Bug#913251: marked as done (SSL: renegotiation initiated by client, killing connection)

To: Ximin Luo <infinity0@debian.org>
Subject: Bug#913251: marked as done (SSL: renegotiation initiated by client, killing connection)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Mon, 03 Dec 2018 03:51:06 +0000
Message-id: <[🔎] handler.913251.D913251.154380896532609.ackdone@bugs.debian.org>
Reply-to: 913251@bugs.debian.org
References: <E1gTfEZ-000Hcx-3i@fasolo.debian.org> <154170016108.12686.4027461436527091511.reportbug@buster>

Your message dated Mon, 03 Dec 2018 03:49:23 +0000
with message-id <E1gTfEZ-000Hcx-3i@fasolo.debian.org>
and subject line Bug#913251: fixed in lighttpd 1.4.49-2
has caused the Debian Bug report #913251,
regarding SSL: renegotiation initiated by client, killing connection
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
913251: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913251
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: SSL: renegotiation initiated by client, killing connection
From: Olaf van der Spek <olafvdspek@gmail.com>
Date: Thu, 08 Nov 2018 19:02:41 +0100
Message-id: <154170016108.12686.4027461436527091511.reportbug@buster>

Package: lighttpd
Version: 1.4.49-1.1+b1
Severity: important

Dear Maintainer,

TLS appears to be unusable.. probably fixed in 1.4.51

Gr,

Olaf

https://redmine.lighttpd.net/issues/2912

2018-11-08 19:00:46: (mod_openssl.c.1419) SSL: renegotiation initiated by client, killing connection 
2018-11-08 19:00:46: (mod_openssl.c.1419) SSL: renegotiation initiated by client, killing connection 
2018-11-08 19:00:54: (mod_openssl.c.1419) SSL: renegotiation initiated by client, killing connection 
2018-11-08 19:00:54: (mod_openssl.c.1419) SSL: renegotiation initiated by client, killing connection 
2018-11-08 19:00:54: (mod_openssl.c.1419) SSL: renegotiation initiated by client, killing connection 
2018-11-08 19:00:54: (mod_openssl.c.1419) SSL: renegotiation initiated by client, killing connection 

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.18.0-2-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages lighttpd depends on:
ii  libattr1            1:2.4.47-2+b2
ii  libbz2-1.0          1.0.6-9
ii  libc6               2.27-8
ii  libfam0             2.7.0-17.2+b1
ii  libldap-2.4-2       2.4.46+dfsg-5+b1
ii  libmariadbclient18  1:10.1.37-1
ii  libpcre3            2:8.39-11
ii  libssl1.1           1.1.1-2
ii  lsb-base            9.20170808
ii  mime-support        3.61
ii  zlib1g              1:1.2.11.dfsg-1

Versions of packages lighttpd recommends:
ii  spawn-fcgi  1.6.4-2

Versions of packages lighttpd suggests:
pn  apache2-utils  <none>
pn  lighttpd-doc   <none>
ii  openssl        1.1.1-2
pn  php-cgi        <none>
pn  rrdtool        <none>

-- no debconf information

--- End Message ---

--- Begin Message ---

To: 913251-close@bugs.debian.org
Subject: Bug#913251: fixed in lighttpd 1.4.49-2
From: Ximin Luo <infinity0@debian.org>
Date: Mon, 03 Dec 2018 03:49:23 +0000
Message-id: <E1gTfEZ-000Hcx-3i@fasolo.debian.org>

Source: lighttpd
Source-Version: 1.4.49-2

We believe that the bug you reported is fixed in the latest version of
lighttpd, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 913251@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ximin Luo <infinity0@debian.org> (supplier of updated lighttpd package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 02 Dec 2018 19:26:05 -0800
Source: lighttpd
Binary: lighttpd lighttpd-doc lighttpd-mod-mysql-vhost lighttpd-mod-trigger-b4-dl lighttpd-mod-cml lighttpd-mod-magnet lighttpd-mod-webdav lighttpd-mod-authn-gssapi lighttpd-mod-authn-ldap lighttpd-mod-authn-mysql lighttpd-mod-geoip
Architecture: source
Version: 1.4.49-2
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group <packages@qa.debian.org>
Changed-By: Ximin Luo <infinity0@debian.org>
Description:
 lighttpd   - fast webserver with minimal memory footprint
 lighttpd-doc - documentation for lighttpd
 lighttpd-mod-authn-gssapi - GGSAPI authentication for lighttpd
 lighttpd-mod-authn-ldap - LDAP authentication for lighttpd
 lighttpd-mod-authn-mysql - MySQL authentication for lighttpd
 lighttpd-mod-cml - cache meta language module for lighttpd
 lighttpd-mod-geoip - GeoIP restrictions for lighttpd
 lighttpd-mod-magnet - control the request handling module for lighttpd
 lighttpd-mod-mysql-vhost - MySQL-based virtual host configuration for lighttpd
 lighttpd-mod-trigger-b4-dl - anti-deep-linking module for lighttpd
 lighttpd-mod-webdav - WebDAV module for lighttpd
Closes: 913249 913251
Changes:
 lighttpd (1.4.49-2) unstable; urgency=medium
 .
   * Non-maintainer upload.
 .
   [ Ondřej Nový ]
   * d/copyright: Change Format URL to correct one
 .
   [ Ximin Luo ]
   * Add a patch to work against openssl 1.1.1. (Closes: #913251)
   * Add Depends: perl. (Closes: #913249)
Checksums-Sha1:
 a6a6c0f6e51ff4e7b7bd58eda750256e5ff5d0e0 2330 lighttpd_1.4.49-2.dsc
 eb7cc4e53ffd1809edf466a8414b5c20f2dcadb9 47324 lighttpd_1.4.49-2.debian.tar.xz
 08537ec9e410929d83d9539300526045ccb028bd 7799 lighttpd_1.4.49-2_source.buildinfo
Checksums-Sha256:
 1ca570ad46054744e446b8b92d41e99c9d350f663eeb3fc3b4182765277b9e05 2330 lighttpd_1.4.49-2.dsc
 d1908b32508dc5d26355a7d508797f6224bb7a404258f7d6884a49c24989a6a3 47324 lighttpd_1.4.49-2.debian.tar.xz
 4085544ca5576b3eb18f7c60361d83c8168cda5f26305bb9ef6ee4421acef96c 7799 lighttpd_1.4.49-2_source.buildinfo
Files:
 a89e60b1c4fa06de6f88c9cc2889985f 2330 httpd optional lighttpd_1.4.49-2.dsc
 93cca99794f4207f46b890162653bea2 47324 httpd optional lighttpd_1.4.49-2.debian.tar.xz
 ff001d2aa99e6097b7d9d7dc4013c620 7799 httpd optional lighttpd_1.4.49-2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQReYinNQ9GpZ9TYcRrrH8jaRfspMAUCXASijgAKCRDrH8jaRfsp
MFZDAQCnHWHAS2++ZrhgpAJIT464a9aq5cKt8hyxGxXCDOIJOwEA7WzdCLP5ngkF
z6YbSIU87rPwUORBVki3dlcwi9zSagw=
=gAhe
-----END PGP SIGNATURE-----

--- End Message ---

Reply to:

Prev by Date: Bug#913249: marked as done (lighttpd: Can't locate Term/ReadLine.pm in @INC)
Next by Date: Processing of lighttpd_1.4.49-2_source.changes
Previous by thread: Bug#913249: marked as done (lighttpd: Can't locate Term/ReadLine.pm in @INC)
Next by thread: Processing of lighttpd_1.4.49-2_source.changes
Index(es):
- Date
- Thread