Hello, On Mon, Jul 13, 2026 at 12:32 PM Sylvain Beucler <[email protected]> wrote: > > Let me know if you have any other questions or concerns. > > It's great that people at wolfSSL can provide fixes for bookworm :) > > Note that we had to mark wolfssl for bookworm as end-of-life ~1.5 month ago: > https://salsa.debian.org/debian/debian-security-support/-/blob/master/security-support.deb12 > > "wolfssl non-supported 5.5.4-2+deb12u2 Crypto library difficult to > support in the longterm; see: https://bugs.debian.org/1138294" > > We might revert/postpone this decision if there's upstream interest to > maintain wolfssl 5.5/bookworm. What are your plans?
I had a similar thought while replying to Jacob and Bastian. I think it's reasonable for these two things to coexist. Even if wolfSSL remains marked as end-of-life, we could still provide occasional one-off fixes for sufficiently serious security issues when someone is willing to do the work. Of course, it would be even better if upstream is able to commit to providing fixes regularly. Depending on their response and level of commitment, I think we could keep the package EOL'd for now, continue to accept occasional fixes, and see how that works in practice. If that proves sustainable over the course of a few updates, we could then consider moving wolfSSL to limited-support, perhaps? My main concern is avoiding a situation where we reverse the EOL decision prematurely, only to discover later that the LTS team can't realistically guarantee ongoing support and have to mark it EOL again. Thoughts? - u
