RepoJournal
Arch Linux

@archlinux

The Arch Linux org — the rolling distro and the developers who run it

Pick a date

The Wire · Showcase

OPENSSL UPGRADE UNBLOCKED AFTER UPSTREAM FIX

By RepoJournal · Filed · About Arch Linux

The rsync-ssl blocker that's been holding back OpenSSL updates across infrastructure is finally resolved, clearing the path for security patches.

Infrastructure has been deliberately ignoring OpenSSL upgrades due to a broken rsync-ssl dependency, but both the rsync [1] and OpenSSL [1] upstream issues have shipped fixes. This unblock comes paired with a critical nginx configuration fix [2]: Let's Encrypt switched to their Generation Y intermediates last week, creating a longer certificate chain that exceeds nginx's default verification depth of one. The dbscripts team deployed the depth fix [3] yesterday to restore mirrorauth validation on archlinux.org. With both the certificate chain issue [2] and the rsync-ssl blocker [4] resolved, the infrastructure team can now drop the OpenSSL upgrade ignore [5]. The main release train also pushed five package updates [6] [7] [8] [9] [10], including radicale 3.7.5, python-distributed 2026.6.0, and tig's graduation from testing to stable. Finishing the stack: mypy reached v2 in alpm dependencies [11].

Action items

References

  1. [1] Stop ignoring openssl upgrade archlinux/infrastructure
  2. [2] dbscripts: Fix broken mirrorauth due to longer chain on archlinux.org archlinux/infrastructure
  3. [3] Merge branch 'dbscripts-verify-depth' into 'main' archlinux/infrastructure
  4. [4] Stop ignoring openssl upgrade archlinux/infrastructure
  5. [5] Merge branch 'drop_openssl_upgrade_ignore' archlinux/infrastructure
  6. [6] update radicale to 3.7.5-1 in extra-any archlinux/state
  7. [7] update python-distributed to 2026.6.0-1 in extra-any archlinux/state
  8. [8] update nvshmem to 3.7.0-1 in extra-x86_64 archlinux/state
  9. [9] move tig from extra-testing-x86_64 to extra-x86_64 archlinux/state
  10. [10] update python-aiogram to 3.29.0-1 in extra-any archlinux/state
  11. [11] chore(deps): Update dependency mypy to v2 archlinux/alpm

FAQ

What changed in Arch Linux on June 15, 2026?
The rsync-ssl blocker that's been holding back OpenSSL updates across infrastructure is finally resolved, clearing the path for security patches.
What should Arch Linux teams do about it?
Remove OpenSSL upgrade ignore and re-enable patching in infrastructure • Verify nginx verification depth change is deployed to all mirror validation points • Pull the five state updates (radicale, python-distributed, nvshmem, tig, python-aiogram) into next release cycle
Which Arch Linux repositories shipped on June 15, 2026?
archlinux/infrastructure, archlinux/state, archlinux/alpm

Related across the cluster

For your repos

The showcase is a teaser.
Your wire is the product.

Same engine. Different stack. Below: what changes when the wire is yours.

Showcase wire

  • 14 famous open source orgs
  • One wire per day
  • Public, generic
  • Read on the web, when you remember

Your wire

  • Up to 1,500 of your repos - orgs, deps, vendors
  • Morning and evening briefs
  • Action items routed to your team
  • Slack delivery, email, breaking-news CVE alerts

Want a hands-on demo first? Ask a current user for an invite link.