On 2016-11-15 20:22:10 [+0100], Stefan Fritsch wrote:
> Hi again,
> On Saturday, 12 November 2016 07:51:40 CET Stefan Fritsch wrote:
> > If these two packages cannot transition to openssl 1.1.0 before apache2
> > does, I suggest that you build with openssl 1.0.2 explicitly and then
> > downgrade the bugs and unlink them from the transition bug. I don't have
> > much hope that apache2 will transition in time for stretch release.
> since there is now some discussion about this on debian-devel and debian-
> release, maybe you should wait a bit with any actions.
is there a reason for gridsite not to go for 3.0 (or backport the
change) and libssl-dev? Apache stays 1.0 but does not expose anything
SSL related (unless I read #828236 too quick).