:25PM +0200, Sebastian Andrzej Siewior wrote:
> I'm sorry if this is causing trouble. I splitted the legacy provider out
> and added a Recommends: assuming that it is pulled in by default. It did
> not pop on the debci.

Presumably because it mostly affects indirect dependencies.

> Is this causing enough trouble that you would say it needs a Depends:
> until this is resolved?

Well, so far I've had to add the environment variable to openssh,
incremental, and twisted just so that I could get on with other things.
But I have no real idea right now how much else might be affected.

Maybe it's worth you filing an issue on
https://github.com/pyca/cryptography/issues to let cryptography upstream
know about the problem?  That way you could explain the change and
discuss whether it makes sense to change cryptography to match the
Debian-specific layout here, or whether it makes sense to change Debian
in some other way.

A minimal reproducer on unstable is to install python3-cryptography and
remove openssl-provider-legacy, then run "python3 -c 'import
cryptography.hazmat.bindings.openssl.binding'".  ('import OpenSSL' also
fails, and is probably the most common way that packages will run into
this.)

Thanks,

-- 
Colin Watson (he/him)                              [cjwatson at debian.org]