https://bugzilla.redhat.com/show_bug.cgi?id=1843264 --- Comment #3 from Robert Scheck <redhat-bugzilla@xxxxxxxxxxxx> --- (In reply to Robert-André Mauchin from comment #1) > Obsoletes: libre0 < %{version}-%{release} > > - Obsolete must be a fixed %{version}-%{release}, generally one release > above the last version of the obsoleted package available. Corrected. > - Add a comment above the patch explaining why it is needed. Added. > - Not needed anymore: > > %ldconfig_scriptlets That's only partially true: EPEL 7 still needs it, Fedora and EPEL 8 don't. I'm targetting EPEL 7, too. > - I'm not sure if SSL_CTX_set_cipher_list should be patched to respect > Fedora's ciphers. See > https://docs.fedoraproject.org/en-US/packaging-guidelines/CryptoPolicies/ The OpenSSL SSL_CTX_set_cipher_list() function is used in the "re" tls_set_ciphers() function (in src/tls/openssl/tls.c), which itself is not being used in the whole "re" library. When looking to tls_set_ciphers() more closely, it seems to be a high-level wrapper around SSL_CTX_set_cipher_list() only, thus from my understanding only applications (!) using "re" tls_set_ciphers() should be patched. Because if I am patching the library itself, any application based on "re" won't ever be able to override the system ciphers for specific purposes (which is not unlikely for SIP). Spec URL: https://labs.linuxnetz.de/bugzilla/libre.spec SRPM URL: https://labs.linuxnetz.de/bugzilla/libre-0.6.1-2.src.rpm -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx