why are things still requiring libssl1.0.0, when bionic ships with libssl1.1?

Asked by Michael Richardson on 2018-08-12

In a mostly empty ubuntu bionic container:

root@mud-controller:~# apt-get install openssh-server
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
  libssl1.0.0 libxmuu1 ncurses-term openssh-client openssh-sftp-server python3-certifi python3-chardet python3-idna

yet, libssl1.1 is shipping with bionic. This seems like a packaging dependancy mistake.
Maybe there is a reason for this?

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu openssl Edit question
Assignee:
No assignee Edit question
Last query:
2018-08-12
Last reply:
2018-08-13

M y guess is that the libssl-dev for 1.0.0 is installed, rather than libssl-dev for 1.1.0.

Manfred Hampl (m-hampl) said : #2

Bionic provides both, libssl1.0.0 https://launchpad.net/ubuntu/+source/openssl1.0 and libssl1.1 https://launchpad.net/ubuntu/+source/openssl

Apparently not all programs using functionality from these libraries have already been converted to use the newer one.

The correct target for such question would be openssh-server, not openssl/openssl1.0, and the question could be re-formulated towards: Why is openssh-server for bionic still using libssl1.0.0 and not libssl1.1
And for this question I found a reference in https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes#OpenSSH
"OpenSSH does not compile against OpenSSL 1.1.0."

Can you help with this problem?

Provide an answer of your own, or ask Michael Richardson for more information if necessary.

To post a message you must log in.