Your message dated Wed, 19 Nov 2014 19:04:19 +0000
with message-id <[email protected]>
and subject line Bug#769904: fixed in gnutls28 3.3.10-2
has caused the Debian Bug report #769904,
regarding gnutls28: please disable SSLv3
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
769904: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769904
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: gnutls28
Version: 3.3.8-4
Severity: important
Tags: security
Hi,
Can SSLv3 be disabled in our GnuTLS build please?
As a reference, OpenSSL disabled this in jessie and sid:
https://packages.qa.debian.org/o/openssl/news/20141015T180434Z.html
It would be good for security and consistency if GnuTLS would also adopt this
approach and disable the legacy protocol in jessie and sid.
Cheers,
Thijs
--- End Message ---
--- Begin Message ---
Source: gnutls28
Source-Version: 3.3.10-2
We believe that the bug you reported is fixed in the latest version of
gnutls28, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Metzler <[email protected]> (supplier of updated gnutls28 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 19 Nov 2014 19:33:23 +0100
Source: gnutls28
Binary: libgnutls28-dev libgnutls-deb0-28 libgnutls28-dbg gnutls-bin gnutls-doc
guile-gnutls libgnutlsxx28 libgnutls-openssl27
Architecture: source i386 all
Version: 3.3.10-2
Distribution: experimental
Urgency: medium
Maintainer: Debian GnuTLS Maintainers <[email protected]>
Changed-By: Andreas Metzler <[email protected]>
Description:
gnutls-bin - GNU TLS library - commandline utilities
gnutls-doc - GNU TLS library - documentation and examples
guile-gnutls - GNU TLS library - GNU Guile bindings
libgnutls-deb0-28 - GNU TLS library - main runtime library
libgnutls-openssl27 - GNU TLS library - OpenSSL wrapper
libgnutls28-dbg - GNU TLS library - debugger symbols
libgnutls28-dev - GNU TLS library - development files
libgnutlsxx28 - GNU TLS library - C++ runtime library
Closes: 769904
Changes:
gnutls28 (3.3.10-2) experimental; urgency=medium
.
* Remove SSL 3.0 from default priorities list.
Closes: #769904
Checksums-Sha1:
79bf9cd3a2cb120a616bd51b2c3656d09c94a2ab 2920 gnutls28_3.3.10-2.dsc
eea766b50820fcace0e2c81f6a019020cf28873e 84040 gnutls28_3.3.10-2.debian.tar.xz
5e38e385d115b1b2e09d86284e5fc392ee5a6e06 686662
libgnutls28-dev_3.3.10-2_i386.deb
7dabc2c1f10308f4ecc90cbeaa5954286dc22b23 716044
libgnutls-deb0-28_3.3.10-2_i386.deb
0a06f1efba59d02beb289184392576fb716eb1f7 1932178
libgnutls28-dbg_3.3.10-2_i386.deb
79bc409ae1712739a307c9049fd1bdef8bb03558 315908 gnutls-bin_3.3.10-2_i386.deb
e4042c23a48ee59e273e67257e10309ac04f84cb 3637306 gnutls-doc_3.3.10-2_all.deb
3e9aee51c68cadc6cc758e8aaa12334ac5a603e6 179754 guile-gnutls_3.3.10-2_i386.deb
71f85d7b66b65982394192e306ef2d09fad1e538 15388 libgnutlsxx28_3.3.10-2_i386.deb
066843b0e058376fb3cb3020a981399aeb088615 146920
libgnutls-openssl27_3.3.10-2_i386.deb
Checksums-Sha256:
a10b155f2740eadc8fd9d9c098ccd29cbf47b7e4d8dae079b4d42fb51f2a26a4 2920
gnutls28_3.3.10-2.dsc
cd1dcb1e85c1653822a96f4b3ace7adf95317f666e60324c10f2dc791fd99072 84040
gnutls28_3.3.10-2.debian.tar.xz
442edc6385ffea79016205f6509929f95df2e72e1a1d99d49b4c15efc3345976 686662
libgnutls28-dev_3.3.10-2_i386.deb
0fbcbf8b162335972cbee769c46048a0093c6dd92838ec5bd9097873aea31ecf 716044
libgnutls-deb0-28_3.3.10-2_i386.deb
c3ed977b11cce498aa46317925f01516e4a0e3be56b0c71f14fd7ce5ecad3b6f 1932178
libgnutls28-dbg_3.3.10-2_i386.deb
e21f3e4bec19b4d48d97cd186897bd5e98da9afb8bb6cfaf2f41878f6549e738 315908
gnutls-bin_3.3.10-2_i386.deb
1d9c3caa23ca03a468f1510dea365592feafa8ded3a8acb9731eed7b26ada6ef 3637306
gnutls-doc_3.3.10-2_all.deb
c403566efa5ce312c3c5d09d7ba20af36a0c6633f4d57978849fef0b5fed868c 179754
guile-gnutls_3.3.10-2_i386.deb
bb4e2b4942ccdd6184e3cbb02b8c90f4beda1f8eefd6cbe7d1ba30a513f6a923 15388
libgnutlsxx28_3.3.10-2_i386.deb
41559b7ff53916cfee1332731072482d00a54fd3bfd16b935fec23c5d87d580e 146920
libgnutls-openssl27_3.3.10-2_i386.deb
Files:
565cf640e9594a6920446fe99abeeb71 2920 libs optional gnutls28_3.3.10-2.dsc
5b5996b063856a8eb2599f5e2103a96d 84040 libs optional
gnutls28_3.3.10-2.debian.tar.xz
7ffbebb00e3346e1a64593464f4a4e82 686662 libdevel optional
libgnutls28-dev_3.3.10-2_i386.deb
990e8095a2f60057d47ab4ac3b9cd0e9 716044 libs standard
libgnutls-deb0-28_3.3.10-2_i386.deb
5066954eeb7ad747e15e1e1c8a627699 1932178 debug extra
libgnutls28-dbg_3.3.10-2_i386.deb
a8884e35384de53286759a0a08f7cddb 315908 net optional
gnutls-bin_3.3.10-2_i386.deb
66a38e45f8234d3d79decc9ce99a406e 3637306 doc optional
gnutls-doc_3.3.10-2_all.deb
06d20216a7fabf678d527be2095132b2 179754 lisp optional
guile-gnutls_3.3.10-2_i386.deb
a3a1623e5c929906cc57fda530d646da 15388 libs extra
libgnutlsxx28_3.3.10-2_i386.deb
60045eb7fa1827251b623a87d58ca65a 146920 libs standard
libgnutls-openssl27_3.3.10-2_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJUbOdDAAoJEKVPAYVDghSEoBkP/1Yjv7vT+FcKyIICdMCGx4rc
5RACOgmoW8mfYLrlX23NBrFZt0dYvAK2S9nwEegtNhSsrLHzPRs1rTI5qa66XsY7
30tMh6KlnPihnCQfYQwo3y/68KSciotqo6JC4FBpuDoi7HPG1bUKYEDqXHgBkEgn
qbVDB8Vs5ENLg2W/FWGn4ODkkZ578yaBVwTh6pZYkViFzW6rHTxYRN1O/lX/PGFZ
0pp1Dwe59Lovwb3BXT7/grB/6oRFsOrEC2dS87gKzxN80nW4WNO5qgaAljj12JsJ
CtwfQc797n0CBnrhchftl+SZqRaR1+EO2pXeYuvKLflUJ8XAQYEDsWbhmajnEP86
YmCn8/XM07vFiuPwc3dSJKgb0Rs0nWz4c4AB1sVcse5pDEV92hNF3ADOP3dYxbgW
VMyuWwKxxzeBNznhKL6nColfFCtfHQaj7U7Vb2OfVfvK7CbpGQCMniNnVnnImNeQ
of747h4iC5UKpMl1Gsnd+FwtpnjAj13qaWL82BId37vV1FEFBIU4NKBZM7X3yMVe
uiWMIPe0xVaPcOKKZHp0g2UAax2MSb18yns0vTYo3OIHP2X4LgssD4ipLHKzcvAw
WjO/PjOAt6BJ7Gs5YbXIqF6qEYtxs1L5aGMcARvXS7XoGoxUOyZgt2Ve7PNBLbay
3p8V2m1IP9dEjiENYYxb
=0cxd
-----END PGP SIGNATURE-----
--- End Message ---
