On Tue, Jun 18, 2019 at 04:34:07PM -0700, Andres Freund wrote:
> It's merged to both branches that contain the broken code. Now we need
> to wait for the next set of openssl releases, and then for distros to
> pick that up. Based on the past release cadence
> https://www.openssl.org/news/openssl-1.1.1-notes.html
> that seems to be likely to happen within 2-3 months.
If that's for the buildfarm coverage. I would be of the opinion to
wait a bit. Another possibility is that you could compile your own
version of OpenSSL with the patch included, say only 1.1.1c with the
patch. Still that would cause the plpython tests to complain as the
system's python may still link to the system's OpenSSL which is
broken?
Another possibility would be to move back to 1.1.1b for the time
being...
--
Michael