[19.04 FEAT] Rebase openssl > 1.1.0
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| | Ubuntu on IBM z Systems |
Wishlist
|
Canonical Foundations Team | ||
| | openssl (Ubuntu) |
Wishlist
|
Skipper Bug Screeners | ||
Bug Description
Include latest version from upstream openssl > 1.1.0 when available
https:/
LP will be updated once available
| tags: | added: architecture-s39064 bugnameltc-161530 severity-high targetmilestone-inin1804 |
| Changed in ubuntu: | |
| assignee: | nobody → Skipper Bug Screeners (skipper-screen-team) |
| affects: | ubuntu → openssl (Ubuntu) |
| Steve Langasek (vorlon) wrote : | #1 |
| Changed in ubuntu-z-systems: | |
| importance: | Undecided → High |
| assignee: | nobody → Canonical Foundations Team (canonical-foundations) |
------- Comment From <email address hidden> 2017-12-11 05:05 EDT-------
1) If openSSL > 1.1.0 will not be included how should we address including backports to openSSL 1.0.2 h
2) Whether/how will Canonical support TLS 1.3
for the duration of the 18.04 LTS release.
We are preparing a statement, to outline our current possition w.r.t. openssl 1.1.1 and TLS 1.3.
Note, that TLS 1.3 is still in draft and active development as can be seen in https:/
And as far as I know, openssl upstream is holding up releasing next series until after TLS 1.3 is stable.
| Dimitri John Ledkov (xnox) wrote : | #4 |
Next openssl series is expected to be 1.1.1, however it is unknown if that will be released in time for inclusion into 18.04 LTS. Please see ubuntu-devel mailing list discussion detailing outstanding concerns with shipping 1.1.0 or later.
| Changed in ubuntu-z-systems: | |
| importance: | High → Wishlist |
| Changed in openssl (Ubuntu): | |
| importance: | Undecided → Wishlist |
| Changed in ubuntu-z-systems: | |
| status: | New → Triaged |
| Changed in openssl (Ubuntu): | |
| milestone: | none → later |
| summary: |
- [18.04 FEAT] Rebase openssl > 1.1.0 + [18.10 FEAT] Rebase openssl > 1.1.0 |
------- Comment From <email address hidden> 2018-01-17 07:16 EDT-------
Moved to 18.10,due to "not in time" availability
| tags: |
added: targetmilestone-inin1810 removed: targetmilestone-inin1804 |
Upgrade to OpenSSL 1.1.0 is in progress; upgrade to OpenSSL 1.1.1 is not expected to be available for 18.04 GA.
| Changed in openssl (Ubuntu): | |
| status: | New → Incomplete |
| Changed in ubuntu-z-systems: | |
| status: | Triaged → Incomplete |
| Dimitri John Ledkov (xnox) wrote : | #7 |
Please provide commit ids of the features required.
| Changed in openssl (Ubuntu): | |
| status: | Incomplete → Invalid |
| Changed in ubuntu-z-systems: | |
| status: | Incomplete → Invalid |
| summary: |
- [18.10 FEAT] Rebase openssl > 1.1.0 + [19.04 FEAT] Rebase openssl > 1.1.0 |
------- Comment From <email address hidden> 2018-08-30 05:51 EDT-------
Moved to 19.04, will not make it for 18.10.
| tags: |
added: targetmilestone-inin1904 removed: targetmilestone-inin1810 |
| Dimitri John Ledkov (xnox) wrote : | #9 |
18.10 has openssl 1.1.1 now.
| Changed in openssl (Ubuntu): | |
| status: | Invalid → Fix Released |
| Changed in ubuntu-z-systems: | |
| status: | Invalid → Fix Released |
| bugproxy (bugproxy) wrote : | #10 |
------- Comment From <email address hidden> 2018-10-23 05:54 EDT-------
Move from 19.04 -> 18.10. Fix Released .....
| tags: |
added: targetmilestone-inin1810 removed: targetmilestone-inin1904 |
| bugproxy (bugproxy) wrote : | #11 |
------- Comment From <email address hidden> 2018-10-23 07:09 EDT-------
IBM Bugzilla status-> closed, Fix Released in Cosmic
| information type: | Private → Public |
For awareness, this is currently at risk for 18.04 because openssl 1.1 introduces significant API incompatibility with openssl 1.0 that requires significant upstream porting work, and we do not intend to ship (and provide security support for) two separate upstream versions of openssl in main.