[19.04 FEAT] Rebase openssl > 1.1.0

Bug #1737158 reported by bugproxy on 2017-12-08
16
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu on IBM z Systems
Wishlist
Canonical Foundations Team
openssl (Ubuntu)
Wishlist
Skipper Bug Screeners

Bug Description

Include latest version from upstream openssl > 1.1.0 when available
    https://www.openssl.org/policies/releasestrat.html

LP will be updated once available

bugproxy (bugproxy) on 2017-12-08
tags: added: architecture-s39064 bugnameltc-161530 severity-high targetmilestone-inin1804
Changed in ubuntu:
assignee: nobody → Skipper Bug Screeners (skipper-screen-team)
affects: ubuntu → openssl (Ubuntu)
Steve Langasek (vorlon) wrote :

For awareness, this is currently at risk for 18.04 because openssl 1.1 introduces significant API incompatibility with openssl 1.0 that requires significant upstream porting work, and we do not intend to ship (and provide security support for) two separate upstream versions of openssl in main.

Changed in ubuntu-z-systems:
importance: Undecided → High
assignee: nobody → Canonical Foundations Team (canonical-foundations)

------- Comment From <email address hidden> 2017-12-11 05:05 EDT-------
1) If openSSL > 1.1.0 will not be included how should we address including backports to openSSL 1.0.2 h

2) Whether/how will Canonical support TLS 1.3
for the duration of the 18.04 LTS release.

We are preparing a statement, to outline our current possition w.r.t. openssl 1.1.1 and TLS 1.3.

Note, that TLS 1.3 is still in draft and active development as can be seen in https://github.com/tlswg/tls13-spec

And as far as I know, openssl upstream is holding up releasing next series until after TLS 1.3 is stable.

Dimitri John Ledkov (xnox) wrote :

Next openssl series is expected to be 1.1.1, however it is unknown if that will be released in time for inclusion into 18.04 LTS. Please see ubuntu-devel mailing list discussion detailing outstanding concerns with shipping 1.1.0 or later.

Changed in ubuntu-z-systems:
importance: High → Wishlist
Changed in openssl (Ubuntu):
importance: Undecided → Wishlist
Changed in ubuntu-z-systems:
status: New → Triaged
Changed in openssl (Ubuntu):
milestone: none → later
summary: - [18.04 FEAT] Rebase openssl > 1.1.0
+ [18.10 FEAT] Rebase openssl > 1.1.0

------- Comment From <email address hidden> 2018-01-17 07:16 EDT-------
Moved to 18.10,due to "not in time" availability

tags: added: targetmilestone-inin1810
removed: targetmilestone-inin1804

Upgrade to OpenSSL 1.1.0 is in progress; upgrade to OpenSSL 1.1.1 is not expected to be available for 18.04 GA.

Changed in openssl (Ubuntu):
status: New → Incomplete
Changed in ubuntu-z-systems:
status: Triaged → Incomplete
Dimitri John Ledkov (xnox) wrote :

Please provide commit ids of the features required.

Changed in openssl (Ubuntu):
status: Incomplete → Invalid
Changed in ubuntu-z-systems:
status: Incomplete → Invalid
summary: - [18.10 FEAT] Rebase openssl > 1.1.0
+ [19.04 FEAT] Rebase openssl > 1.1.0

------- Comment From <email address hidden> 2018-08-30 05:51 EDT-------
Moved to 19.04, will not make it for 18.10.

tags: added: targetmilestone-inin1904
removed: targetmilestone-inin1810
Dimitri John Ledkov (xnox) wrote :

18.10 has openssl 1.1.1 now.

Changed in openssl (Ubuntu):
status: Invalid → Fix Released
Changed in ubuntu-z-systems:
status: Invalid → Fix Released
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2018-10-23 05:54 EDT-------
Move from 19.04 -> 18.10. Fix Released .....

tags: added: targetmilestone-inin1810
removed: targetmilestone-inin1904
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2018-10-23 07:09 EDT-------
IBM Bugzilla status-> closed, Fix Released in Cosmic

information type: Private → Public
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers