On 09/15/2016 05:33 PM, Christoph Berg wrote:
> Re: Michael Paquier 2016-09-15 <CAB7nPqQu1GpMzkB4S6XO0_+1cAUx==RDVF70vCmDytuA=nCHiQ@mail.gmail.com>
>> On Thu, Sep 15, 2016 at 8:57 PM, Heikki Linnakangas <hlinnaka@iki.fi> wrote:
>>> I backpatched this to 9.5, but not further than that. The functions this
>>> modified were moved around in 9.5, so the patch wouldn't apply as is. It
>>> wouldn't be difficult to back-patch further if there's demand, but I'm not
>>> eager to do that until someone complains.
>>
>> Not going older than 9.5 may be fine:
>> https://www.openssl.org/blog/blog/2014/12/23/the-new-release-strategy/
>> https://wiki.freebsd.org/OpenSSL
>> As far as I can see 1.0.2 would be supported until Dec 2019, so that
>> would just overlap with 9.4's EOL.
>
> I'm afraid it's not that easy - Debian 9 (stretch) will release at the
> beginning of next year, and apt.postgresql.org will want to build
> 9.2/9.3/9.4 for that distribution. I guess yum.postgresql.org will
> have the same problem with the next Fedora release.
Can you elaborate? Are you saying that Debian 9 (strect) will not ship
OpenSSL 1.0.2 anymore, and will require using OpenSSL 1.1.0?
- Heikki