Your message dated Sat, 23 May 2015 23:49:11 +0000 with message-id <e1ywjaf-0002yh...@franck.debian.org> and subject line Bug#783601: fixed in libinfinity 0.6.6-1 has caused the Debian Bug report #783601, regarding gobby silently accepts expired certificates to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 783601: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783601 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: gobby Version: 0.5.0-4 Severity: serious X-Debbugs-Cc: intrig...@boum.org Dear Maintainer, At the moment the certificate of gobby.debian.net is expired (reported separately as Bug#783599) but Jessie's gobby happily establishes a full connection to it without any warning. This is a regression since Wheezy, since it's not the case in gobby-0.5 (version 0.4.94-5), which shows a warning stating that the certificate has expired with the option to accept it any way. It's strange (and perhaps relevant), but if one configures an empty file as the "Trusted CAs" file in Jessie's gobby's security options, *then* it lists the connection with a "certificate expired" error next to it in the Document Browser pane. However, no prompt is shown, so it's not possible to manually accept the expired certificate. Cheers! -- System Information: Debian Release: 8.0 APT prefers stable APT policy: (990, 'stable'), (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages gobby depends on: ii dpkg 1.17.25 ii libatk1.0-0 2.14.0-1 ii libatkmm-1.6-1 2.22.7-2.1 ii libc6 2.19-18 ii libcairo-gobject2 1.14.0-2.1 ii libcairo2 1.14.0-2.1 ii libcairomm-1.0-1 1.10.0-1.1 ii libgcc1 1:4.9.2-10 ii libgdk-pixbuf2.0-0 2.31.1-2+b1 ii libglib2.0-0 2.42.1-1 ii libglibmm-2.4-1c2a 2.42.0-1 ii libgnutls-deb0-28 3.3.8-6 ii libgsasl7 1.8.0-6 ii libgtk-3-0 3.14.5-1 ii libgtkmm-3.0-1 3.14.0-1 ii libgtksourceview-3.0-1 3.14.1-1 ii libinfgtk3-0.6-0 0.6.5-1 ii libinfinity-0.6-0 0.6.5-1 ii libpango-1.0-0 1.36.8-3 ii libpangocairo-1.0-0 1.36.8-3 ii libpangomm-1.4-1 2.34.0-1.1 ii libsigc++-2.0-0c2a 2.4.0-1 ii libstdc++6 4.9.2-10 ii libunique-3.0-0 3.0.2-2 ii libxml++2.6-2 2.36.0-2.1 ii libxml2 2.9.1+dfsg1-5
signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---Source: libinfinity Source-Version: 0.6.6-1 We believe that the bug you reported is fixed in the latest version of libinfinity, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 783...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Philipp Kern <pk...@debian.org> (supplier of updated libinfinity package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 24 May 2015 01:29:07 +0200 Source: libinfinity Binary: libinfinity-0.6-dev libinfinity-0.6-doc libinfinity-0.6-dbg libinfinity-0.6-0 libinfgtk3-0.6-0 infinoted Architecture: source amd64 all Version: 0.6.6-1 Distribution: unstable Urgency: medium Maintainer: Philipp Kern <pk...@debian.org> Changed-By: Philipp Kern <pk...