I'm using Ubuntu Jaunty on a few machines and am in the process of backporting / custom compiling a few deb packages to update PHP and OpenSSL.
My question is though, should I also be recompiling all of the reverse depedencies for OpenSSL ? Currently, the servers are running 0.9.8g and I'm upgrading to 0.9.8o. I'm assuming that since they're just point releases it may not nescessarily be required / it won't break packages that dynamically link against it, however I would like to confirm this before I go ahead and perform the actual upgrade.
If I do end up having to rebuild the reverse dependencies, does anyone know of any existing tools I could use to speed things up ? Currently been using pbuilder with with a mix of existing ( newer ) Ubuntu source archives and some custom modifications to the packages, but havn't quite figured out yet how to inject these custom build packages into the pbuilder environment ( trying to compile my PHP against the updated OpenSSL however the pbuilder dependency checker installs g instead of o .. I'm assuming since it's check through apt ).
Any info would be useful. I'm fairly new to Debian packages and currently thinking it's a PITA compared to Gentoo / Arch -_-
OpenSSL 0.9.8g and OpenSSL 0.9.8o Ubuntu packages will both provide the same shared library package,
libssl0.9.8
. This defines a stable ABI, and in most cases, you will find that applications linked against libssl will be declaring a dependency just on libssl0.9.8. There may be occasions where a specific version is required, but these will normally be minimal versions rather than maximum versions.Major new versions of OpenSSL which break the ABI will introduce a new package, such as libssl1.0.0. If you wanted to upgrade to that, then you would indeed have to recompile the reverse dependencies. This is normally known as a library transition when done with in the development release of the distribution in question. It's probably best avoided when backporting.
In short, if dpkg/apt lets you install your new packages without complaining about dependencies, you are unlikely to have problems (and you don't need to recompile those reverse-dependencies).