Control: severity -1 important On Wed, Dec 07, 2016 at 11:19:20PM +0100, Petter Reinholdtsen wrote: > Given that cfengine2 no longer get any upstream development, as far as I know, > I guess the easiest and most sensible way to fix this is to build with > libssl1.0-dev for now. If cfengine2 is still needed in Stretch+1 someone > should > consider to port the code to openssl 1.1. > > Debian Edu still uses cfengine2, and would very much like to see it still > available in Stretch. > > If this patch is applied, this BTS report should have its severity lowered to > important or normal. > > diff -ur cfengine2-2.2.10/debian/control cfengine2-2.2.10-pere/debian/control > --- cfengine2-2.2.10/debian/control 2016-08-21 08:24:15.000000000 +0000 > +++ cfengine2-2.2.10-pere/debian/control 2016-12-07 22:14:28.911881217 > +0000 > @@ -3,7 +3,7 @@ > Priority: optional > Maintainer: Antonio Radici <anto...@debian.org> > Build-Depends: debhelper (>= 7.0.50), autoconf, automake, autotools-dev, > - bison, dh-autoreconf, flex, libdb-dev, libssl-dev, libtool, perl (>= 5), > + bison, dh-autoreconf, flex, libdb-dev, libssl1.0-dev, libtool, perl (>= 5), > po-debconf, texinfo, quilt, libselinux1-dev [linux-any] > Standards-Version: 3.9.8 > Homepage: http://www.cfengine.org/
I concur with this assessment, I'll downgrade the severity of this bug to important, unfortunately there is no upstream development of cfengine2, Peter has submitted a patch to modify the dependency for 2.2.10-7. If I have time I might consider to patch it for 1.1 (I did it for cfengine3 in the past).
