Hello,
As part of the 3.15 release cycle, we planned to upgrade the system
OpenSSL to 3.0, because of the improved licensing and isolation of legacy,
known-broken cryptographic primitives behind a legacy provider module.
Unfortunately, this migration hit a few regressions, notably in apk-tools,
but also some packages like MariaDB were not anywhere near ready to be
used in production with OpenSSL 3. We decided to wait a few weeks to see
what happened, but we hit a key decision point (preparation for Alpine
3.15 soft freeze) without any resolution, and so the contingency plan
automatically came into effect.
The contingency plan, of course, being that we would move back to OpenSSL
1.1.
We will re-evaluate the situation in Alpine 3.16 when OpenSSL 3.1 is
released.
In practical terms, this means that your APKBUILDs have been modified
where appropriate to depend on OpenSSL 1.1 explicitly. This is to give
the packages a stable dependency tree while the openssl-dev provider is
flipped to openssl1.1-compat-dev.
Later next week, main/openssl will transition to community/openssl3, and
main/openssl1.1-compat will transition to main/openssl. This step will
not require any rebuild.
Thanks in advance for everyone's patience!
Ariadne