Re: Bug#921663: Please add python-certbot update to jessie-backports
I can also add that I have looked into this for myself and the number of needed dependencies is rather large. So it is not just certbot that need an update, we also need to include quite a few other packages too.
[[ Resending to correct debian-lts, I forgot the "lists." bit... ]]
On Fri, 2019-02-08 at 11:18 -0800, Brad Warren wrote:
> To provide a little more information as an upstream maintainer of
> Certbot, the lack of an upgrade here will affect a lot of Debian
> Jessie users.
> Let’s Encrypt started sending out multiple emails telling affected
> users they needed to upgrade their client or they will become unable
> to renew their certificates 3 weeks ago. Looking at server side data
> from the past week on how many Jessie users continue to rely on these
> soon to be broken packages, I estimate it is 20,000 users maintaining
> 37,000 certificates for 64,000 domains.
> Is there really nothing that can be done here? Is it possible to make
> an exception to Debian’s normal policy to prevent TLS configurations
> from breaking on tens of thousands of websites?
There is no need for an exception, jessie-backports is not the right
place to be fixing this issue even if it were still open. It should be
fixed by an update to either Jessie itself of the security suite.
Jessie(-security) is currently maintained (until June 2020) by the LTS
team, who I've cc-d here.
There was a similar thread on the backports list which ended with 
but I don't know if this ever formally came to the LTS team.
Ian (not involved with LTS nor backports nor letsencrypt team).
--- Inguza Technology AB --- MSc in Information Technology ----
\ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 /