severity 544819 important merge 544819 541735 thanks On Thu, Sep 03, 2009 at 08:00:24AM +0200, Michael Neuffer wrote: > Package: libssl0.9.8 > Version: 0.9.8k-4 > Severity: serious > > fetchmail: Server certificate verification error: certificate signature > failure > 32201:error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown message > digest algorithm:a_verify.c:146: > 32201:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate > verify failed:s3_clnt.c:983: > fetchmail: SSL connection failed. > fetchmail: socket error while fetching from foobar...@securepop.t-online.de > fetchmail: Query status=2 (SOCKET) > fetchmail: sleeping at Mon Aug 31 12:05:17 2009 for 180 seconds > fetchmail: awakened at Mon Aug 31 12:08:17 2009 > fetchmail: Error exchanging credentials > fetchmail: Server certificate verification error: certificate signature > failure > 32201:error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown message > digest algorithm:a_verify.c:146: > 32201:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate > verify failed:s3_clnt.c:983: > fetchmail: SSL connection failed. > fetchmail: socket error while fetching from foobar...@securepop.t-online.de > fetchmail: Query status=2 (SOCKET) >
It's a known issue of the security update. It seems that verisign's root certificate is making use of MD2. Kurt -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
