Your message dated Fri, 13 Jun 2008 18:38:32 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Re: Bug#486081: ssl-cert: Debconf abuse: is there *really* a
need to stop installation to tell users about certificate replacement?
has caused the Debian Bug report #486081,
regarding ssl-cert: Debconf abuse: is there *really* a need to stop
installation to tell users about certificate replacement?
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
486081: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=486081
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: ssl-cert
Version: 1.0.20
Severity: normal
Critical level debconf notes should be kept for things that users *must
absolutely see*.
The text of the note you added in the last release of the package says
that....the note can be ignored if one does not know what it is about.
It means that the package will handle the certificate rempalcement gently.
So I really see no reason to interrupt all upgrades (including etch->lenny
upgrades?) for this.
Such text could even be seen as belonging to NEWS.Debian and not a debconf
note.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.24-1-686 (SMP w/1 CPU core)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages ssl-cert depends on:
ii adduser 3.108 add and remove users and groups
ii debconf [debconf-2.0] 1.5.22 Debian configuration management sy
ii openssl 0.9.8g-10.1 Secure Socket Layer (SSL) binary a
ii openssl-blacklist 0.3.2 list of blacklisted OpenSSL RSA ke
ssl-cert recommends no packages.
-- debconf information:
make-ssl-cert/vulnerable_prng:
make-ssl-cert/title:
make-ssl-cert/ouname: Direction de la qualité des moules-frites
make-ssl-cert/hostname: localhost
make-ssl-cert/organisationname: Ministère de la Culture du Mali
make-ssl-cert/statename: Valais
make-ssl-cert/localityname: Montréal
make-ssl-cert/countryname: FR
make-ssl-cert/email: [EMAIL PROTECTED]
--- End Message ---
--- Begin Message ---
Quoting Stefan Fritsch ([EMAIL PROTECTED]):
> This was how the security upgrades for the ssl issue were handled and I
> see no reason to deviate in ssl-cert. It is likely that the ssl-cert
> update will be in a etch point release before lenny release (but
> openssl-blacklist needs to be uploaded to stable first). Therefore
> etch->lenny upgrades are not an issue.
>
> For people who actually use the certificate, it is important to see the
> message. Otherwise they might (or at least should) think that there was a
> MITM attack in progress. But not all users of ssl-cert will actually use
> the default certificate, hence the last line of the text.
OK, fair enough. Hence closing my bug report.
signature.asc
Description: Digital signature
--- End Message ---
