Bug 1048982
Summary: | Nodejs from EPEL won't install on CentOS <6.5 | ||
---|---|---|---|
Product: | [Fedora] Fedora EPEL | Reporter: | Cristian Magherusan-Stanciu <cristi.magherusan> |
Component: | nodejs | Assignee: | T.C. Hollingsworth <tchollingsworth> |
Status: | CLOSED CANTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | unspecified | ||
Version: | el6 | CC: | jamielinux, mrunge, sgallagh, tchollingsworth, thrcka |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-01-06 17:37:15 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Cristian Magherusan-Stanciu
2014-01-06 17:05:03 UTC
Node.js picks up a dependency based on the version of openssl that is in the buildroot when the build happens. This is actually to the good, because Node.js compiled against openssl 1.0.0 was known to have certain limitations. (Specifically, Node.js technically relied on several patches that were only included in OpenSSL 1.0.1). When we originally build Node.js for EPEL 6, we opted for a "see what breaks" approach. We knew that certain TLS interactions would have trouble, but we decided to forge ahead and hope things didn't collapse (we were lucky, and apparently no one hit the limitations). So here's the summary: we can't actually go back to supporting 6.4 and earlier for the following reasons. 1) We can only build against what's available in the buildroot, and because EPEL's buildroot always contains the latest stable version of RHEL, it's impossible for us to go back. 2) The old version was known to be broken in certain situations that we were just lucky no one hit. This version is not susceptible to those same limitations. Finally, as you noted, it's possible to update only the openssl package from 6.5+ and retain the desired behavior, so there's a fairly simple workaround. |