Public bug reported:
Merge openssl 1.1.1 from debian unstable.
OpenSSL 1.1.1 is now out, with TLS1.3 support, and is the new upstream
LTS release.
Preserving existing delta:
- Replace duplicate files in the doc directory with symlinks.
- debian/libssl1.1.postinst:
+ Display a system restart required notification on libssl1.1
upgrade on servers.
+ Use a different priority for libssl1.1/restart-services depending
on whether a desktop, or server dist-upgrade is being performed.
With further changes to diverge from Debian to:
- Revert "Enable system default config to enforce TLS1.2 as a
minimum" & "Increase default security level from 1 to 2".
- Further decrease security level from 1 to 0, for compatibility with
openssl 1.0.2.
These mitigate most of the runtime incompatibilities, and ensure
client<->server compatibility between 1.1.1, 1.1.0, and 1.0.2 series and
thus one can continue to mix & match xenial/bionic/cosmic releases.
Proposed package is in https://launchpad.net/~xnox/+archive/ubuntu/openssl with
a rebuild of all the reverse dependencies. It demonstrates that openssl
compiled as above is more compatible and has less issues than debian config,
and has only a small fallout which is being analyzed right now.
** Affects: openssl (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1793092
Title:
[FFe] openssl 1.1.1
Status in openssl package in Ubuntu:
New
Bug description:
Merge openssl 1.1.1 from debian unstable.
OpenSSL 1.1.1 is now out, with TLS1.3 support, and is the new upstream
LTS release.
Preserving existing delta:
- Replace duplicate files in the doc directory with symlinks.
- debian/libssl1.1.postinst:
+ Display a system restart required notification on libssl1.1
upgrade on servers.
+ Use a different priority for libssl1.1/restart-services depending
on whether a desktop, or server dist-upgrade is being performed.
With further changes to diverge from Debian to:
- Revert "Enable system default config to enforce TLS1.2 as a
minimum" & "Increase default security level from 1 to 2".
- Further decrease security level from 1 to 0, for compatibility with
openssl 1.0.2.
These mitigate most of the runtime incompatibilities, and ensure
client<->server compatibility between 1.1.1, 1.1.0, and 1.0.2 series
and thus one can continue to mix & match xenial/bionic/cosmic
releases.
Proposed package is in https://launchpad.net/~xnox/+archive/ubuntu/openssl
with a rebuild of all the reverse dependencies. It demonstrates that openssl
compiled as above is more compatible and has less issues than debian config,
and has only a small fallout which is being analyzed right now.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
