Control: severity -1 serious
On Mon, Jan 21, 2019 at 02:02:44PM +0100, Moritz Muehlenhoff wrote:
> Package: ruby2.3
> Version: 2.3.3-1+deb9u4
> Severity: important
>
> Hi Ruby maintainers,
> I tried to rebuild ruby2.3 2.3.3-1+deb9u4 and it fails with the following
> four test
> failures:
>
> --------------------
>
> 1) Failure:
> IMAPTest#test_imaps_with_ca_file
> [/build/ruby2.3-2.3.3/.ext/common/openssl/ssl.rb:404]:
> Exception raised:
> <#<OpenSSL::SSL::SSLError: SSL_accept returned=1 errno=0 state=unknown state:
> sslv3 alert certificate expired>>.
>
> 2) Failure:
> IMAPTest#test_starttls [/build/ruby2.3-2.3.3/test/net/imap/test_imap.rb:21]:
> exceptions on 1 threads:
> #<Thread:0x00557568d045e8@/build/ruby2.3-2.3.3/test/net/imap/test_imap.rb:573
> dead>:
> /build/ruby2.3-2.3.3/test/net/imap/test_imap.rb:589:in `accept': SSL_accept
> returned=1 errno=0 state=unknown state: sslv3 alert certificate expired
> (OpenSSL::SSL::SSLError)
> from /build/ruby2.3-2.3.3/test/net/imap/test_imap.rb:589:in `block in
> starttls_test'
>...
> Failure 1 and 2 are probably just an expired cert.
These look like #919516 in ruby2.5.
> We don't currently have any open/pending ruby2.3 security issues, but it
> would be nice
> if those could be fixed in either the stretch branch in git or for the next
> point release,
> so that this doesn't block a future sec update.
I'm marking it as RC, like any other FTBFS in stable.
This makes it visible for people looking through RC bugs in stable.
> Cheers,
> Moritz
cu
Adrian
--
"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed
