This is a tracking bug for Change: Removing OpenSSL 1.1 package For more details, see: https://fedoraproject.org/wiki/Changes/RemoveOpensslCompat We are going to remove the openssl11 package from Fedora 40. If you encounter a bug related to this Change, please do not comment here. Instead create a new bug and set it to block this bug.
Hi Dmitry, as we are passed the Testable deadline for all F40 changes and are coming up to the 100% complete deadline, I am doinga routine check in on all changes to understand if they are proceeding on track or not. How has the removal of the openssl package gone? Is this complete yet or is there still work to do here? Thanks! Aoife
If I understand correctly, it is still blocked by python-3.6 migration.
> If I understand correctly, it is still blocked by python-3.6 migration. Tracked by bz #2254550: I'm working on this migration. Don't hesitate to ping me if this removal becomes urgent.
We would want to do the transition and drop old openssl before the Final Freeze (2024-04-02). Do you think the port will be ready?
https://src.fedoraproject.org/rpms/python3.6/pull-request/95 seems ready for merging. So we could get this done this week if all goes well.
How do we remove the package now, when Python 3.6 has landed?
Follow https://docs.fedoraproject.org/en-US/package-maintainers/Package_Retirement_Process/
Yes, please just retire the package following the process Miro linked. In the meantime, I was looking into the state of other packages: in https://pagure.io/fesco/issue/3101#comment-889848 we approved the following resolution: "any package still depending on openssl-compat at Beta Freeze will be dropped from Fedora at that time." Once openssl1.1-devel is dropped, chatty gloo opensmtpd become FTBFS. Retirements can happen until Tue 2024-04-02. I suggest we wait with retiring those three until that Tuesday. I'll file bugs against those packages to give a last nudge to the maintainers.
> Once openssl1.1-devel is dropped, > chatty > gloo > opensmtpd > become FTBFS. Moreover, the plan is not only to drop openssl1.1-devel, but to retire the entire package. The following packages will fail to install unless fixed: $ repoquery -q --repo=rawhide --whatrequires openssl1.1 gloo-0:0.5.0^git20230824.01a0c81-9.fc40.x86_64 gloo-mpich-0:0.5.0^git20230824.01a0c81-9.fc40.x86_64 gloo-openmpi-0:0.5.0^git20230824.01a0c81-9.fc40.x86_64 opensmtpd-0:6.8.0p2-14.fc40.x86_64 openssl1.1-devel-1:1.1.1q-7.fc40.i686 openssl1.1-devel-1:1.1.1q-7.fc40.x86_64 python3.6-0:3.6.15-28.fc41.i686 python3.6-0:3.6.15-28.fc41.x86_64 (python3.6 has a fix on its way, openssl1.1-devel is part of openssl1.1)
Package is retired for f40 and rawhide.
Not yet bubbled through the system: $ koji list-pkgs --show-blocked --tag f41 --quiet --package openssl1.1 openssl1.1 f41 saprasad $ koji list-pkgs --show-blocked --tag f40 --quiet --package openssl1.1 openssl1.1 f40 saprasad
I suspect this is now blocked by https://pagure.io/releng/issue/12028
I've manually blocked it now to ensure that it lands before freeze. (I hope to look at the underlying problem soon, but fires keep hitting)
F40 was released on 2024-04-23, so I am closing this tracker. If this Change was not completed, please notify me ASAP.