On Sun, Dec 22, 2013 at 02:45:32PM -0800, Josh Triplett wrote: > > It's not OK to break forward compatibility without changing SONAME. > Software built against an older version of a library must always work > with a newer version that has the same SONAME; that's what the SONAME > exists for. It'd be perfectly OK for software built against a newer > OpenSSL to refuse to work with an older version (ideally by requiring a > symbol the older library doesn't have), but the reverse is a bug, > regardless of the mechanism.
Openssl does not do this version check, nor does it suggest to do any such check. I think I've already filed this bug against openssh twice and it seems to be comming back. I don't see how openssl is breaking either forward or backward compatibility. It just changed the version it returned. Openssl can't be responible for whatever people do with that version. Openssl in Debian also properly maintains the soname, it has versioned symbols depending on the version that introduced the symbol. If openssh wants to refused to run with a newer version of openssl and you say that that is perfectly OK, I guess there is no bug at all here and I can just close this bug. Kurt -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org