On Mon, Dec 12, 2016 at 04:57:53PM +0100, Hilmar Preuße wrote:
> severity 828513 important
> stop
>
> On 26.06.2016 12:23, Kurt Roeckx wrote:
>
> Hi Kurt
>
> > OpenSSL 1.1.0 is about to released. During a rebuild of all packages using
> > OpenSSL this package fail to build. A log of that build can be found at:
> > https://breakpoint.cc/openssl-1.1-rebuild-2016-05-29/Attempted/proftpd-dfsg_1.3.5a-1_amd64-20160529-1512
> >
> AFAICT we'll have OpenSSL 1.0 in next Debian release.
That's not correct. OpenSSL 1.1 is the primary OpenSSL implementation,
and 1.0.2 is only provided as a fallback for applications which cannot
be ported in time. Since proftpd has an upstream fix, using openssl 1.1
is the prefered fix for stretch.
Cheers,
Moritz
