Backporting to stretch: OpenSSL versions mix
Etienne Dysli Metref
etienne.dysli-metref at switch.ch
Thu Mar 21 08:05:19 GMT 2019
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 20/03/2019 22.29, wferi at niif.hu wrote:
> Feel free to remove the mentors uploads, I don't use them.
Ok, deleted.
> We don't need bpo9+2 versions anyway, because bpo9+1 weren't
> uploaded officially.
Yeah, this makes sense. (I went with +2 because I had already pushed a
changelog with +1.)
> I continued your work from before the changelog update in the new
> branch wferi/debian/stretch-backports in the xml-security-c Salsa
> repo. It contains an untested patch to make BN_bn2binpad()
> available under OpenSSL 1.0, so that it builds at least.
In order to exercise this patch, would there be a simpler meaningful
test than building the whole SP and trying it?
In 36577efb, you used `libssl1.0-dev (>= 1.0.1)` while other packages
(xmltooling in debian/stretch for example) have `libssl1.0-dev |
libssl-dev (<< 1.1.0~)`. The latter looks safer, but is it really better
?
Etienne
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEELcQv7Fsn8jFmeD9mw2QssxGaOsAFAlyTRbkACgkQw2QssxGa
OsCkJg//cX1/BzSTNmvf8cXgbNqy2ZrUGm+YX8uVlz0VZjnDQpJsEt2iSSKpYQsC
uf5Nl3zRS3ny94JdzqnZsJdaRRElppfhu507XlqY7+xla+LRcHRX0GVP8ob+o8Ee
EiclC2G9geEFPClr4mxOecn85x4MYOTGWJ3Jy72OOEvWpYoTzpfUVSglxXW+HGIq
r1oIkzqkLFf84OPmT+RF0zGGwfu9L45bX43S1RdGstX835ky6gj2da3AHmYJlsTZ
0azgDwcnn2HLtxa3V2DcMcmIc06sOW+ShtfEOXGQ+lvu67HZdRNBDuTBBP1dcssX
1LRDOna5pmPyegj+t8eGGFSMR3IgvSsG1GcQQPwePhwmNtUiSTbhBAG54XiOBxGp
mxK9EAVzA13Bh8yhFXin9KbD+8EN8YAgp//3g3StOFnA6A6dQfI96qYRcl1+caD0
3OSXK1YcETzZEaIc5fLnwcHgUUtsMYIV6e1/d4X9JwBw46v+dWdnbvOPJhcLT6cB
SmDUrS7fhDNfsuIiiLd2kqVSB5S2G9IdPtuCPjireRfVwJUi+JP8b35cWg65O0XP
3dUe/WuO4niZsdr5LBLAzMe3w/NFNb/mRXWzvyX99wdEiysd5JhjU6oemamNgl/1
nWsf+3NuUkMZNNfpQyvrDhnVXEMJNOX43dvUUyyS+36UVpCETc4=
=Rae7
-----END PGP SIGNATURE-----
More information about the Pkg-shibboleth-devel
mailing list