Your message dated Fri, 13 Jun 2008 18:38:32 +0200 with message-id <20080613163832.GJ29038@mykerinos.kheops.frmug.org> and subject line Re: Bug#486081: ssl-cert: Debconf abuse: is there *really* a need to stop installation to tell users about certificate replacement? has caused the Debian Bug report #486081, regarding ssl-cert: Debconf abuse: is there *really* a need to stop installation to tell users about certificate replacement? to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 486081: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=486081 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: ssl-cert: Debconf abuse: is there *really* a need to stop installation to tell users about certificate replacement?
- From: Christian Perrier <bubulle@debian.org>
- Date: Fri, 13 Jun 2008 09:27:31 +0200
- Message-id: <[🔎] 20080613072731.14978.52056.reportbug@mykerinos.kheops.frmug.org>
Package: ssl-cert Version: 1.0.20 Severity: normal Critical level debconf notes should be kept for things that users *must absolutely see*. The text of the note you added in the last release of the package says that....the note can be ignored if one does not know what it is about. It means that the package will handle the certificate rempalcement gently. So I really see no reason to interrupt all upgrades (including etch->lenny upgrades?) for this. Such text could even be seen as belonging to NEWS.Debian and not a debconf note. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.24-1-686 (SMP w/1 CPU core) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages ssl-cert depends on: ii adduser 3.108 add and remove users and groups ii debconf [debconf-2.0] 1.5.22 Debian configuration management sy ii openssl 0.9.8g-10.1 Secure Socket Layer (SSL) binary a ii openssl-blacklist 0.3.2 list of blacklisted OpenSSL RSA ke ssl-cert recommends no packages. -- debconf information: make-ssl-cert/vulnerable_prng: make-ssl-cert/title: make-ssl-cert/ouname: Direction de la qualité des moules-frites make-ssl-cert/hostname: localhost make-ssl-cert/organisationname: Ministère de la Culture du Mali make-ssl-cert/statename: Valais make-ssl-cert/localityname: Montréal make-ssl-cert/countryname: FR make-ssl-cert/email: webmaster@localhost
--- End Message ---
--- Begin Message ---
- To: Stefan Fritsch <sf@sfritsch.de>
- Cc: 486081-done@bugs.debian.org
- Subject: Re: Bug#486081: ssl-cert: Debconf abuse: is there *really* a need to stop installation to tell users about certificate replacement?
- From: Christian Perrier <bubulle@debian.org>
- Date: Fri, 13 Jun 2008 18:38:32 +0200
- Message-id: <20080613163832.GJ29038@mykerinos.kheops.frmug.org>
- In-reply-to: <[🔎] 16589.217.111.53.98.1213344920.squirrel@eru.sfritsch.de>
- References: <[🔎] 20080613072731.14978.52056.reportbug@mykerinos.kheops.frmug.org> <[🔎] 16589.217.111.53.98.1213344920.squirrel@eru.sfritsch.de>
Quoting Stefan Fritsch (sf@sfritsch.de): > This was how the security upgrades for the ssl issue were handled and I > see no reason to deviate in ssl-cert. It is likely that the ssl-cert > update will be in a etch point release before lenny release (but > openssl-blacklist needs to be uploaded to stable first). Therefore > etch->lenny upgrades are not an issue. > > For people who actually use the certificate, it is important to see the > message. Otherwise they might (or at least should) think that there was a > MITM attack in progress. But not all users of ssl-cert will actually use > the default certificate, hence the last line of the text. OK, fair enough. Hence closing my bug report.Attachment: signature.asc
Description: Digital signature
--- End Message ---