Hi, 2011/3/9 Kurt Roeckx <k...@roeckx.be>: > On Tue, Mar 08, 2011 at 11:11:15PM +0100, Jakub Wilk wrote: >> * Kurt Roeckx <k...@roeckx.be>, 2011-02-13, 00:27: >> >I would like to upload version 1.0.0(d) to unstable soon. It >> >changes soname, but as far as I know the API is still compatible >> >with the old one, and you should be able to rebuild everything >> >against the new version. >> >> Support for SSLv2 has been disabled in openssl 1.0.0c-2. We have a >> few dozens of packages in the archive that are not prepared for >> this: when rebuilt, they will either FTBFS or, worse, produce shared >> libraries with missing symbols. > > We really should stop using SSLv2. It was either making the > functions related to ssl 2 do nothing, and potentionally silently > breaking the applications, or just removing the related function > from the API and trying to make sure they fail on build and > hopefully catch most of the problems like that. > > I think I'll also change some of the header files so that no v2 > related things are defined or declared, since the define for it > doesn't seem to be used correctly everywhere. >
I confirm that some packages still use SSLv2[1][2]. I suggest that we do binNMU about openssl 1.0. [1]: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=620776 [2]: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=620777 Best regards, Nobuhirio -- Nobuhiro Iwamatsu iwamatsu at {nigauri.org / debian.org} GPG ID: 40AD1FA6 -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/banlktikuoo2-u8axkc3nn4zkjoj0xpy...@mail.gmail.com
