= phenomenon = The initial build of openssl for the security fixes yesterday broke the ABI by dropping sslv2 support completely. rather than building it in but having it disabled. resulting in everything using openssl failing to work.
= background analysis = it is a significant change, but one I think all people can agree is the future.
= implementation recommendation =
we recommend that openssl drop completely sslv2 and sslv3 from openssl and rebuild everything linking to openssl in rawhide. with the possibility to backport to f24 depending on how big a task it is.
Replying to [ticket:1556 ausil]:
Slightly confused that you're asking FESCo to ask the maintainer to do something they already did and then were told not to do? Or?
Can you clarify the interaction that went on with the update further?
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1f15fef6d4 is the update.
the maintainer did a new build today adding back sslv2 which keeps the ABI. I think FESCo should proactively say that we do not want sslv2 or sslv3 available in the distro. even if you have to jump through hoops to get it.
My understanding from the bug ( https://bugzilla.redhat.com/show_bug.cgi?id=1313509 ) is that the maintainer(s) want to wait now for the 1.1.0 betas (in f25 timeframe) and do just one abi break there (and have a copr before hand so people can fix code issues up).
I guess there is nothing to do here for us. plans are already underway. sorry for the noise
Login to comment on this ticket.