Re: [arch-dev-public] OpenSSL 1.1.0
On Thu, Feb 23, 2017 at 10:29:17PM +0100, Christian Hesse wrote: > > I will push the first set of packages to [staging]. Please avoid doing > > other rebuilds until this one is done. > > Are you interested in details? FWIW, Debian stretch has openssl 1.1.0, so I guess they had to adapt lots of packages. > Mariadb is still unsolved. There is a ticket in upstream jira [0] but it does > not carry anything useful. There's a reference for a review, but I could not > find the patch in mail archive. Will try to contact the developers and > express our interest... The debian package uses `-DWITH_SSL=bundled` [1] to avoid linking with the system-wide openssl. Not a great solution, though. > Mupdf is a burden to maintain due to build system, bundled libraries and > static linking. Looks like upstream is not yet interested in openssl 1.1.0... > As I do not use it currently this will move to [community] if no one > steps up. Can't you just drop the dependency on openssl? What is it used for? As far as I can tell, Debian does not build mupdf against openssl: root@stretch:~# apt show mupdf Package: mupdf Version: 1.9a+ds1-4 Depends: libc6 (>= 2.15), libfreetype6 (>= 2.6), libharfbuzz0b (>= 0.9.11), libjbig2dec0 (>= 0.11), libjpeg62-turbo (>= 1.3.1), libopenjp2-7 (>= 2.0.0), libx11-6, libxext6, zlib1g (>= 1:1.2.0) root@stretch:~# ldd /usr/lib/mupdf/mupdf-x11 | grep ssl root@stretch:~# ldd /usr/lib/mupdf/mupdf-x11 | grep crypto root@stretch:~# I just tested building the package without openssl support (I had to patch out references to openssl and libcrypto from Makerules, since openssl is part of the base chroot when building), and it seems to work fine. Baptiste [1] https://packages.debian.org/stretch/libmariadbclient18 signature.asc Description: PGP signature
Re: [arch-dev-public] OpenSSL 1.1.0
El Thu, 23 Feb 2017 22:29:17 +0100, Christian Hesse escribió: > Mariadb is still unsolved. There is a ticket in upstream jira [0] but it > does not carry anything useful. There's a reference for a review, but I > could not find the patch in mail archive. Will try to contact the > developers and express our interest... In the meantime, is temporarily switching to internal yassl (as Debian does) an option? This is blocking all Qt rebuilds (which will also be a pain themselves), so it would be nice to have a build in staging soonish.
Re: [arch-dev-public] OpenSSL 1.1.0
Pierre Schmitzon Sat, 2017/02/11 09:32: > On 29.01.2017 21:49, Pierre Schmitz wrote: > > Hi, > > > > I'd like to propose a migration to OpenSSL 1.1. The update comes with > > ABI and API changes. Every linked packages needs to be rebuild. There > > will likely be broken packages. Once the protobuf* rebuild has left > > the [staging] repo I would like to upload a first set of OpenSSL 1.1 > > packages. > > > > I have created a todo list of packages that either have a direct > > dependency on openssl or link to libssl.so.1.0.0 or > > libcrypto.so.1.0.0: > > https://www.archlinux.org/todo/openssl-110-rebuild/ > > I will push the first set of packages to [staging]. Please avoid doing > other rebuilds until this one is done. Are you interested in details? I have a working version of openvpn, but it requires heavy patching. I will wait for version 2.4.1 which has a lot of preparation (and with some luck is ported completly). Will push an openssl rebuild then. If anybody is interested... Raise your hands and let me know, I can provide packages for testing. Mariadb is still unsolved. There is a ticket in upstream jira [0] but it does not carry anything useful. There's a reference for a review, but I could not find the patch in mail archive. Will try to contact the developers and express our interest... Mupdf is a burden to maintain due to build system, bundled libraries and static linking. Looks like upstream is not yet interested in openssl 1.1.0... As I do not use it currently this will move to [community] if no one steps up. [0] https://jira.mariadb.org/browse/MDEV-10332 -- main(a){char*c=/*Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/*Best regards my address:*/=0;b=c[a++];) putchar(b-1/(/*Chriscc -ox -xc - && ./x*/b/42*2-3)*42);} pgpwfhRpfg3L2.pgp Description: OpenPGP digital signature
Re: [arch-dev-public] Away on business next week
Dave Reisneron Thu, 2017/02/23 10:53: > - core/curl: new release 7.53.0, but expect 7.53.1 in the next few days. > keep in mind there's an openssl rebuild in staging that complicates > this. I took responsibility for this one. > - core/systemd: expecting v233 to be released some time early next week. > I sort of don't want to be a part of this impending shitfest, even > after I return. As of right now, it's been 111 days and 1109 commits > since the last release. Expect bugs. I wouldn't package this right > away. Yeah, let's see what breaks this time... :-P -- main(a){char*c=/*Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/*Best regards my address:*/=0;b=c[a++];) putchar(b-1/(/*Chriscc -ox -xc - && ./x*/b/42*2-3)*42);} pgpsIPKmPBoNl.pgp Description: OpenPGP digital signature
Re: [arch-dev-public] Away on business next week
On 02/23/2017 11:53 PM, Dave Reisner wrote: > - core/util-linux: maintenance release, 2.29.2. Don't forget to bump > multilib/lib32-util-linux if you touch this. Bumped for CVE-2017-2616. -- Regards, Felix Yan signature.asc Description: OpenPGP digital signature