Your message dated Mon, 31 Dec 2018 01:30:19 +0300
with message-id <[email protected]>
and subject line The bug was fixed in the 1.3.4-1
has caused the Debian Bug report #903878,
regarding rhash: unsatisfiable recommends: libssl1.0.0 (>= 1.0.0)
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
903878: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903878
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: rhash
Version: 1.3.3-1+b2
Severity: important
Hi,
Your package seems able to dlopen various versions of libcrypto, and it
has a Recommends accordingly.
In stretch, librhash/plug_openssl.c has:
| void* handle = dlopen("libcrypto.so", RTLD_NOW);
| if (!handle) handle = dlopen("libcrypto.so.1.0.0", RTLD_NOW); /*
hotfix */^M
| if (!handle) handle = dlopen("libcrypto.so.0.9.8", RTLD_NOW);
with:
| Recommends: libssl1.0.0 (>= 1.0.0)
In git:
| void* handle = dlopen("libcrypto.so", RTLD_NOW);
| if (!handle) handle = dlopen("libcrypto.so.1.1", RTLD_NOW);
| if (!handle) handle = dlopen("libcrypto.so.1.0.2", RTLD_NOW);
| if (!handle) handle = dlopen("libcrypto.so.1.0.0", RTLD_NOW);
| if (!handle) handle = dlopen("libcrypto.so.0.9.8", RTLD_NOW);
with:
| Recommends: libssl1.1 | libssl1.0.2 | libssl1.0.0
The git version seems fine as the first two are available, even if the
last one isn't. The stretch version doesn't seem reasonable though,
since it only knows about libssl1.0.0, which isn't available in stretch
(it was last seen in jessie).
This makes tools like aptitude report issues due to unmet recommends.
Not entirely sure it's worth fixing though (is adding another dlopen
call with a different filename and adding an alternative recommends
sufficient?). You might want to check with the release team.
Cheers,
--
Cyril Brulebois ([email protected]) <https://debamax.com/>
D-I release manager -- Release team member -- Freelance Consultant
--- End Message ---
--- Begin Message ---
Package: rhash
Version: 1.3.4-1
The bug was fixed in the rhash 1.3.4-1 [1]. As result it is fixed in the
current testing (the future buster).
The release team showed no interest to fix it in the stretch [2], especially
when buster release is comming.
[1]
https://github.com/rhash/RHash/commit/8c7078393690674da67d3c639384d446c3b02dee
[2] https://lists.debian.org/debian-release/2018/11/msg00259.html
--- End Message ---
