Your message dated Thu, 16 Jul 2015 11:00:22 +0000
with message-id <[email protected]>
and subject line Bug#769905: fixed in wolfssl 3.4.8+dfsg-1
has caused the Debian Bug report #769905,
regarding cyassl: please disable SSLv3
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
769905: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769905
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: cyassl
Version: 2.9.4+dfsg-3
Severity: important
Tags: security
Hi,
Can SSLv3 be disabled in cyassl please?
As a reference, OpenSSL disabled this in jessie and sid:
https://packages.qa.debian.org/o/openssl/news/20141015T180434Z.html
It would be good for security and consistency if cyassl would also adopt this
approach and disable the legacy protocol in jessie and sid.
Cheers,
Thijs
--- End Message ---
--- Begin Message ---
Source: wolfssl
Source-Version: 3.4.8+dfsg-1
We believe that the bug you reported is fixed in the latest version of
wolfssl, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Felix Lechner <[email protected]> (supplier of updated wolfssl package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 26 Apr 2015 08:23:52 -0700
Source: wolfssl
Binary: libcyassl5 libwolfssl0 libwolfssl-dev libwolfssl0-dbg
Architecture: source amd64
Version: 3.4.8+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Felix Lechner <[email protected]>
Changed-By: Felix Lechner <[email protected]>
Description:
libcyassl5 - transitional dummy package with compatibility links
libwolfssl-dev - Development files for the WolfSSL encryption library
libwolfssl0 - WolfSSL encryption library
libwolfssl0-dbg - Debug symbols for the WolfSSL encryption library
Closes: 769905 770229
Changes:
wolfssl (3.4.8+dfsg-1) unstable; urgency=medium
.
* Name of package changed from 'cyassl' to 'wolfssl'
* New upstream release
* Disabled automatic downgrade to SSLv3 in release 3.2.0 (Closes: #769905)
* Fixed CVE-2014-2901, CVE-2014-2902, CVE-2014-2903 and CVE-2014-2904
in release 3.2.0 (Closes: #770229)
* Fixed TEMP-0000000-2D36D7 in release 3.2.0
* Added build option '--enable-chacha'
* Added build option '--enable-poly1305'
* Added build option '--enable-hashdrbg'
* Added build option '--use-fastmath'
* Added build option '--enable-ecc25519'
* Added build flag TFM_TIMING_RESISTANT
* Added build flag TFM_NO_ASM
* Added Build-Depends: libpcap0.8-dev for sniffer testing
* Removed obsolete build option '--enable-gcc-hardening'
* Removed LT_LIB_M in configure.ac to avoid linking uselessly with libm
* Enabled tests
* Added Exclude-Files: in 'copyright' for automatic repackaging
* Added repacksuffix=+dfsg in 'watch'
* Updated to Standards-Version: 3.9.6
* Added dummy package for 'libcyassl5'
* Replaces: libcyassl5 (<< 3.4.2-1~)
* Breaks: libcyassl5 (<< 3.4.2-1~)
* Provides: libcyassl5
* Created compatibility symlinks for libcyassl.so.5.0.0
Checksums-Sha1:
9e0f3d2d4256a143406c54b6b7a14454879fb98d 1646 wolfssl_3.4.8+dfsg-1.dsc
8f00d26ca0355f21d2490776ea71b797332b4f1a 954905 wolfssl_3.4.8+dfsg.orig.tar.gz
dce7e7021dfccf739f4bf05cfda26effed3294a1 9944
wolfssl_3.4.8+dfsg-1.debian.tar.xz
c89b87fb49ce12251053cda7004189a7fbec48c7 3726 libcyassl5_3.4.8+dfsg-1_amd64.deb
b3a185fb45dac0cb1c2666be7845217ce42b8e9c 951792
libwolfssl-dev_3.4.8+dfsg-1_amd64.deb
f56210bc559dc2bba2cf6c663ee2e56110af1488 655158
libwolfssl0-dbg_3.4.8+dfsg-1_amd64.deb
43fccdc810a9f2cb72d032498118e2da40909f4b 216062
libwolfssl0_3.4.8+dfsg-1_amd64.deb
Checksums-Sha256:
7ce5b446167a2171f940a7d94b6c96fb876d11b7d6d5995c3bebf2f20b553b76 1646
wolfssl_3.4.8+dfsg-1.dsc
a9bc053a44e7ac93e783ee41ce7d63b26c9e4783c71c842659902fee1113c1fb 954905
wolfssl_3.4.8+dfsg.orig.tar.gz
d2d726ce3c4e1d30974f0473b9571b516f0a715681a36425bf4629a6531b05fc 9944
wolfssl_3.4.8+dfsg-1.debian.tar.xz
208713b5bcae18785c869feaa082bae38e0fde82a3d0325be5c10072df4f09de 3726
libcyassl5_3.4.8+dfsg-1_amd64.deb
a5b6b11b17210fac922d30d7a1636a18b2bc92fe86c592df5581ab4336b3eeec 951792
libwolfssl-dev_3.4.8+dfsg-1_amd64.deb
7611ba8926213177762ef071023a40f61ad08d1ca08ead7ac0277f9adcdd7b4f 655158
libwolfssl0-dbg_3.4.8+dfsg-1_amd64.deb
fa36b0ef15c6bcb4177fdc07cc3aeaf7837aef1f82d5a0d6ae85a6856513610c 216062
libwolfssl0_3.4.8+dfsg-1_amd64.deb
Files:
61caff4001af3c12d00637f4897b4fe3 1646 libs optional wolfssl_3.4.8+dfsg-1.dsc
890a10bb5b9fbfd6b2f0bf6fd0f94819 954905 libs optional
wolfssl_3.4.8+dfsg.orig.tar.gz
30790aad3e71f080a2ae98f6d75c75ca 9944 libs optional
wolfssl_3.4.8+dfsg-1.debian.tar.xz
99adcfa0547b560b3dcf221d65981b04 3726 oldlibs extra
libcyassl5_3.4.8+dfsg-1_amd64.deb
9d5ca2339e80d711c4561bff45f1004e 951792 libdevel optional
libwolfssl-dev_3.4.8+dfsg-1_amd64.deb
88730669f2ebfa3e03f2de4d55e619ad 655158 debug extra
libwolfssl0-dbg_3.4.8+dfsg-1_amd64.deb
8e7d79ea0531e7cdfe7f9d926e28ff8a 216062 libs optional
libwolfssl0_3.4.8+dfsg-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJVhuPtAAoJEFOMB2b0vLOO748H/2cxLr+wsVq2qGxuTBkw9Tlx
ZnN/ku0l1Pjzq9i76jHquSv0goXab2u4P3SGangaTXHDZOEOAlYnF4guFI8bOidT
HPRzTWsiZ17uqa+wk8GCqmusIwYgr4ldBVUMHG/qVQkP7WXjW50dIrCKk2R4Dp5m
/O0+mpNzAuBj2cq+45MpFO3/oeupbEPz0cv4whiyHMx4VaZcYpnF8cmosFFBsGtb
yzvaMsJksp758N6SN8jF0AGtniNPyRIwY8Ewq6M6Ip5EyKmhaEGM4S/N+bd/N2vx
YidAUODr47fBvudsrw0O31UyNU/4AuDV53tVbGbm7uvNTb0Xj2PMDIu5GSH70VY=
=Zaqn
-----END PGP SIGNATURE-----
--- End Message ---
