1. Forum
  2. USENET
  3. muc.lists.freebsd.ports

  • security/openssl and upcoming FreeBSD 15.0

    From Bernard Spil@brnrd@freebsd.org to muc.lists.freebsd.ports on Thu Oct 2 06:35:10 2025
    From Newsgroup: muc.lists.freebsd.ports

    Hi all,

    Wanted to share with you my plan for the OpenSSL ports.

    With the upcoming FreeBSD 15.0 release, the OpenSSL version in base will change from 3.0 to 3.5.
    I plan to make the OpenSSL ports align with the 15.0 release version,
    that is 3.5.
    In ports the current default of OpenSSL is 3.0 (3.0.18 as of yesterday,
    in main as well as in 2025Q4).
    The security/openssl35 ports is at 3.5.4 (main and 2025Q4).

    Plan at time of FreeBSD 15.0 RELEASE:

    1. Rename security/openssl to security/openssl30 (in main only)
    2. Rename security/openssl35 to security/openssl (in main only)
    3. Create an UPDATING entry that all ports depending on security/openssl
    must be rebuilt for the new SHLIB version.

    The security/openssl port in quarterly will remain at 3.0 until 2026Q1
    is created.

    With kind regards, Bernard.


    --
    Posted automagically by a mail2news gateway at muc.de e.V.
    Please direct questions, flames, donations, etc. to news-admin@muc.de
    --- Synchronet 3.21a-Linux NewsLink 1.2
  • From Gleb Popov@arrowd@freebsd.org to muc.lists.freebsd.ports on Thu Oct 2 10:19:53 2025
    From Newsgroup: muc.lists.freebsd.ports

    On Thu, Oct 2, 2025 at 9:35rC>AM Bernard Spil <brnrd@freebsd.org> wrote:

    Hi all,

    Wanted to share with you my plan for the OpenSSL ports.

    With the upcoming FreeBSD 15.0 release, the OpenSSL version in base will change from 3.0 to 3.5.
    I plan to make the OpenSSL ports align with the 15.0 release version,
    that is 3.5.
    In ports the current default of OpenSSL is 3.0 (3.0.18 as of yesterday,
    in main as well as in 2025Q4).
    The security/openssl35 ports is at 3.5.4 (main and 2025Q4).

    Plan at time of FreeBSD 15.0 RELEASE:

    1. Rename security/openssl to security/openssl30 (in main only)
    2. Rename security/openssl35 to security/openssl (in main only)
    Having seen several big changes coming in without exp-run's recently,
    I just want to note that these two steps should be performed in a
    branch and then properly tested via exp-run.
    I can lend you a hand with fixing the fallout if any, or run a
    mini-exp-run (on direct consumers only).
    --
    Posted automagically by a mail2news gateway at muc.de e.V.
    Please direct questions, flames, donations, etc. to news-admin@muc.de
    --- Synchronet 3.21a-Linux NewsLink 1.2
  • From Gleb Popov@arrowd@freebsd.org to muc.lists.freebsd.ports on Thu Oct 2 12:29:34 2025
    From Newsgroup: muc.lists.freebsd.ports

    On Thu, Oct 2, 2025 at 12:00rC>PM Bernard Spil <brnrd@freebsd.org> wrote:

    I can find no instances of `USES= ssl=openssl*` and see no port with a _DEPENDS on freshports.org...
    What am I missing?
    Ports generally aren't allowed to choose what type of openssl it wants
    to depend on. Thus, USES=openssl has no args as you can see in the documentational comment at the top of Mk/Uses/ssl.mk
    Instead, users may set DEFAULT_VERSIONS=ssl=openssl to make all ports
    depend on security/openssl rather than the base one. So an exp-run
    would mean building all ports that have USES=ssl with different values
    for DEFAULT_VERSIONS.
    --
    Posted automagically by a mail2news gateway at muc.de e.V.
    Please direct questions, flames, donations, etc. to news-admin@muc.de
    --- Synchronet 3.21a-Linux NewsLink 1.2