Your message dated Sun, 16 Nov 2014 21:21:12 +0000 with message-id <20141116212112.GH6216@lupin.home.powdarrmonkey.net> and subject line Re: Bug#769829: unblock: haskell-tls/1.2.9-2 has caused the Debian Bug report #769829, regarding unblock: haskell-tls/1.2.9-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 769829: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769829 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: unblock: haskell-tls/1.2.9-2
- From: Joachim Breitner <nomeata@debian.org>
- Date: Sun, 16 Nov 2014 22:15:58 +0100
- Message-id: <[🔎] 20141116211558.8500.56406.reportbug@kirk>
Package: release.debian.org Severity: normal User: release.debian.org@packages.debian.org Usertags: unblock -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Please unblock package haskell-tls Thijs Kinkhorst suggested to remove SSL3 support from haskell-tls due to the POODLE attack. This patch follows that recommendating, taking upstream’s trivial change to disable SSL3 by default. See http://bugs.debian.org/768164 unblock haskell-tls/1.2.9-2 - -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (101, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 armhf Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlRpFAgACgkQ9ijrk0dDIGyPjgCfcz7/6ki8vVlccE3aw+PBzbJ3 YdcAn0r90WOQpw0STAbfvgB3QHJjo35h =WlbC -----END PGP SIGNATURE-----diff -Nru haskell-tls-1.2.9/debian/changelog haskell-tls-1.2.9/debian/changelog --- haskell-tls-1.2.9/debian/changelog 2014-09-16 20:43:09.000000000 +0200 +++ haskell-tls-1.2.9/debian/changelog 2014-11-16 21:47:16.000000000 +0100 @@ -1,3 +1,9 @@ +haskell-tls (1.2.9-2) unstable; urgency=medium + + * Disable SSL3 by default (Closes: #768164) + + -- Joachim Breitner <nomeata@debian.org> Sun, 16 Nov 2014 21:47:16 +0100 + haskell-tls (1.2.9-1) unstable; urgency=medium * New upstream version. diff -Nru haskell-tls-1.2.9/debian/patches/no-ssl3 haskell-tls-1.2.9/debian/patches/no-ssl3 --- haskell-tls-1.2.9/debian/patches/no-ssl3 1970-01-01 01:00:00.000000000 +0100 +++ haskell-tls-1.2.9/debian/patches/no-ssl3 2014-11-16 21:43:56.000000000 +0100 @@ -0,0 +1,16 @@ +Debian-Bug: http://bugs.debian.org/768164 +Upstream-Patch: https://github.com/vincenthz/hs-tls/commit/5353bd2f717a31fd63c2a5d67112d8d8279bd1e6 + +Index: haskell-tls-1.2.9/Network/TLS/Parameters.hs +=================================================================== +--- haskell-tls-1.2.9.orig/Network/TLS/Parameters.hs 2014-11-16 21:42:36.875208330 +0100 ++++ haskell-tls-1.2.9/Network/TLS/Parameters.hs 2014-11-16 21:42:47.111406646 +0100 +@@ -126,7 +126,7 @@ + + defaultSupported :: Supported + defaultSupported = Supported +- { supportedVersions = [TLS12,TLS11,TLS10,SSL3] ++ { supportedVersions = [TLS12,TLS11,TLS10] + , supportedCiphers = [] + , supportedCompressions = [nullCompression] + , supportedHashSignatures = [ (Struct.HashSHA512, SignatureRSA) diff -Nru haskell-tls-1.2.9/debian/patches/series haskell-tls-1.2.9/debian/patches/series --- haskell-tls-1.2.9/debian/patches/series 1970-01-01 01:00:00.000000000 +0100 +++ haskell-tls-1.2.9/debian/patches/series 2014-11-16 21:41:55.000000000 +0100 @@ -0,0 +1 @@ +no-ssl3
--- End Message ---
--- Begin Message ---
- To: Joachim Breitner <nomeata@debian.org>, 769829-done@bugs.debian.org
- Subject: Re: Bug#769829: unblock: haskell-tls/1.2.9-2
- From: Jonathan Wiltshire <jmw@debian.org>
- Date: Sun, 16 Nov 2014 21:21:12 +0000
- Message-id: <20141116212112.GH6216@lupin.home.powdarrmonkey.net>
- In-reply-to: <[🔎] 20141116211558.8500.56406.reportbug@kirk>
- References: <[🔎] 20141116211558.8500.56406.reportbug@kirk>
On Sun, Nov 16, 2014 at 10:15:58PM +0100, Joachim Breitner wrote: > Please unblock package haskell-tls > > Thijs Kinkhorst suggested to remove SSL3 support from haskell-tls due to > the POODLE attack. This patch follows that recommendating, taking > upstream’s trivial change to disable SSL3 by default. Unblocked. -- Jonathan Wiltshire jmw@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51Attachment: signature.asc
Description: Digital signature
--- End Message ---