Re: Certbot security update (Bug #969126)
As part of the deprecation of the Let's Encrypt v1 API starting in
January, we need to enable automatic conversion of the use of the v1
endpoints to v2 endpoints in the version of certbot currently used in
I have backported the minimal set of patches required to do so, and
I'm attaching the debdiff to this email. If you give the thumbs up, I
can work with the security team to put it down the stretch-security
path for updates, unless you have a better approach.
On a quick look, this looks good to me. For uploading to stretch-security, the Security team is not involved.
I can take a more thorough look later today and upload this as is and release the announcement for it. Does it sound good to you?