Bug#827061: transition: openssl

On 2017-02-22 00:46:56 [+0100], Emilio Pozuelo Monfort wrote: > Thanks. Investigating the rest would be good. I guess most of those are just > for So I made a list by the time I received that email I just managed to work through it. I check most of them manually but by the end of it I hacked

Bug#827061: transition: openssl

On 2017-02-22 00:46:56 [+0100], Emilio Pozuelo Monfort wrote: > > There are 78 packages in the unkown state. The first few I looked could > > actually have their libssl-dev dependency dropped. khtml is the first > > one which looked wrong. I will open a bug about that later. I didn't get > > any

Bug#827061: transition: openssl

On 22/02/17 00:28, Sebastian Andrzej Siewior wrote: > On 2017-01-28 19:37:09 [+0100], Julien Cristau wrote: >> At this point, it seems clear to me that we're getting nowhere fast. >> With the freeze looming in a few days, this is growing to be a very big >> risk for the stretch release. > > Where

Bug#827061: transition: openssl

On 2017-01-28 19:37:09 [+0100], Julien Cristau wrote: > At this point, it seems clear to me that we're getting nowhere fast. > With the freeze looming in a few days, this is growing to be a very big > risk for the stretch release. Where do we stand on the openssl transition from the perspective

Bug#827061: transition: openssl

JFTR cyrus-sasl2 should not fail with openssl 1.0, so I'll fix that quickly if needed. O. -- Ondřej Surý Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server Knot Resolver (https://www.knot-resolver.cz/) – secure, privacy-aware, fast DNS(SEC) resolver Vše pro

Bug#827061: transition: openssl

On 2017-02-01 22:18:07 [+0100], Sebastian Andrzej Siewior wrote: > Currently I am rebuilding testing with the same set of package against > libssl-dev provided by libssl1.0-dev. After that I retry the failed > packages above where I am not sure why they failed (mostly I suspect the > parallel)

Bug#827061: transition: openssl

On Thu, Feb 02, 2017 at 09:49:15PM +0100, Sebastian Andrzej Siewior wrote: > what is wrong with passing -j16 to sbuild? Other packages, that do not > support parallel building, don't do it. yeah, exactly. -- cheers, Holger signature.asc Description: Digital signature

Bug#827061: transition: openssl

On 2017-02-02 22:26:35 [+0200], Adrian Bunk wrote: > The kannel package does not claim to support parallel building. > > If you attempt parallel building on that, > then any build failures are your fault. what is wrong with passing -j16 to sbuild? Other packages, that do not support parallel

Bug#827061: transition: openssl

On Thu, Feb 02, 2017 at 09:09:56PM +0100, Sebastian Andrzej Siewior wrote: >... > > You can go to http://reproducible.debian.net/$srcpkgname and see for > > yourself > > whether they build fine in our environment. If they do, you can rule out > > "parallel" as causing this… > > I see. I looked

Bug#827061: transition: openssl

On 2017-02-02 16:54:08 [+], Holger Levsen wrote: > > I'm surprised to see that many packages failing to build in parallel, as we're > building everything in parallel and I dont remember such failures recentl.y So retried them with -j1 [0] and: - passed: boxbackup 0.11.1~r2837-4 erlang

Bug#827061: transition: openssl

On Wed, Feb 01, 2017 at 10:18:07PM +0100, Sebastian Andrzej Siewior wrote: > - boxbackup_0.11.1~r2837-4 > parallel issue? > - erlang 1:19.2.1+dfsg-1 > parallel issue? > - kannel 1.4.4-4 > parallel issue? > - kannel-sqlbox 0.7.2-4 > parallel issue? > - mailsync 5.2.2-3.1 > parallel? > -

Bug#827061: transition: openssl

On 2017-01-28 19:37:09 [+0100], Julien Cristau wrote: > At this point, it seems clear to me that we're getting nowhere fast. > With the freeze looming in a few days, this is growing to be a very big > risk for the stretch release. I rebuild testing, with the subset of: grep-dctrl -FDepends

