Vít Ondruch

Thinking about this, I'm not convinced that switching to `--nobest` is good option.

After additional explanation from DNF upstream I think that `update_before_build` should execute the `dnf builddeps --nobest`. It would be also useful for cases like this if the `update_before_build` was available...

Any progress here?

Ping. I am bitten by this again.

BTW this fixes [CVE-2021-32765](https://github.com/redis/hiredis/security/advisories/GHSA-hfm9-39pp-55p2), so it is probably something to consider. Although I cannot judge if it is exploitable via hiredis-rb

This might be the culprit: https://github.com/redis/hiredis/commit/76a7b10005c70babee357a7d0f2becf28ec7ed1e

> Please note that OpenSSL 3.0 is still in an alpha release and has not reached its feature freeze. Since Beta1 is already out, can I gently ask for an...

I wonder, will the OpenSSL 3.x support be API compatible with older versions? Going through several PRs, it seems that it probably will, but there are so many changes (for...

Trying to backport this patch set to Ruby 3.0.2, I am struggling with these test failures: ~~~ 1) Failure: TestGemRemoteFetcher#test_do_not_allow_invalid_client_cert_auth_connection [/builddir/build/BUILD/ruby-3.0.2/test/rubygems/test_gem_remote_fetcher.rb:954]: [Gem::RemoteFetcher::FetchError] exception expected, not #. 2) Error: TestGemRemoteFetcher#test_ssl_client_cert_auth_connection: OpenSSL::PKey::RSAError:...

Just FTR, this can't be reproduced by openssl utility, which can read the appropriate parts of the file just fine. But this is the approach it uses: https://github.com/openssl/openssl/blob/af5e63e1e3300f784f302a5d3309bf673cc08894/apps/pkey.c#L217-L220 https://github.com/openssl/openssl/blob/af5e63e1e3300f784f302a5d3309bf673cc08894/apps/lib/apps.c#L978-L992