rebuild against OpenSSL 1.1.1
Bug #1832616 reported by
Dimitri John Ledkov
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| erlang (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
| Bionic |
Invalid
|
Undecided
|
Unassigned | ||
| Cosmic |
Fix Released
|
Undecided
|
Unassigned | ||
| Disco |
Fix Released
|
Undecided
|
Unassigned | ||
| Eoan |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
[Impact]
* Erlang picks up 1.1.1 symbol dependencies when rebuilt against openssl 1.1.1
* As OpenSSL is published in bionic we should rebuild erlang against openssl 1.1.1
* This may fix any unknown runtime compatibilies between erlang compiled with 1.1.0 whist running against 1.1.1
E.g. it picks up RSA_pkey_
[Test Case]
* Check that erlang-crypto Depends on libssl1.1 (>= 1.1.1)
[Regression Potential]
* This rebuild will cause erlang to depend on a higher version of openssl.
[Other Info]
* Noticed / reported to me via IRC.
| Changed in erlang (Ubuntu Eoan): | |
| status: | New → Fix Released |
| Changed in erlang (Ubuntu Disco): | |
| status: | New → Fix Released |
| Changed in erlang (Ubuntu Cosmic): | |
| status: | New → Fix Released |
| Changed in erlang (Ubuntu Bionic): | |
| status: | New → Confirmed |
Revision history for this message
| Steve Langasek (vorlon) wrote | #1 |
| Changed in erlang (Ubuntu Bionic): | |
| status: | Confirmed → Invalid |
Revision history for this message
| Steve Langasek (vorlon) wrote Proposed package upload rejected | #2 |
To post a comment you must log in.
The rationale here is insufficient for an SRU, as is the test case. If there are "unknown runtime incompatibilities" between erlang built against openssl 1.1.0, and openssl 1.1.1 used at runtime, that is a bug in openssl and should not result in a rebuild of erlang.
If rebuilding erlang against openssl results in different code paths being used, then those need to be part of the test case, not merely checking that the new erlang-crypto ends up with a newer versioned library dep.
If rebuilding erlang against openssl 1.1.1 is necessary in order to either expose TLSv1.3 to erlang apps, or give erlang apps the ability to control TLS protocol negotiation, that needs to be spelled out in the rationale.