Re: Bug#959469: buster-pu: package openssl/1.1.1g-1

["Adam D. Barratt" <adam@adam-barratt.org.uk>]

On Sat, 2020-05-02 at 22:29 +0200, Sebastian Andrzej Siewior wrote:
> On 2020-05-02 20:32:01 [+0100], Adam D. Barratt wrote:
> > On Sat, 2020-05-02 at 18:36 +0200, Sebastian Andrzej Siewior wrote:
> > > I'm fairly late, I know.
> > 
> > Just a little. :-( Particularly as OpenSSL builds udebs.
> > 
> > CCing KiBi and -boot so they're aware of the discussion, but this
> > does
> > come quite late.
> 
> Yes, I know. I'm won't cry if this skips this pu, I just couldn't get
> earlier to it.

OK. To be honest, at this stage I would be happier looking at this for
10.5 than 10.4.

> > Do we have any feeling for how widespread such certificates might
> > be?
> > The fact that there have been two different upstream reports isn't
> > particularly comforting.
> 
> This is correct. I don't know if there is tooling that is generating
> broken certificates or just some individuals. I updated my two
> OpenVPN instances and I saw clients connecting again.

Thanks for the information.

Regards,

Adam