[tor-bugs] #31820 [Core Tor/Tor]: Drop support for OpenSSL < 1.1.1
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jan 15 15:09:10 UTC 2020
#31820: Drop support for OpenSSL < 1.1.1
--------------------------+------------------------------------
Reporter: nickm | Owner: nickm
Type: task | Status: needs_revision
Priority: Medium | Milestone: Tor: 0.4.3.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points: .3
Parent ID: | Points: .2
Reviewer: teor | Sponsor:
--------------------------+------------------------------------
Changes (by teor):
* status: needs_review => needs_revision
Comment:
Replying to [comment:13 nickm]:
> Hm. I'm not concerned about the jenkins issue per se, but I do want us
to think longer before we have the latest versions of Tor drop support for
still-supported debian versions. We like relays to keep upgrading, and
stranding a bunch of relays on tor 0.3.5.x would be at least somewhat
troublesome.
>
> I don't suppose that debian/ubuntu have plans to ship openssl 1.1.1 once
their current openssl versions are at end-of-life?
stretch has a mix of OpenSSL 1.1 and 1.0 users, they're on 1.1.0 at the
moment, and there are no signs that stretch will upgrade to 1.1.1:
* https://wiki.debian.org/OpenSSL-1.1
* https://packages.debian.org/stretch/libssl1.1
* https://tracker.debian.org/pkg/openssl
It seems that some packages might be blocking upgrades to 1.1.1:
* https://wiki.debian.org/ContinuousIntegration/TriagingTips/openssl-1.1.1
The FAQ seems to imply that jessie won't get OpenSSL 1.1, and there's no
libssl-1.1 in jessie:
* https://packages.debian.org/search?keywords=libssl1.1
As for Ubuntu, bionic should have 1.1.1 soon, but it looks like xenial is
stuck on 1.0.2g:
* https://launchpad.net/ubuntu/+source/openssl
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31820#comment:15>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list