Re: [stable] openssl rfc5746 / renegotiation support

To: Michael Gilbert <michael.s.gilbert@gmail.com>
Cc: debian-release@lists.debian.org, team@security.debian.org
Subject: Re: [stable] openssl rfc5746 / renegotiation support
From: Philipp Kern <pkern@debian.org>
Date: Fri, 19 Nov 2010 17:18:13 +0100
Message-id: <[🔎] 20101119161813.GA19171@thrall.0x539.de>
In-reply-to: <[🔎] 20101119102808.9a4b8a48.michael.s.gilbert@gmail.com>
References: <[🔎] 20101116204806.GA14739@roeckx.be> <[🔎] 20101119103548.GS10569@anguilla.noreply.org> <[🔎] 20101119102808.9a4b8a48.michael.s.gilbert@gmail.com>

On Fri, Nov 19, 2010 at 10:28:08AM -0500, Michael Gilbert wrote:
> On Fri, 19 Nov 2010 11:35:48 +0100, Peter Palfrader wrote:
> > What's the verdict here?
> > 
> > Are we going to update openssl in stable (either via -security or with
> > the next point release), and if yes, what are we doing with tor?
> 
> The decision was made a while back to fix this in an SPU.  Kurt put out
> packages a few weeks ago and called for testing, but I've only seen one
> response so far.  So I think that what needs to happen is a little more
> testing?

You might want to point us to that decision.

We'd prefer to have this handled by security.

Thanks
Philipp Kern

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- openssl rfc5746 / renegotiation support
  - From: Kurt Roeckx <kurt@roeckx.be>
- Re: [stable] openssl rfc5746 / renegotiation support
  - From: Peter Palfrader <weasel@debian.org>
- Re: [stable] openssl rfc5746 / renegotiation support
  - From: Michael Gilbert <michael.s.gilbert@gmail.com>

Prev by Date: Re: Bug#596899: Please unblock ia32-libs/20101012
Next by Date: Bug#603966: aribas: request to unblock
Previous by thread: Re: [stable] openssl rfc5746 / renegotiation support
Next by thread: RFE: Request for freeze exception - 6tunnel Bug#601030 (IPv4 fix)
Index(es):
- Date
- Thread