** Description changed: Merge openssl 1.1.1 from debian unstable. OpenSSL 1.1.1 is now out, with TLS1.3 support, and is the new upstream LTS release. Preserving existing delta: - Replace duplicate files in the doc directory with symlinks. - debian/libssl1.1.postinst: - + Display a system restart required notification on libssl1.1 - upgrade on servers. - + Use a different priority for libssl1.1/restart-services depending - on whether a desktop, or server dist-upgrade is being performed. + + Display a system restart required notification on libssl1.1 + upgrade on servers. + + Use a different priority for libssl1.1/restart-services depending + on whether a desktop, or server dist-upgrade is being performed. With further changes to diverge from Debian to: - Revert "Enable system default config to enforce TLS1.2 as a - minimum" & "Increase default security level from 1 to 2". + minimum" & "Increase default security level from 1 to 2". - Further decrease security level from 1 to 0, for compatibility with - openssl 1.0.2. + openssl 1.0.2. These mitigate most of the runtime incompatibilities, and ensure client<->server compatibility between 1.1.1, 1.1.0, and 1.0.2 series and thus one can continue to mix & match xenial/bionic/cosmic releases. - - Proposed package is in https://launchpad.net/~xnox/+archive/ubuntu/openssl with a rebuild of all the reverse dependencies. It demonstrates that openssl compiled as above is more compatible and has less issues than debian config, and has only a small fallout which is being analyzed right now. + Proposed package is in + https://launchpad.net/~xnox/+archive/ubuntu/openssl with a rebuild of + all the reverse dependencies. It demonstrates that openssl compiled as + above is more compatible and has less issues than debian config. There + are a few FTBFS, which are also present in cosmic-release; there are + some test-suite expectations mismatch (connectivity succeeds with tls1.3 + even though lower/different algos are expected); there are very little + connectivity tests thus connectivity interop are the biggest issues + which will be unavoidable with introducing 1.3.
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1793092 Title: [FFe] openssl 1.1.1 Status in openssl package in Ubuntu: New Bug description: Merge openssl 1.1.1 from debian unstable. OpenSSL 1.1.1 is now out, with TLS1.3 support, and is the new upstream LTS release. Preserving existing delta: - Replace duplicate files in the doc directory with symlinks. - debian/libssl1.1.postinst: + Display a system restart required notification on libssl1.1 upgrade on servers. + Use a different priority for libssl1.1/restart-services depending on whether a desktop, or server dist-upgrade is being performed. With further changes to diverge from Debian to: - Revert "Enable system default config to enforce TLS1.2 as a minimum" & "Increase default security level from 1 to 2". - Further decrease security level from 1 to 0, for compatibility with openssl 1.0.2. These mitigate most of the runtime incompatibilities, and ensure client<->server compatibility between 1.1.1, 1.1.0, and 1.0.2 series and thus one can continue to mix & match xenial/bionic/cosmic releases. Proposed package is in https://launchpad.net/~xnox/+archive/ubuntu/openssl with a rebuild of all the reverse dependencies. It demonstrates that openssl compiled as above is more compatible and has less issues than debian config. There are a few FTBFS, which are also present in cosmic-release; there are some test-suite expectations mismatch (connectivity succeeds with tls1.3 even though lower/different algos are expected); there are very little connectivity tests thus connectivity interop are the biggest issues which will be unavoidable with introducing 1.3. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
