[Pkg-openssl-devel] Bug#804487: Bug#804487: openssl_1.0.2d-3 breaks mumble and mumble-server after binNMU
Chris Knadle
Chris.Knadle at coredump.us
Mon Mar 21 21:57:42 UTC 2016
Mikkel Krautz:
> On Sun, Mar 13, 2016 at 9:20 PM, Chris Knadle <Chris.Knadle at coredump.us> wrote:
>> Mikkel Krautz:
>>> On Sun, Mar 13, 2016 at 2:58 PM, Kurt Roeckx <kurt at roeckx.be> wrote:
>>>> I would also like to say again that if we can somehow see in the
>>>> meta data that they are using libssl, they would get rebuild at
>>>> the same time and you wouldn't get into this situation that they
>>>> are using a different version.
>>>
>>> My vote is also 100% for doing that. Preferably via '-openssl-linked'.
>>
>> I'm building qt4-x11 with ./configure -openssl-linked with OpenSSL 1.0.2d-1
>> now and will then build test versions of mumble with it to verify what the
>> behavior is.
>
> I believe we found that -openssl-linked would not work for Qt in
> Debian because of potential license incompatibilities with OpenSSL.
> Basically, by using -openssl-linked, unsuspecting software that link
> to QtNetwork (but are not compatible with the OpenSSL license) will be
> implicitly linked to OpenSSL, and thus create binaries that cannot be
> redistributed.
The release team thinks that using -openssl-linked might not cause
additional licensing problems:
https://lists.debian.org/debian-release/2016/03/msg00409.html
I guess I'm going to open a "wishlist" bug against qt4-x11 to discuss with
its maintainers whether using -openssl-linked is possible.
-- Chris
--
Chris Knadle
Chris.Knadle at coredump.us
More information about the Pkg-openssl-devel
mailing list