Re: buster-pu: package openssl/1.1.1g-1

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Cc: 959469@bugs.debian.org, kibi@debian.org, debian-boot@lists.debian.org
Subject: Re: buster-pu: package openssl/1.1.1g-1
From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date: Sat, 2 May 2020 22:29:02 +0200
Message-id: <[🔎] 20200502202902.uocqkn5b4fhsi6ti@flow>
In-reply-to: <[🔎] 9195a8725d5a6d5ceda7318f27d7bce7c2b690bf.camel@adam-barratt.org.uk>
References: <20200502163642.v4nhomgfa3oen7qp@flow> <[🔎] 9195a8725d5a6d5ceda7318f27d7bce7c2b690bf.camel@adam-barratt.org.uk>

On 2020-05-02 20:32:01 [+0100], Adam D. Barratt wrote:
> On Sat, 2020-05-02 at 18:36 +0200, Sebastian Andrzej Siewior wrote:
> > I'm fairly late, I know.
> 
> Just a little. :-( Particularly as OpenSSL builds udebs.
> 
> CCing KiBi and -boot so they're aware of the discussion, but this does
> come quite late.

Yes, I know. I'm won't cry if this skips this pu, I just couldn't get
earlier to it.

> Do we have any feeling for how widespread such certificates might be?
> The fact that there have been two different upstream reports isn't
> particularly comforting.

This is correct. I don't know if there is tooling that is generating
broken certificates or just some individuals. I updated my two OpenVPN
instances and I saw clients connecting again.

> Regards,
> 
> Adam

Sebastian

Reply to:

Follow-Ups:
- Re: Bug#959469: buster-pu: package openssl/1.1.1g-1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

References:
- Re: buster-pu: package openssl/1.1.1g-1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Re: buster-pu: package openssl/1.1.1g-1
Next by Date: Re: Bug#959469: buster-pu: package openssl/1.1.1g-1
Previous by thread: Re: buster-pu: package openssl/1.1.1g-1
Next by thread: Re: Bug#959469: buster-pu: package openssl/1.1.1g-1
Index(es):
- Date
- Thread