On Tue, Apr 11, 2017 at 10:44:12AM +0000, ng0 wrote:
> There's also an OpenSSL-1.1.0 related bug which was fixed since the
> release of fossil 2.1, reported by Debian:
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847556#10

We are still building packages with OpenSSL-1.0.2, so we can ignore this
issue for now, right?

> I think we should update to at least
> https://www.fossil-scm.org/index.html/info/8c22e1bbcd8ec048
> 
> I don't know when they plan to release version 2.2, but it will require
> a version of sqlite we do not have. Would it be okay to fall back to the
> bundled one then?

We *should* have sqlite 3.18 after the next core-updates cycle,
hopefully by June 15.