Control: severity -1 important On Sat, Dec 17, 2016 at 12:38:11PM +0100, Sebastian Andrzej Siewior wrote: > On 2016-12-14 19:21:07 [+0100], gregor herrmann wrote: > > Hm, a breaks with a binNUM version sounds at least inelegant. > > > > How about: > > libcrypt-openssl-pkcs10-perl: Depends: libcrypt-openssl-rsa-perl (>= 0.28-4) > > libcrypt-openssl-rsa-perl: Breaks: libcrypt-openssl-pkcs10-perl (<< 0.16-2) > > All perl's openssl deps are now built against libssl1.1 so the testsuite > problem is gone.
Right, thanks. I see the autopkgtest failure is gone as well. > It should not affect Jessie -> Stretch update because it > updates all packages and one of the perl packages will pull in libssl1.1. That's assuming all the rebuilt packages migrate into stretch so that none with libssl1.0.2 dependencies are left. Is anybody monitoring this? > So you could close this. > If you want to add Breaks: & Depends: be aware that this affects more or less > all perl package which are built against libssl because they seem to pass the > pointers from libssl around. I'm not very happy with just ignoring the partial upgrade issues but I can see it doing it all properly may not be worth the effort. OTOH this is probably not the last openssl ABI change we will see. One "proper" way to do this would be to introduce a perl-openssl-abi-1.1 virtual package that the others would depend on to make sure they are compatible with each other. Not sure who should provide this; it could be one of the existing binary packages (is there a "main" one?) or possibly a new separate one (perl-openssl-defaults?) (This is quite close to the perl-dbdabi-* thing we did for libdbi-perl et al., even though it turned out to be unnecessary after all as upstream backed out the ABI change that prompted it.) The gain from all this would be that incompatible builds couldn't be installed together, and normal britney dependency checks would then ensure that testing gets updated in one go. I'm downgrading the severity of this bug for now. Thoughts from other team members? For reference, here's a list of lib.*-perl packages depending on libssl1.*. I assume "only" the libcrypt-openssl-* ones are passing libssl pointers between them but I haven't checked. libcyrus-imap-perl liblasso-perl libcrypt-openssl-bignum-perl libcrypt-openssl-dsa-perl libcrypt-openssl-pkcs10-perl libcrypt-openssl-pkcs12-perl libcrypt-openssl-random-perl libcrypt-openssl-rsa-perl libcrypt-openssl-x509-perl libcrypt-smime-perl libcrypt-ssleay-perl libnet-ldns-perl libnet-ssleay-perl libnet-tclink-perl libpoe-filter-ssl-perl libsnmp-perl -- Niko Tyni nt...@debian.org