Bug#827061: transition: openssl

On Sat, Jan 28, 2017 at 07:37:09PM +0100, Julien Cristau wrote: > On Sat, Jun 11, 2016 at 20:59:53 +0200, Kurt Roeckx wrote: > > > OpenSSL will soon release a new upstream version with a new > > soname. This new version will break various packages, see: > >

Bug#827061: transition: openssl

On Sat, Jun 11, 2016 at 20:59:53 +0200, Kurt Roeckx wrote: > OpenSSL will soon release a new upstream version with a new > soname. This new version will break various packages, see: > https://lists.debian.org/debian-devel/2016/06/msg00205.html > > I'm currently not sure when the release will be

Bug#827061: transition: openssl: Unrelated updates to rdep packages?

On 10/12/16 14:08, Christian Seiler wrote: > Hi, > > On 10/26/2016 10:55 AM, Emilio Pozuelo Monfort wrote: >> Control: tags -1 confirmed > > I have a quick question now that the transition is ongoing: is it OK > for me to upload a new version of open-isns (B-D: libssl-dev) that's > unrelated to

Bug#827061: transition: openssl: Unrelated updates to rdep packages?

Hi, On 10/26/2016 10:55 AM, Emilio Pozuelo Monfort wrote: > Control: tags -1 confirmed I have a quick question now that the transition is ongoing: is it OK for me to upload a new version of open-isns (B-D: libssl-dev) that's unrelated to this transition? (New upstream version, some debconf

Bug#827061: transition: openssl

On Thu, Dec 01, 2016 at 09:15:44PM +0100, Sebastian Andrzej Siewior wrote: > On 2016-12-01 00:52:59 [+0200], Adrian Bunk wrote: > > Wouldn't "depends on libssl1.0.2 and does not build-depend on libssl1.0-dev" > > give a reasonably small superset of all packages that need a binNMU? > > Do you mean

Bug#827061: transition: openssl

On 2016-12-01 00:52:59 [+0200], Adrian Bunk wrote: > Wouldn't "depends on libssl1.0.2 and does not build-depend on libssl1.0-dev" > give a reasonably small superset of all packages that need a binNMU? Do you mean something like is_affected = .depends ~ /libssl1\.0\.2/ & ! .build-depends ~

Bug#827061: transition: openssl

On Wed, Nov 30, 2016 at 07:43:36PM +0100, Sebastian Andrzej Siewior wrote: > On 2016-11-05 21:59:27 [+0100], Sebastian Andrzej Siewior wrote: > > I've been playing with ben. I tried a few things and this is the best I > > was able to achieve [0]: > > > > title = "openssl 1.0"; > > is_affected =

Bug#827061: transition: openssl

On 2016-11-05 21:59:27 [+0100], Sebastian Andrzej Siewior wrote: > I've been playing with ben. I tried a few things and this is the best I > was able to achieve [0]: > > title = "openssl 1.0"; > is_affected = .build-depends ~ /libssl1.0-dev/; > is_good = .depends ~ /libssl1.0.2/; > is_bad =

Bug#827061: transition: openssl - will both 1.0.x and 1.1.x be in Stretch?

Hi, I'm maintaining two packages affected by this transition. So far, I've just been monitoring the situation, as I share many of the concerns that have been raised on -devel. Is it an acceptable solution to instead build-depend on libbsl1.0-dev, downgrade the severity of the FTBFS with 1.1.0

Bug#827061: transition: openssl

On 2016-10-26 10:55:19 [+0200], Emilio Pozuelo Monfort wrote: > So let's do this. Let's try to get it finished and only ship openssl 1.1. We > still have three months until the full freeze, and depending on how many > packages (and which ones, for risk management etc) are left to be fixed after >

