Control: tags -1 + unreproducible moreinfo
On Tue, 11 Jun 2024 10:27:33 +0200 Karine Crèvecœur wrote: > Package: apt-listbugs > Version: 0.1.42 > Severity: grave > > > Hi, Hello Karine, thanks for caring about apt-listbugs! > > Since the upgrade to version 0.1.42, apt-listbugs doesn't work anymore. That's unfortunate. However, I have tested apt-listbugs/0.1.42 for months, without ever experiencing any issue like this. And I am currently unable to reproduce the issue. > > As examplen the command > apt-listbugs list apt-lisbugs > gave the error: > > Retrieving bug reports... 0% Fail > Error retrieving bug reports from the server with the following error message: > E: SSL_connect returned=1 errno=0 > peeraddr=[2605:bc80:3010:b00:0:deb:166:212]:443 state=error: certificate > verify failed (unable to get local issuer certificate) > It could be because your network is down, or because of broken proxy servers, > or the BTS server itself is down. Check network configuration and try again This command works on my boxes: $ apt-listbugs -v 0.1.42 $ apt-listbugs list apt-listbugs Retrieving bug reports... Done Parsing Found/Fixed information... Done grave bugs of apt-listbugs (→ ) <Outstanding> b1 - #1072977 - apt-listbugs 0.1.42 is broken Summary: apt-listbugs(1 bug) > > > I downgrade apt-listbugs to the version 0.1.41-nmu1, it works just fine. [...] > I don't figure out why this issue occurs. It seems that your system is unable to verify the TLS certificate of https://bugs.debian.org apt-listbugs/0.1.42 switched to https by default, that's why it now needs to connect to the SOAP server via https. Can you think of a reason why your system fails to verify the TLS certificate of https://bugs.debian.org ? You should have package 'ca-certificates' installed: $ apt policy ca-certificates ca-certificates: Installed: 20240203 Candidate: 20240203 Version table: *** 20240203 800 800 http://deb.debian.org/debian testing/main amd64 Packages 500 http://deb.debian.org/debian unstable/main amd64 Packages 100 /var/lib/dpkg/status I say that you should, since there's the following dependency chain: apt-listbugs → ruby → ruby3.1 → rubygems-integration → ca-certificates Are you able to verify other TLS certificates, when accessing other sites via https? For instance, if you have a web browser installed on the same system, can you visit https://www.debian.org/ with your browser, without TLS certificate issues? Please let me know, so that we can try to debug the issue. -- http://www.inventati.org/frx/ There's not a second to spare! To the laboratory! ..................................................... Francesco Poli . GnuPG key fpr == CA01 1147 9CD2 EFDF FB82 3925 3E1C 27E1 1F69 BFFE
pgp_UOMMZJU6F.pgp
Description: PGP signature