> On 24 May 2023, at 11:52, Michael Paquier <mich...@paquier.xyz> wrote: > > On Wed, May 24, 2023 at 11:36:56AM +0200, Daniel Gustafsson wrote: >> 1.0.2 is also an LTS version available commercially for premium support >> customers of OpenSSL (1.1.1 will become an LTS version as well), with 1.0.2zh >> slated for release next week. This raises the likelyhood of Postgres >> installations using 1.0.2 in production still, and for some time to come. > > Good point. Indeed, that makes it pretty clear that not dropping > 1.0.2 would be the best option for the time being, so 0001 would be > enough.
I think thats the right move re 1.0.2 support. 1.0.2 is also the version in RHEL7 which is in ELS until 2026. When we moved the goalposts to 1.0.1 (commit 7b283d0e1d1) we referred to RHEL6 using 1.0.1, and RHEL6 goes out of ELS in late June 2024 seems possible to drop 1.0.1 support during v17. I haven't studied the patch yet but I'll have a look at it. > I am wondering if we should worry about having a buildfarm member that > could test these binaries, though, in case they have compatibility > issues.. But it would be harder to debug without the code at hand, as > well. It would be nice it the OpenSSL project could grant us an LTS license for a buildfarm animal to ensure compatibility but I have no idea how realistic that is (or how much the LTS version of 1.0.2 has diverged from the last available public 1.0.2 version). -- Daniel Gustafsson
