Re: buster-pu: package openssl/1.1.1g-1
On 2020-05-02 20:32:01 [+0100], Adam D. Barratt wrote:
> On Sat, 2020-05-02 at 18:36 +0200, Sebastian Andrzej Siewior wrote:
> > I'm fairly late, I know.
>
> Just a little. :-( Particularly as OpenSSL builds udebs.
>
> CCing KiBi and -boot so they're aware of the discussion, but this does
> come quite late.
Yes, I know. I'm won't cry if this skips this pu, I just couldn't get
earlier to it.
> Do we have any feeling for how widespread such certificates might be?
> The fact that there have been two different upstream reports isn't
> particularly comforting.
This is correct. I don't know if there is tooling that is generating
broken certificates or just some individuals. I updated my two OpenVPN
instances and I saw clients connecting again.
> Regards,
>
> Adam
Sebastian
Reply to: