Re: OpenSSL 1.1 breaks configure and more
Alvaro Herrera <alvherre@2ndquadrant.com>
From: Alvaro Herrera <alvherre@2ndquadrant.com>
To: Christoph Berg <myon@debian.org>, Heikki Linnakangas <hlinnaka@iki.fi>, Michael Paquier <michael.paquier@gmail.com>, Andreas Karlsson <andreas@proxel.se>, Victor Wagner <vitus@wagner.pp.ru>, pgsql-hackers@postgresql.org, Tom Lane <tgl@sss.pgh.pa.us>
Date: 2016-09-15T15:38:35Z
Lists: pgsql-hackers
Christoph Berg wrote: > Re: Michael Paquier 2016-09-15 <CAB7nPqQu1GpMzkB4S6XO0_+1cAUx==RDVF70vCmDytuA=nCHiQ@mail.gmail.com> > > On Thu, Sep 15, 2016 at 8:57 PM, Heikki Linnakangas <hlinnaka@iki.fi> wrote: > > > I backpatched this to 9.5, but not further than that. The functions this > > > modified were moved around in 9.5, so the patch wouldn't apply as is. It > > > wouldn't be difficult to back-patch further if there's demand, but I'm not > > > eager to do that until someone complains. > > > > Not going older than 9.5 may be fine: > > https://www.openssl.org/blog/blog/2014/12/23/the-new-release-strategy/ > > https://wiki.freebsd.org/OpenSSL > > As far as I can see 1.0.2 would be supported until Dec 2019, so that > > would just overlap with 9.4's EOL. > > I'm afraid it's not that easy - Debian 9 (stretch) will release at the > beginning of next year, and apt.postgresql.org will want to build > 9.2/9.3/9.4 for that distribution. I guess yum.postgresql.org will > have the same problem with the next Fedora release. I suppose some interested party could grab the patch that Heikki committed to the new branches and produce a back-patch that can be applied to the older branches. -- Álvaro Herrera https://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
Commits
-
Back-patch 9.4-era SSL renegotiation code into 9.3 and 9.2.
- fbfeceb25362 9.3.17 landed
- 58384149bdbd 9.2.21 landed