[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: 2443 packages indirectly depend on unsupported openssl@1.0.2u
From: |
Leo Famulari |
Subject: |
Re: 2443 packages indirectly depend on unsupported openssl@1.0.2u |
Date: |
Thu, 11 Mar 2021 02:44:30 -0500 |
On Thu, Mar 11, 2021 at 05:46:47AM +0100, Léo Le Bouter wrote:
> Hello!
>
> $ ./pre-inst-env guix refresh -l openssl@1.0.2u
> Building the following 2320 packages would ensure 2443 dependent
> [...]
>
> As upstream says at <https://www.openssl.org/policies/releasestrat.html
> >:
> > Version 1.0.2 is no longer supported. Extended support for 1.0.2 to
> gain access to security fixes for that version is available.
>
> What can we do about this you think?
We have started discussing it here:
https://bugs.gnu.org/46602