Bug#827061: transition: openssl

On Sun, Oct 30, 2016 at 10:18:32PM +0200, Adrian Bunk wrote: > > If everything that is important in 1.1.0 should be used by all > users of OpenSSL in stretch, then the best solution for stretch > is to ship only 1.0.2 and add all desired features there. And I guess you're going to add all those

Bug#827061: transition: openssl

Disclaimer: I am not a member of the release team, and I am only speaking for myself. On Sat, Oct 29, 2016 at 02:28:12AM +0200, Kurt Roeckx wrote: >... > I think the most important new security feature in the 1.1.0 > version is the extended master secret support. There are also a > bunch of

Bug#827061: transition: openssl

On Wed, Oct 26, 2016 at 10:55:19AM +0200, Emilio Pozuelo Monfort wrote: > Control: tags -1 confirmed > > On 25/10/16 20:09, Moritz Muehlenhoff wrote: > > On Wed, Oct 19, 2016 at 10:44:08PM +0200, Kurt Roeckx wrote: > >> On Mon, Oct 17, 2016 at 08:52:31PM +0200, Emilio Pozuelo Monfort wrote: > >>>

Bug#827061: transition: openssl

On Tue, Oct 25, 2016 at 08:09:06PM +0200, Moritz Muehlenhoff wrote: > On Wed, Oct 19, 2016 at 10:44:08PM +0200, Kurt Roeckx wrote: > > On Mon, Oct 17, 2016 at 08:52:31PM +0200, Emilio Pozuelo Monfort wrote: > > > > > > I'm sorry but I'm going to have to nack this for Stretch, as much as I > > >

Bug#827061: transition: openssl

On Wed, Oct 26, 2016 at 10:55:19 +0200, Emilio Pozuelo Monfort wrote: > So let's do this. Let's try to get it finished and only ship openssl 1.1. We > still have three months until the full freeze Hi, packages that currently FTBFS will be removed from testing in 2 weeks. The freeze deadline

Bug#827061: transition: openssl

On 2016-10-26 21:31:26 [+0200], Kurt Roeckx wrote: > > Is this situation > > supported or should we expect things to break? This can easily happen if an > > app > > links against a library libA which uses openssl 1.0, and against libB which > > uses > > openssl 1.1. > > When linking you

Bug#827061: transition: openssl

On Wed, Oct 26, 2016 at 08:53:56PM +0200, Emilio Pozuelo Monfort wrote: > > Adrian Bunk asked whether mixing both OpenSSL versions into the same address > space works fine. Is OpenSSL using symbol versioning? Yes, and all symbols have a different version name in 1.0.2 and 1.1.0. (What is

Bug#827061: transition: openssl

On 26/10/16 10:55, Emilio Pozuelo Monfort wrote: > Control: tags -1 confirmed > > On 25/10/16 20:09, Moritz Muehlenhoff wrote: >> On Wed, Oct 19, 2016 at 10:44:08PM +0200, Kurt Roeckx wrote: >>> On Mon, Oct 17, 2016 at 08:52:31PM +0200, Emilio Pozuelo Monfort wrote: I'm sorry but I'm

Bug#827061: transition: openssl

Control: tags -1 confirmed On 25/10/16 20:09, Moritz Muehlenhoff wrote: > On Wed, Oct 19, 2016 at 10:44:08PM +0200, Kurt Roeckx wrote: >> On Mon, Oct 17, 2016 at 08:52:31PM +0200, Emilio Pozuelo Monfort wrote: >>> >>> I'm sorry but I'm going to have to nack this for Stretch, as much as I like

Bug#827061: transition: openssl

On Wed, Oct 19, 2016 at 10:44:08PM +0200, Kurt Roeckx wrote: > On Mon, Oct 17, 2016 at 08:52:31PM +0200, Emilio Pozuelo Monfort wrote: > > > > I'm sorry but I'm going to have to nack this for Stretch, as much as I like > > to > > approve transitions and get new stuff in. I have looked at the

