On Thu, Aug 17, 2017 at 02:54:37PM +0300, Alexander Kanavin wrote: > On 08/17/2017 02:46 PM, Martin Jansa wrote: > > I meant "real-world" as builds for any products on the market (which are > > likely using one of the failing recipes) - e.g. in LGE we have many more > > failures over all internal components, so I'll just undo this openssl > > switch (renaming openssl_1.1 as openssl11 and openssl11_1.0 back as > > openssl_1.0 with PROVIDES openssl11). We won't be able to use > > openssl-1.1 for long time anyway, because there are some 3rd party > > component which are difficult (or expensive) to get rebuilt against new > > openssl ABI, but we might be interested in some other improvements in > > oe-core/master. > > Yes, this will work for you as a quick fix, but it is merely postponing > dealing with the issue properly to a later date. Make a plan for it and > keep in mind that openssl 1.0 goes out of upstream support at the end of > 2019. Given its history of major security vulnerabilities, it will be > removed from oe-core well before that time, so that it won't linger in > supported YP releases.
openssl 1.1 goes out of upstream support on 2018-08-31 _more than a year before_ 1.0.2 support, see: https://www.openssl.org/policies/releasestrat.html Version 1.1.0 will be supported until 2018-08-31. Version 1.0.2 will be supported until 2019-12-31 (LTS). Given its history of major security vulnerabilities, I hope you'll remove openssl-1.1.0 even sooner than openssl-1.0.2. Regards, -- Martin 'JaMa' Jansa jabber: martin.ja...@gmail.com
signature.asc
Description: Digital signature
-- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core