Bug#768922: [Debian-ha-maintainers] pacemaker in jessie

2015-03-09 Thread franz schaefer 

  the libqb0 version 0.17.0-2 compiled on jessie out of the box. 
 
  so that should be quick and easy. who is going to do it?
 
 In https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768922#35 Jonathan
 Wiltshire (member of the release team) stated that migrating libqb isn't
 an option.  And the pacemaker reversion did not happen either.  Lacking
 direction, other people couldn't do anything about this either.

Ok. but what i do not understand: as it seems libqb is only used by
pacemaker and its daemons only anyway.  so even if it is not as clean as one
would wish for: why cant we still have it? as i said: it compiled fine and
with that library all the pacemaker stuff seems to work well. 

i would say it is better to have pacemaker then to not have it in the
distribution...


mond


-- 
~~
   .Franz Schaefer GPG KeyID: CFA2F632
  ..  +43 699 106 14 590 +43 720502048  Fingerprint: 57C2 C0CC
  ... schae...@mond.at 6F0A 54C7 0D88 D37E 
...  http://www.mond.at/   C17C CB16 CFA2 F632


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#706008: iceweasel / nss bug or problem

2013-04-23 Thread franz schaefer 

Package: iceweasel
Version: 10.0.12esr-1



after upgrading to wheezy and iceweasel 10.0.12esr-1

when i tried to connect to an older appliance (HP) via https i got:

---
 Secure Connection Failed
  
 An error occurred during a connection to x.x.x.x

  The page you are trying to view can not be shown because the authenticity
 of the received data could not be verified.
   Please contact the website owners to inform them of this problem.

 Alternatively, use the command found in the help menu to report this broken
 site.
--


and no option to ignore this.

as a workaround:

i had to set:

before starting iceweasel

export NSS_ALLOW_WEAK_SIGNATURE_ALG=1 

it would be good to have an option to allow this on a site by site basis in
the browser.

the nss website says the above environment setting does:

  Enables the use of MD2 and MD4 inside signatures. This was allowed by
  default before NSS 3.12.3.

when connectiong to the server via:

 openssl s_client -connect 

i get:

New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol  : TLSv1
Cipher: DHE-RSA-AES256-SHA


when i examine the self signed certificate it tells me:

$ openssl x509 -in q -text | grep Signature
Signature Algorithm: md5WithRSAEncryption
Signature Algorithm: md5WithRSAEncryption


so i am not really sure why this is rejected at all. but i thought i share
the sollution here in case other people have that problem as well.

mond


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org