Bug#827061: transition: openssl

On Mon, Oct 17, 2016 at 08:52:31PM +0200, Emilio Pozuelo Monfort wrote: > > I'm sorry but I'm going to have to nack this for Stretch, as much as I like to > approve transitions and get new stuff in. I have looked at the opened bugs and > I'm afraid this still is too disruptive. I have noticed

Bug#827061: transition: openssl

Hi Kurt, On 12/10/16 22:47, Kurt Roeckx wrote: > On Sun, Sep 18, 2016 at 09:33:43PM +0200, Kurt Roeckx wrote: >> On Sat, Jun 11, 2016 at 09:42:59PM +0200, Kurt Roeckx wrote: >>> On Sat, Jun 11, 2016 at 09:31:17PM +0200, Emilio Pozuelo Monfort wrote: On 11/06/16 20:59, Kurt Roeckx wrote:

Bug#827061: transition: openssl

On Sun, Sep 18, 2016 at 09:33:43PM +0200, Kurt Roeckx wrote: > On Sat, Jun 11, 2016 at 09:42:59PM +0200, Kurt Roeckx wrote: > > On Sat, Jun 11, 2016 at 09:31:17PM +0200, Emilio Pozuelo Monfort wrote: > > > On 11/06/16 20:59, Kurt Roeckx wrote: > > > > OpenSSL will soon release a new upstream

Bug#827061: transition: openssl

On 2016-09-18 21:33:43 [+0200], Kurt Roeckx wrote: > > So OpenSSL 1.1.0 was released about 3 weeks ago. Since then we've now a month and a few days now. > been working on the key packages, to get them to build with > OpenSSL 1.1.0. You can see that status of that at: >

Bug#827061: transition: openssl

On Sat, Jun 11, 2016 at 09:42:59PM +0200, Kurt Roeckx wrote: > On Sat, Jun 11, 2016 at 09:31:17PM +0200, Emilio Pozuelo Monfort wrote: > > On 11/06/16 20:59, Kurt Roeckx wrote: > > > OpenSSL will soon release a new upstream version with a new > > > soname. This new version will break various

Bug#827061: transition: openssl

Re: Kurt Roeckx 2016-09-16 <20160916054549.2wjl4xzb2eyg6...@roeckx.be> > > do you expect the transition to be done for stretch? > > I really would like to have it in stretch. I don't want to have > the same situtation like we had with 1.0.2 that didn't make it it > to jessie. Nod, thanks for

Bug#827061: transition: openssl

On Thu, Sep 15, 2016 at 11:44:42PM +0200, Christoph Berg wrote: > Re: Kurt Roeckx 2016-06-11 <20160611194259.ga6...@roeckx.be> > > > > If I'm ready to upload it to unstable, can I start this > > > > transition? Are there things you want me to do? > > > > > > Please upload to experimental first

Bug#827061: transition: openssl

Re: Kurt Roeckx 2016-06-11 <20160611194259.ga6...@roeckx.be> > > > If I'm ready to upload it to unstable, can I start this > > > transition? Are there things you want me to do? > > > > Please upload to experimental first and let us know when that's happened. > > It's in experimental already.

Bug#827061: transition: openssl

On Sat, Jun 11, 2016 at 09:31:17PM +0200, Emilio Pozuelo Monfort wrote: > On 11/06/16 20:59, Kurt Roeckx wrote: > > OpenSSL will soon release a new upstream version with a new > > soname. This new version will break various packages, see: > >

Bug#827061: transition: openssl

On 11/06/16 20:59, Kurt Roeckx wrote: > OpenSSL will soon release a new upstream version with a new > soname. This new version will break various packages, see: > https://lists.debian.org/debian-devel/2016/06/msg00205.html > > I'm currently not sure when the release will be ready. I would >

Bug#827061: transition: openssl

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition Hi, OpenSSL will soon release a new upstream version with a new soname. This new version will break various packages, see: https://lists.debian.org/debian-devel/2016/06/msg00205.html