@debian.org> Description: infinoted - dedicated server for infinote-based collaborative editing libinfgtk3-0.6-0 - infinote-based collaborative editing (Gtk widgets) libinfinity-0.6-0 - infinote-based collaborative editing libinfinity-0.6-dbg - infinote-based collaborative editing - debugging symbols libinfinity-0.6-dev - infinote-based collaborative editing - development files libinfinity-0.6-doc - infinote-based collaborative editing - documentation Closes: 783601 Changes: libinfinity (0.6.6-1) unstable; urgency=medium . * New upstream release - Check certificates for expiration and weak algorithms even if the CA is trusted. (Closes: #783601) Checksums-Sha1: 1323e5c823eed007b6e6e1a3e602cb2f98813196 1895 libinfinity_0.6.6-1.dsc 8ead3b1cc307f7614f5bd01c63b6b83d18f9d18c 1987142 libinfinity_0.6.6.orig.tar.gz d7f81bd9443c9fd1564d9708c06b928ef681f3f5 12496 libinfinity_0.6.6-1.debian.tar.xz d8ae52d30f6b9c6997fab32a297b9303da684075 184546 infinoted_0.6.6-1_amd64.deb b8700774624c9e55383ebea52e6f4b8b8f5e3038 217832 libinfgtk3-0.6-0_0.6.6-1_amd64.deb 9396510c9bdaccc4e395b332ae1766de77196d8b 411998 libinfinity-0.6-0_0.6.6-1_amd64.deb dca095aa49f98477fcf1a0b2bfdc6137a9798092 1623232 libinfinity-0.6-dbg_0.6.6-1_amd64.deb bca7ade192e136610807a04c3d9339fea6ccf31e 610356 libinfinity-0.6-dev_0.6.6-1_amd64.deb 2ac9ca58ec9e8ef5a034f500b90c4d55f757e4c4 372446 libinfinity-0.6-doc_0.6.6-1_all.deb Checksums-Sha256: d80c07868c35096effd0bbff8cca4da78597fed543a5ce79300587b70935a590 1895 libinfinity_0.6.6-1.dsc 3df9397b52d61392cbe98084aada9b7362a34811ef21baa0db87fdfd754f92cc 1987142 libinfinity_0.6.6.orig.tar.gz f5465b58db12e793e63247f8cd675db9e91693ea2a24125e9f6b21122d90f6d5 12496 libinfinity_0.6.6-1.debian.tar.xz c91d8a01672f81e501b3577ea6258d494834dc3baa3d373c350303855c6317f9 184546 infinoted_0.6.6-1_amd64.deb 1b314aba7c527629e98305865c331a3181c7b9ff1af4030cb01c5150605d44a6 217832 libinfgtk3-0.6-0_0.6.6-1_amd64.deb 6f18d0d2366a009187b72a69796e54201ea4f2b35cdd094834475877b6acb12c 411998 libinfinity-0.6-0_0.6.6-1_amd64.deb 7afc5af697c29d0f198660fc89620b6c4a006d520920421b55b2083d35c4cd7a 1623232 libinfinity-0.6-dbg_0.6.6-1_amd64.deb 2d985a9b37d3f297345ae5cd0392d226fd80e84833162dad9c0b6b32d5ec4e87 610356 libinfinity-0.6-dev_0.6.6-1_amd64.deb e30beb614892c42cf788831bc32c530bc7fb6a66e8e30058eefd9f2988928d0d 372446 libinfinity-0.6-doc_0.6.6-1_all.deb Files: 0d42ab8324b6b3b537caba4ad7075f21 1895 libs optional libinfinity_0.6.6-1.dsc c65f9f13f17afb4db2ec8cfaf5f01ce5 1987142 libs optional libinfinity_0.6.6.orig.tar.gz 061e93350a1342c9fbe24d9449a1009a 12496 libs optional libinfinity_0.6.6-1.debian.tar.xz 5445e47a0348598813e413beb5a6d9f3 184546 net optional infinoted_0.6.6-1_amd64.deb ba5f6a98f9f28c0ea563f8bdeffc19c9 217832 libs optional libinfgtk3-0.6-0_0.6.6-1_amd64.deb dfbb9e3ae95b7fab9e79bdc4fe4ac93d 411998 libs optional libinfinity-0.6-0_0.6.6-1_amd64.deb be64f34f0d5ccf97334a3039d6929a6b 1623232 debug extra libinfinity-0.6-dbg_0.6.6-1_amd64.deb 8c6f4a37884a5168e05bec201aab9549 610356 libdevel optional libinfinity-0.6-dev_0.6.6-1_amd64.deb db38b909539784f390269138e894bdfc 372446 doc optional libinfinity-0.6-doc_0.6.6-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJVYQ+oAAoJEERuJUU10Fbsd/sH/RmCXM1K+2Rc31JvOJOxwz6R Ow6tEAWD4/uV6ehpXtJB8ZvT+aQUS2br1lIbzdHNO6fgPt56WoaH95DVuVhe+AXX vHy5D8T4V/3iFrRL9d/UzT46FnQJPX2M62kQ0lynQhi2dOJptcneS6KZzWxRAHXK 2MpjOvI/L9pp36IFlpsmqFX7j/LM/uW1XyYz+y9Nxi4kk/x0IeEAsC5caDhn5WUE +YzTMmTGA2CS1camoqW8mfhmfTm5Oc7eK1+QEwAE3UaV2MH3lgItePA9/coJUVWy lDAZSM5qFI5ohPIybAPYq7yOXt3bkGfCqqPxs1VvkHpQmDMJ0EuVvRHsQ6d0cNg= =raMU -----END PGP SIGNATURE-----
--- End Message ---
