Bug ID 1219879
Summary [TRACKERBUG] Remove EOL OpenSSL 1.1.1 and OpenSSL 1.0.0
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Basesystem
Assignee screening-team-bugs@suse.de
Reporter otto.hollmann@suse.com
QA Contact qa-bugs@suse.de
Target Milestone ---
Found By ---
Blocker --- 

This bug collects the challenges and packages that need to be adapted before
removing OpenSSL 1.1.1 and OpenSSL 1.0.0

OpenSSL 1.1.1 (package openssl1_1) is EOL since 11th September 2023.
OpenSSL 1.0.0 (package openssl1_0_0) is EOL since 31th December 2019.

Therefore, it makes sense to get rid of them and we are going to remove them
from Factory in the near future. Unfortunately some packages still rely/depend
on these old OpenSSL versions. If we would like to keep these packages, they
must be adapted to use OpenSSL 3.

Currently these packages are usually hardcoded to use specific openssl package,
e.g.:
> BuildRequires:  libopenssl-1_1-devel
The preferred way is to use our meta package
> BuildRequires:  libopenssl
or
> BuildRequires:  libopenssl-devel
that will always pull respective packages with the default OpenSSL version (at
the moment libopenssl3 or libopenssl-3-devel).

Migration guide can be found here:
https://www.openssl.org/docs/man3.0/man7/migration_guide.html

List of packages that are using old OpenSSL:
dd_rescue
EternalTerminal
fdo-client
libredfish
libzrtpcpp
python

You are receiving this mail because: