Your message dated Thu, 21 Jun 2018 15:03:58 +0000 with message-id <e1fw17u-0005xm...@fasolo.debian.org> and subject line Bug#882615: fixed in cl-plus-ssl 20180328-2 has caused the Debian Bug report #882615, regarding cl-plus-ssl: Please migrate to openssl1.1 in Buster to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 882615: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882615 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: cl-plus-ssl Version: 20170630-1 Severity: serious Tags: sid buster User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1-trans Control: block 871056 by -1 Please migrate to libssl-dev in the Buster cycle. I am very sorry for this late report but this package was never on my list. It slipped because it never B-D on libssl1.0-dev and it builds perfectly fine against libssl1.1. I have actually no idea why the package in archive links against libssl1.0.2 because it B-D on libssl-dev and if I rebuild then it depends on libssl1.1 instead. If you move torvards libssl1.1 you should make sure it loads libssl1.1 and not "just" libssl1.0.2. Function wise: SSL_library_init() and a few other macros towards "OPENSSL_init_ssl(0, NULL)" so "normal" C will work but if nim is accessing the functions directly then it will fail. SSLv23_client_method() and friends are also macros. 1.1 Code should use TLS_client_method() instead. Functions like TLSv1_method() should be avoided because they give you _only_ TLSv1 and _never_ TLSv1.1, and/or TLSv1.2 like SSLv23_client_method(). If you want to exclude a certain TLS version you should use something like SSL_OP_NO_TLSv1 to disable TLSv1 only (and keep other version like v1.1 and v1.2 around). Data strucures. All structures are opaque and you need to tell libssl to allocate it and free it (especially in crypto code). I can't tell if you dereference them, I can't read lisp. A larger collection of what changed in OpenSSL 1.0.2->1.1 is at https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes Sebastian
--- End Message ---
--- Begin Message ---Source: cl-plus-ssl Source-Version: 20180328-2 We believe that the bug you reported is fixed in the latest version of cl-plus-ssl, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 882...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sébastien Villemot <sebast...@debian.org> (supplier of updated cl-plus-ssl package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 21 Jun 2018 16:26:56 +0200 Source: cl-plus-ssl Binary: cl-plus-ssl Architecture: source Version: 20180328-2 Distribution: unstable Urgency: medium Maintainer: Debian Common Lisp Team <debian-common-l...@lists.debian.org> Changed-By: Sébastien Villemot <sebast...@debian.org> Description: cl-plus-ssl - Common Lisp interface to OpenSSL Closes: 882615 Changes: cl-plus-ssl (20180328-2) unstable; urgency=medium . * Move maintenance to Debian Common Lisp Team. Thanks to Dimitri Fontaine for his work. * Update Vcs-* fields for move to salsa * Use secure URL for Homepage * Bump to debhelper compat level 11 * Remove B-D on dh-lisp * Simplify d/rules * Ship README.md and todo.txt * Add missing Depends on cl-alexandria and cl-trivial-features * Remove unused lintian overrides * Various fixes to d/copyright * Bump S-V to 4.1.4 * Add watch file * Register manual to doc-base * Ship the testsuite + add cl-fiveam and cl-usocket to Recommends + no-coreralls.patch: remove useless ASDF-dependency on cl-coveralls * openssl-1.1.patch: new patch, various compatibility fixes with OpenSSL 1.1 (Closes: #882615) * add an autopkgtest that runs the testsuite on sbcl, ecl and clisp. ecl-failing-tests.patch: new patch, disables tests that use the network on ECL, probably due to a problem in cl-usocket. Checksums-Sha1: 6c143a5feb860332ef44e8739e7ad0a2d57377a3 2074 cl-plus-ssl_20180328-2.dsc d2b2c2fa45e2ca2b40c445f295adfad2da9d6dce 6096 cl-plus-ssl_20180328-2.debian.tar.xz 5b10563989bcecb236fcbffab424b4c7a6fec54f 5562 cl-plus-ssl_20180328-2_amd64.buildinfo Checksums-Sha256: 62d9654862be2aa93deadd0527d7848c35e4ede5c2adbee687c29657c78cb47e 2074 cl-plus-ssl_20180328-2.dsc 7e26638f7b2c307add8df5683cd5736c0fd53a926ed29a3ce2ef9e243c960e61 6096 cl-plus-ssl_20180328-2.debian.tar.xz 540e0033bf7b8d31419d9c27734e4b3ac8201f063a88d20f68cc45d6e8b4f8e4 5562 cl-plus-ssl_20180328-2_amd64.buildinfo Files: 0e4b1d6de9aa46668af575b776d57da6 2074 lisp optional cl-plus-ssl_20180328-2.dsc 82ee7324a6c533c5503d766707970e28 6096 lisp optional cl-plus-ssl_20180328-2.debian.tar.xz e800dda6e9b1ec379258cb6c230ba61e 5562 lisp optional cl-plus-ssl_20180328-2_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEU5UdlScuDFuCvoxKLOzpNQ7OvkoFAlsrt40ACgkQLOzpNQ7O vkrSoA//UJsD0jO8vYYEyqzRd6EtcsOs76AiKCHms+yamY3RmQrBHO9PJKp+jdLD FFsw2osGVUzdXaZ7zgyS1uyo3HEFvSfgEgQ5XqFdpEUiOk401B+BEdhxpIttEzrv 97956aCye4b6VVFsT7j5SWDotz/EgFntRnweEDPCHo/X4fD8+OEVqdr1SsO/rtZV upcDlvZGL43zcygV1aZT59tYr4S6En8mLGhRlNXjyC59AQPeHcXLJdtd4f9N1are iNGbK2R7BADVCV0BHYIX6C/2iZnSedRMfpXCnGS3atFUoi/9+2uG5WFAXZ/dJlne Ep0tGKK2uQbmPfZme6lS36f+jVVfvE1WgJNsWjymQHlTIU9vkoQBlWiYzMsQ4NYR VQGALJX8fMfDa2i7oLQogYOvg30vGGJMsGAszvVOEeF+XVz+nbzCRX0zHydgRo68 so8oaYp349cub3FeSHOrSOIbQWmhC1tR9cMf3BJxXlXRPilSp0vvnLbkpxthidFv VFpXupj1c1BqTjWIZq2bRIgqk1asUga7xotdiqYPumcHJBMEkfvVRIN3pofM02WT 7k8b5rcD2dHmT9Ai2y5agXF1kb6E1zm4buq+n1hQuMsvmzb6T0oaZfTtIC+68l2U vKr9DMDa/AL8+DgSZNrZf2UCAC/xmjv942tcHawdfsxqjusVw5E= =lt1r -----END PGP SIGNATURE-----
--- End Message ---
