Re: Bug#959469: buster-pu: package openssl/1.1.1g-1

To: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>, 959469@bugs.debian.org
Cc: kibi@debian.org, debian-boot@lists.debian.org, Kurt Roeckx <kurt@roeckx.be>
Subject: Re: Bug#959469: buster-pu: package openssl/1.1.1g-1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Fri, 20 Nov 2020 17:24:30 +0000
Message-id: <[🔎] 540c858f4ff1b24f21d5851525d4c254b0a2d5f9.camel@adam-barratt.org.uk>
In-reply-to: <[🔎] 20201115102907.65iqtifyznccckhv@flow>
References: <20200502163642.v4nhomgfa3oen7qp@flow> <9195a8725d5a6d5ceda7318f27d7bce7c2b690bf.camel@adam-barratt.org.uk> <20200502163642.v4nhomgfa3oen7qp@flow> <20200502202902.uocqkn5b4fhsi6ti@flow> <18b53d524be7218a96068c96b47e6bf13ccda7cf.camel@adam-barratt.org.uk> <20200502163642.v4nhomgfa3oen7qp@flow> <[🔎] 20201115102907.65iqtifyznccckhv@flow>

On Sun, 2020-11-15 at 11:29 +0100, Sebastian Andrzej Siewior wrote:
> control: retitle -1 buster-pu: package openssl/1.1.1h-1
> 
> On 2020-05-02 22:34:40 [+0100], Adam D. Barratt wrote:
> > > > Do we have any feeling for how widespread such certificates
> > > > might be?
> > > > The fact that there have been two different upstream reports
> > > > isn't particularly comforting.
> > > 
> > > This is correct. I don't know if there is tooling that is
> > > generating broken certificates or just some individuals. I
> > > updated my two OpenVPN instances and I saw clients connecting
> > > again.
> > 
> > Thanks for the information.
> 
> look at that. I deployed it locally and forgot all about it. Now I
> was going to open a pu for 1.1.1h and noticed that I didn't finish
> this one.
> 
> I hereby propose an update to 1.1.1h.

Predictably we're again quite close to a point release. :-( (One week
from freeze, specifically.)

Looking at the upstream issues regarding certificate validation changes
between 1.1.1e and f/g, #11456 appears to have been addressed already,
but #11625 is still open and looks stalled. Have you seen any more
reports of that issue?

Regards,

Adam

Reply to:

Follow-Ups:
- Re: Bug#959469: buster-pu: package openssl/1.1.1g-1
  - From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

References:
- Re: Bug#959469: buster-pu: package openssl/1.1.1g-1
  - From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

Prev by Date: Processed: Re: Bug#975331: release-notes: Installation guide: No instructions for verifying image integrity after download
Next by Date: choose-mirror_2.99+deb10u2_source.changes ACCEPTED into proposed-updates->stable-new, proposed-updates
Previous by thread: Re: Bug#959469: buster-pu: package openssl/1.1.1g-1
Next by thread: Re: Bug#959469: buster-pu: package openssl/1.1.1g-1
Index(es):
- Date
- Thread