osdir.com


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Discussion] Limit the scope of 2.4.x patches until 2.4.next is released?


On 10/15/2018 7:10 AM, William A Rowe Jr wrote:
Like my beg for getting us to the 2.4.35 release tag, I'd like to propose
we keep patches to branches/2.4.x/ generally within the scope of
straightening out the remaining quirks related to the OpenSSL 1.1.1 API and
library behavior changes (and similar corrections for any alternate library
implementations such as LibreSSL or BoringSSL.)

This isn't a vote per se... just an ask whether we collectively want to
defer all potentially disruptive changes for a release following 2.4.next.
We can certainly resume with that next release on an expedited basis,
within a month or few (as opposed to waiting 6 months as has been typical.)

It appears that dropping in OpenSSL 1.1.1 into a previously working httpd
built against 1.1.0 is not the "plug and play" replacement that the OpenSSL
team originally envisioned, and deliberately building any previous release
of httpd against 1.1.1 is similarly broken.

Thoughts? Other concerns?

I'm in favor of the idea.