Hi, Fabian Grünbichler: > #828554 was originally filed because of missing OpenSSL 1.1.0 > compatibility for spice-gtk, and was fixed with an NMU including a > proposed patch as 0.33-3.1 . this patch has been replace upstream with > a patch series (current and probably final v2, see [1]).
> the original patch contained in >= 0.33-3.1 breaks a certain use case > (when compiled against libssl1.1.0) where Spice is using TLS only (see > [2,3] for details). building spice-gtk 0.33-3.2 with the old patch > replaced by the patch series fixes the issue. > attached you find the diff between the patch from #828554 and the v2, as > well as the complete patch series, according to upstream this should be > the final version. > 1: https://lists.freedesktop.org/archives/spice-devel/2017-January/034919.html > 2: https://lists.freedesktop.org/archives/spice-devel/2017-January/034932.html > 3: https://bugzilla.proxmox.com/show_bug.cgi?id=1243 I think we should include this in Stretch, instead of the patch applied in 0.33-3.1, so I intend to do what Fabian recommends in the NMU I've just mentioned on #797855. This should ease maintenance of this package once Stretch is stable :) I certainly wouldn't mind hearing what Liang Guo (as the maintainer) and Andrey Rahmatullin (who did the -3.1 NMU) think about it, but I won't block on it. Cheers, -- intrigeri
