Discussion:
Processed: Building with OpenSSL 1.0.2 is sufficient for stretch
(too old to reply)
Debian Bug Tracking System
2016-11-28 19:00:02 UTC
Permalink
Raw Message
tags -1 patch
Bug #828556 [src:sslscan] sslscan: FTBFS with openssl 1.1.0
Added tag(s) patch.
--
828556: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828556
Debian Bug Tracking System
Contact ***@bugs.debian.org with problems
Marvin Stark
2016-11-30 16:10:03 UTC
Permalink
Raw Message
On Thu, Sep 01, 2016 at 09:55:46PM +0200, Sebastian Andrzej Siewior
control: forwarded -1 https://github.com/rbsec/sslscan/issues/108
Sebastian, Marvin, what is the status regarding getting this patch
that
was applied upstream included in Debian?
Adrian: which patch?
Marvin: unless Adrian pulls out a patch I suggest you prepare a package
to build against libssl1.0-dev. I have currently no better suggestion.
I
can sponsor the upload if you want me to.
Yes please. I'll prepare a new package these days.
--
.""`. Marvin Stark <***@der-marv.de>
: :" : Homepage: www.der-marv.de
`. `"`
`- Debian - when you have better things to do than fix a system
Adrian Bunk
2016-12-21 21:40:02 UTC
Permalink
Raw Message
Post by Marvin Stark
...
Marvin: unless Adrian pulls out a patch I suggest you prepare a package
to build against libssl1.0-dev. I have currently no better suggestion. I
can sponsor the upload if you want me to.
Yes please. I'll prepare a new package these days.
ping

cu
Adrian
--
"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed
Christoph Berg
2017-01-05 14:20:01 UTC
Permalink
Raw Message
Post by Marvin Stark
...
Marvin: unless Adrian pulls out a patch I suggest you prepare a package
to build against libssl1.0-dev. I have currently no better suggestion. I
can sponsor the upload if you want me to.
Yes please. I'll prepare a new package these days.
ping
NMU diff:


Control files: lines which differ (wdiff format)
------------------------------------------------
Build-Depends: debhelper (>= 9), {+libssl1.0-dev |+} libssl-dev {+(<< 1.1.0~)+}

diff -Nru sslscan-1.11.5-rbsec/debian/changelog sslscan-1.11.5-rbsec/debian/changelog
--- sslscan-1.11.5-rbsec/debian/changelog 2016-04-01 10:33:03.000000000 +0200
+++ sslscan-1.11.5-rbsec/debian/changelog 2017-01-05 15:02:51.000000000 +0100
@@ -1,3 +1,10 @@
+sslscan (1.11.5-rbsec-1.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Build against openssl 1.0. (Closes: #828556)
+
+ -- Christoph Berg <***@debian.org> Thu, 05 Jan 2017 15:02:51 +0100
+
sslscan (1.11.5-rbsec-1) unstable; urgency=medium

* New Upstream release (Closes: #804616)
diff -Nru sslscan-1.11.5-rbsec/debian/control sslscan-1.11.5-rbsec/debian/control
--- sslscan-1.11.5-rbsec/debian/control 2016-04-01 10:33:03.000000000 +0200
+++ sslscan-1.11.5-rbsec/debian/control 2017-01-05 15:02:51.000000000 +0100
@@ -3,7 +3,7 @@
Priority: extra
Maintainer: Marvin Stark <***@der-marv.de>
Homepage: https://github.com/rbsec/sslscan
-Build-Depends: debhelper (>= 9), libssl-dev
+Build-Depends: debhelper (>= 9), libssl1.0-dev | libssl-dev (<< 1.1.0~)
Standards-Version: 3.9.7.0

Package: sslscan


Christoph
Sebastian Andrzej Siewior
2017-01-05 20:40:02 UTC
Permalink
Raw Message
Post by Christoph Berg
Control files: lines which differ (wdiff format)
------------------------------------------------
Build-Depends: debhelper (>= 9), {+libssl1.0-dev |+} libssl-dev {+(<< 1.1.0~)+}
why on libssl-dev (<< 1.1.0~)?

Otherwise I'm fine with it. I asked the release team & security if they
object adding openssl's source to sslscan and the release was not too
happy about it. With latest libssl1.0 upload sslscan won't be able to
detect 3des ciphers…
Post by Christoph Berg
Christoph
Sebastian
Sebastian Andrzej Siewior
2017-01-06 20:50:01 UTC
Permalink
Raw Message
Post by Sebastian Andrzej Siewior
why on libssl-dev (<< 1.1.0~)?
The | libssl-dev (<< 1.1.0~) part is there to enable backporting to
jessie without having to revert libssl1.0-dev back to libssl-dev.
and I though that this is one of the changes you do when you intend to
backport a package. But now looking at some other packages I see that
more people did this :/ So I need to fix my tracker…
Post by Sebastian Andrzej Siewior
Otherwise I'm fine with it. I asked the release team & security if they
object adding openssl's source to sslscan and the release was not too
happy about it. With latest libssl1.0 upload sslscan won't be able to
detect 3des ciphers…
I guess with openssl 1.1 that would also be the case so it doesn't
make a difference.
Yes. I did not imply to convert to 1.1 I just tried to point out some of
the limitations…
Christoph
Sebastian

Debian Bug Tracking System
2017-01-05 15:20:02 UTC
Permalink
Raw Message
Your message dated Thu, 05 Jan 2017 15:10:13 +0000
with message-id <E1cP9gD-000EJc-***@fasolo.debian.org>
and subject line Bug#828556: fixed in sslscan 1.11.5-rbsec-1.1
has caused the Debian Bug report #828556,
regarding sslscan: FTBFS with openssl 1.1.0
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ***@bugs.debian.org
immediately.)
--
828556: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828556
Debian Bug Tracking System
Contact ***@bugs.debian.org with problems
Loading...