[Touch-packages] [Bug 2062167] Re: [FFe] openssl: post-3.0.13 changes from git

Mon, 22 Apr 2024 02:01:32 -0700 

As we discussed, sadly it's too late for this right now, considering
we're in Final Freeze for 24.04 (so only release-critical bugs). Let's
revisit as an SRU.

** Changed in: openssl (Ubuntu)
       Status: New => Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/2062167

Title:
  [FFe] openssl: post-3.0.13 changes from git

Status in openssl package in Ubuntu:
  Won't Fix

Bug description:
  I would like to have the most recent openssl version possible in
  Noble. For that I am requesting to upload all the commits in the
  openssl-3.0 branch that follow 3.0.13 which is already in the archive.

  I would like to include 3.0.14 afterwards if feasible. Having the most
  recent commits of the 3.0 branch will make that easier.

  I went through all commits since 3.0.13 at the end of January. I
  skipped a few which touch files that are not in the 3.0.13 release
  tarball (github CI stuff mostly) and edited one that touched such a
  file.

  There are only fixes. This is not surprising considering we are past
  the 13th patch release for openssl 3.0, and almost 3 years after 3.0
  was released.

  Changes are most usually backports which is a good thing as it means
  they are also tested in the other branches, including through 3.3, for
  which the .0 release was published a few days ago after weeks in
  beta/RC.

  There are a few behaviour tweaks, and that is why I want to get as
  close as possible to what 3.0.14 will be. The bigger one is
  ad6cbe4b7f57a783a66a7ae883ea0d35ef5f82b6: Revert "Improved detection
  of engine-provided private "classic" keys", which also states "The
  workaround has caused more problems than it solved."

  As I said, I went through all commits. All look safe to me. The
  question really boils down to whether we will include these fixes in
  Noble now or if we won't: there is only a very very small chance that
  any given change is SRU'ed afterwards.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2062167/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to