Ubuntu
fetchmail package

Migration prevented due to "missing dep libssl-dev (>= 3.1.4)"

Bug #2052964 reported by Bryce Harrington
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
fetchmail (Ubuntu)
Fix Released
Low
Danilo Egea Gondolfo

Bug Description

fetchmail (6.4.37-1 to 6.4.38-1)

    Migration status for fetchmail (6.4.37-1 to 6.4.38-1): BLOCKED: Maybe temporary, maybe blocked but Britney is missing information (check below)
    Issues preventing migration:
    missing build on amd64: fetchmail (from 6.4.37-1)
    missing build on arm64: fetchmail (from 6.4.37-1)
    missing build on armhf: fetchmail (from 6.4.37-1)
    missing build on ppc64el: fetchmail (from 6.4.37-1)
    missing build on riscv64: fetchmail (from 6.4.37-1)
    missing build on s390x: fetchmail (from 6.4.37-1)
    arch:all not built yet, autopkgtest delayed
    Additional info:
    8 days old

The problem here is that openssl 3.1 is in Debian, however openssl 3.0 is preferred in Ubuntu since 3.0 is upstream's long term support release.

This new fetchmail 6.4.38 upstream release includes no substantive code changes or bug fixes, and in addition to the dependency version updates is mainly comprised of just documentation, translation, copyright date, and project metadata changes, which looks to me not crucial for us to include at this time.

So, given the openssl incompatibility I think we can skip this "6.4.38-1" release, and remove it from -proposed. If a new Debian or upstream release comes out prior to 24.04 release we can re-evaluate if it's worth pulling in (and patching the dependency issue if necessary) at that time.

Related branches

~danilogondolfo/ubuntu/+source/fetchmail:openssl_3_0
Bryce Harrington (community): Approve
git-ubuntu import: Pending requested
Diff: 32 lines (+11/-2)
2 files modified
debian/changelog (+8/-0)
debian/control (+3/-2)
Bryce Harrington (bryce)
tags: added: update-excuse
Revision history for this message
Matthias Andree (matthias-andree) wrote : Re: [Bug 2052964] [NEW] Migration prevented due to "missing dep libssl-dev (>= 3.1.4)"

Well, update SSL before release. It doesn't make sense to ship old
garbage for a release if upstream support with patchlevel updates, as
OpenSSL do.

However you should ship the translation updates -- if and only if Ubuntu
maintain libssl properly, it is feasible to (a) change the support
addresses in fetchmail's documentation, (b) add the GPL-mandated notes
that the code was modified, and (c) take responsibility for support, and
then finally (d) relax the version checks in the source code.

This is normal integration work for a distro, nothing special. Just if
you break it, or the underlying SSL library, I will not support it if
you modified it to work on outdated OpenSSL, which is what 6.4.38
strives to prevent.

(Of course you can also keep older versions in and I will send people
with outdated versions away, if Ubuntu prefer that disservice to
maintainers and community.)

Revision history for this message
Matthias Andree (matthias-andree) wrote :

Also note, that more importantly, it is not fetchmail itself that requires OpenSSL 3.1.
I have just successfully built - as expected - fetchmail 6.4.38 on FreeBSD 14.0-RELEASE, which uses OpenSSL 3.0.

$ FETCHMAILHOME=/tmp LC_ALL=C ./fetchmail -V | head -n20
This is fetchmail release 6.4.38+POP2+GSS+RPA+NTLM+SDPS+SSL-SSLv2-SSLv3+NLS.
Compiled with SSL library 0x300000c0 "OpenSSL 3.0.12 24 Oct 2023"
Run-time uses SSL library 0x300000c0 "OpenSSL 3.0.12 24 Oct 2023"
OpenSSL: OPENSSLDIR: "/etc/ssl"
Engines: ENGINESDIR: "/usr/lib/engines-3"

Copyright (C) 2002, 2003 Eric S. Raymond
Copyright (C) 2004 Matthias Andree, Eric S. Raymond,
                   Robert M. Funk, Graham Wilson
Copyright (C) 2005 - 2012 Sunil Shetye
Copyright (C) 2005 - 2024 Matthias Andree
Fetchmail comes with ABSOLUTELY NO WARRANTY. This is free software, and you
are welcome to redistribute it under certain conditions. For details,
please see the file COPYING in the source or documentation directory.
This product includes software developed by the OpenSSL Project
for use in the OpenSSL Toolkit. (http://www.openssl.org/)

Fallback MDA: (none)
FreeBSD vmfreebsd14.example.org 14.0-RELEASE-p3 FreeBSD 14.0-RELEASE-p3 #0: Mon Dec 11 04:56:01 UTC 2023 <email address hidden>:/usr/obj/usr/src/amd64.amd64/sys/GENERIC amd64
No mailservers set up -- perhaps /tmp/fetchmailrc is missing?
Taking options from command line

Bryce Harrington (bryce)
Changed in fetchmail (Ubuntu):
status: New → Incomplete
Revision history for this message
Danilo Egea Gondolfo (danilogondolfo) wrote :

As we are not going to update OpenSSL on Noble (https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2044795)

I created a merge request dropping the requirements to OpenSSL 3.0. According to the README.SSL file, fetchmail will work just fine.

Bryce Harrington (bryce)
Changed in fetchmail (Ubuntu):
status: Incomplete → Fix Committed
assignee: nobody → Danilo Egea Gondolfo (danilogondolfo)
importance: Undecided → Low
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package fetchmail - 6.4.38-1ubuntu1

---------------
fetchmail (6.4.38-1ubuntu1) noble; urgency=medium

  * debian/control: drop OpenSSL requirements to >= 3.0.10 (LP: #2052964)
    According to the README.SSL file it works just fine with 3.0 but will
    warn if it's < 3.0.13.

fetchmail (6.4.38-1) unstable; urgency=medium

  * New upstream release.
  * Use no for Rules-Requires-Root.

 -- Danilo Egea Gondolfo <email address hidden> Mon, 26 Feb 2024 09:45:36 +0000

Changed in fetchmail (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.