On 2016-11-15 20:22:10 [+0100], Stefan Fritsch wrote: > Hi again, Hi, > On Saturday, 12 November 2016 07:51:40 CET Stefan Fritsch wrote: > > If these two packages cannot transition to openssl 1.1.0 before apache2 > > does, I suggest that you build with openssl 1.0.2 explicitly and then > > downgrade the bugs and unlink them from the transition bug. I don't have > > much hope that apache2 will transition in time for stretch release. > > since there is now some discussion about this on debian-devel and debian- > release, maybe you should wait a bit with any actions.
is there a reason for gridsite not to go for 3.0 (or backport the change) and libssl-dev? Apache stays 1.0 but does not expose anything SSL related (unless I read #828236 too quick). > Cheers, > Stefan Sebastian
