[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#675434: marked as done (nmu: libnet-ssleay-perl_1.48-1)

Your message dated Sun, 3 Jun 2012 01:34:05 +0200
with message-id <20120602233405.GE27700@mraw.org>
and subject line Re: Bug#675434: nmu: libnet-ssleay-perl_1.48-1
has caused the Debian Bug report #675434,
regarding nmu: libnet-ssleay-perl_1.48-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
675434: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=675434
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: binnmu

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi Release Team

It was reported [1], that libnet-ssleay-perl does not report the
correct constant value for SSL_OP_NO_TLSv1_1. There was the following
change in openssl 1.0.1b-1:

 openssl (1.0.1b-1) unstable; urgency=high
 .
   * New upstream version
     - Remaps SSL_OP_NO_TLSv1_1, so applications linked to 1.0.0
       can talk to servers supporting TLS 1.1 but not TLS 1.2
     - Drop rc4_hmac_md5.patch, applied upstream

 [1]: http://bugs.debian.org/675424

After rebuilding libnet-ssleay-perl the problem is fixed. Would it be
possible to schedule binnmu's for libnet-ssleay-perl?

nmu libnet-ssleay-perl_1.48-1 . ALL . -m "Rebuild for remap change for SSL_OP_NO_TLSv1_1 in openssl 1.0.1b-1"

Many thanks in advance,
Regards,
Salvatore

- -- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJPyGbdAAoJEHidbwV/2GP+E7AQAImjQRluw+gtTh1tnPCBejVA
v9nC959uKoXnRA+D7JlQnMCXQex8jJ/iNhqlJ14N4yMHFgOWa0H3BSHriPd2bDRO
xzp60RgWXwKjbrX4Yv+z5fB3PRVPR6R0CFizC1vh+VKxrwkoZ2e9gpXDVArAQGrf
ds2UylMBIuVIFhL51Y5kWhdBNePILgRpb1huyvG/+5x1qRvoFGbP+LKCZoSwVsGE
jcDf7twMhL2nyPx0QkTmOsKJGIsqd6DpiGfu2grrQBUdXXDUM/89LWS2rKKKESNt
HuYWazKeRXX1GIB3TojbHWkl63HXvVtbiFvA+my0T35Tez4Vgd1yckFCBxSOU8ov
cnP7MiUaO+kVy2FUYWs0gjeS7cQwisZeEQgUnEdbDh/pSev3cU4efnmQ7FCK3dtw
lbbEAhTUdY+r5aLtQNwNCh2QfW9U/Y+MRz1/looqeqMa6l+zgKLEHX4vvW2HZRBZ
tmF3D5F+S1JppUmjv8vW7qb/nty6h2/eEpbu69ULZC0oAd86n+nmQe8IrxAAUO1z
SF/hbJJIoztVwvn/3KnUlboyRvIugUeAuswADyK5HkfUmi/HPH5yy8JruQwzYS/Y
wNS5Wu6kimNfwr0Cn1AgsJLiRLxsjdgIehZUcHyNCjtWDN+/2H77sShxQzzWqLgW
C7SC2g9/fTTx8VP2D6Mn
=j4Dy
-----END PGP SIGNATURE-----

--- End Message ---
--- Begin Message --- 
Hi,

Kurt Roeckx <kurt@roeckx.be> (02/06/2012):
> This change was made to make sure applications build against
> 1.0.0 can talk to a server that does TLS 1.1 but not TLS 1.2,
> as the changelog says.  This is not something I like to change
> again, since it will cause problems.
> 
> Everything build against 1.0.1 or 1.0.1a that cares about
> SSL_OP_NO_TLSv1_1 should be rebuild against 1.0.1b or later.
> If using the defines from the the 1.0.1 and 1.0.1a version,
> but using 1.0.1b or laster the SSL_OP_NO_TLSv1_1 will not have
> any effect.

do we have better ways to detect that than maintainers noticing and
pinging us? :/

Salvatore: done, thanks.

Mraw,
KiBi.

Attachment: signature.asc
Description: Digital signature


--- End Message ---
Reply to: