Control: tags -1 + confirmed On Sat, 2026-05-02 at 13:42 +0200, Andreas Metzler wrote: > after discussion with the security team I would like to fix a couple > CVEs and unrelated to that a interoperability issue via > stable/oldstable uploads: > > a) All the CVE fixes from the recent security update 4.99.2: [...] > b) Fix GnuTLS hostname verify of a server certificate with a > zero-length Subject. These are now being handed out by > LetsEncrypt; note that this means they carry no DN (as well as no > SN, that having decreed deprecated in favour of SANs). > > This is also a small change and something our DSA would appreciate.
With all the relevant hats on, thanks for preparing this. Please go ahead. Regards, Adam
