Sorry, forgot the debdiff. Here it is.
Thanks.diff -Nru thrift-0.13.0/debian/changelog thrift-0.13.0/debian/changelog
--- thrift-0.13.0/debian/changelog 2021-02-14 19:50:04.0 +0100
+++ thrift-0.13.0/debian/changelog 2022-12-18 12:00:00.0 +0100
@@ -1,3 +1,9 @@
+thrift (0.13.0-6+deb11u1) bullseye; urgency=medium
+
+ * Replace outdated TLS test keys (closes: #1010120, #1015049).
+
+ -- Laszlo Boszormenyi (GCS) Sun, 18 Dec 2022 12:00:00 +0100
+
thrift (0.13.0-6) unstable; urgency=medium
* Backport upstream fix for THRIFT-5322: Go compact_protocol allocating
diff -Nru thrift-0.13.0/debian/patches/Replace_outdated_TLS_test_keys.patch
thrift-0.13.0/debian/patches/Replace_outdated_TLS_test_keys.patch
--- thrift-0.13.0/debian/patches/Replace_outdated_TLS_test_keys.patch
1970-01-01 01:00:00.0 +0100
+++ thrift-0.13.0/debian/patches/Replace_outdated_TLS_test_keys.patch
2022-12-18 12:00:00.0 +0100
@@ -0,0 +1,848 @@
+From 54765854873e19b8ba50a0ec8080dd92d8323851 Mon Sep 17 00:00:00 2001
+From: Jens Geyer
+Date: Thu, 30 Jun 2022 17:55:40 +0200
+Subject: [PATCH] Replaced outdated TLS test keys
+
+---
+ test/keys/CA.pem| 187 +---
+ test/keys/client.crt| 47 +-
+ test/keys/client.key| 50 +--
+ test/keys/client.pem| 113
+ test/keys/client_v3.crt | 50 ++-
+ test/keys/client_v3.key | 50 +--
+ test/keys/server.crt| 59 -
+ test/keys/server.key| 76 ++--
+ test/keys/server.pem| 135 ++---
+ 11 files changed, 455 insertions(+), 312 deletions(-)
+
+--- a/test/keys/CA.pem
b/test/keys/CA.pem
+@@ -1,82 +1,133 @@
+ Certificate:
+ Data:
+ Version: 3 (0x2)
+-Serial Number: 16582080088954381212 (0xe61f61fc3b34239c)
+-Signature Algorithm: sha1WithRSAEncryption
+-Issuer: C=US, ST=Maryland, L=Forest Hill, O=The Apache Software
Foundation, OU=Apache Thrift, CN=localhost/emailAddress=d...@thrift.apache.org
++Serial Number:
++0c:6f:84:20:71:35:10:57:ae:8f:47:5d:5a:dc:46:40:03:da:b6:df
++Signature Algorithm: sha256WithRSAEncryption
++Issuer: CN = localhost, emailAddress = d...@thrift.apache.org, OU =
Apache Thrift, O = The Apache Software Foundation, L = Forest Hill, ST =
Maryland, C = US
+ Validity
+-Not Before: Apr 7 18:58:00 2014 GMT
+-Not After : Jun 24 18:58:00 2022 GMT
+-Subject: C=US, ST=Maryland, L=Forest Hill, O=The Apache Software
Foundation, OU=Apache Thrift, CN=localhost/emailAddress=d...@thrift.apache.org
++Not Before: Jun 30 22:37:28 2022 GMT
++Not After : Sep 16 22:37:28 2030 GMT
++Subject: CN = localhost, emailAddress = d...@thrift.apache.org, OU =
Apache Thrift, O = The Apache Software Foundation, L = Forest Hill, ST =
Maryland, C = US
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+-Public-Key: (2048 bit)
++RSA Public-Key: (4096 bit)
+ Modulus:
+-00:aa:13:d4:c4:f7:01:17:a7:92:d1:b4:b4:15:0d:
+-21:90:19:5e:fc:fb:b6:6d:3f:f2:3f:65:a2:7a:43:
+-a6:46:95:fc:43:16:f6:63:14:5e:f7:b1:e3:61:02:
+-f9:4a:95:89:bf:8d:f9:48:1d:82:e7:34:e0:b2:48:
+-df:08:d9:7c:3a:2f:d3:1b:0b:e8:ef:c2:41:0a:7d:
+-0a:38:78:3a:31:66:73:99:8c:d1:79:27:5f:e5:66:
+-d0:5e:3a:8c:0c:92:18:73:04:c1:f5:45:db:37:e7:
+-5f:c7:8c:a3:60:e9:92:a0:d8:29:5d:77:48:fb:1d:
+-b0:ed:12:2c:4e:2e:02:db:3d:1a:41:71:a6:2b:2e:
+-b3:4c:6a:c7:f7:1d:a9:7e:c7:cf:db:f2:e7:b6:f3:
+-1f:77:1d:24:01:1a:66:66:30:85:30:02:29:c4:bb:
+-f7:cd:3f:89:4b:1a:5f:f4:91:96:fb:e9:39:f2:46:
+-96:12:3d:8a:23:b5:2e:82:9e:41:fe:40:b6:27:b1:
+-14:44:5c:96:30:0f:55:e4:bb:ad:8b:8a:99:17:c0:
+-29:11:4e:76:79:9d:4b:03:31:7e:85:3c:a8:23:40:
+-54:02:58:35:c6:fc:dd:3d:eb:e3:d1:51:00:02:86:
+-1a:d7:b0:9f:a0:17:73:6a:5a:d0:e6:b6:b8:55:40:
+-5e:27
++00:cf:ee:6a:6d:c1:5e:32:34:c7:a8:5f:76:a7:6b:
++e0:04:db:88:30:3b:9e:20:fc:31:28:69:ca:a0:66:
++76:93:16:bb:b9:e0:f7:58:2b:64:f0:83:97:b4:ff:
++eb:10:ab:75:3f:76:34:8e:e6:0a:99:c0:e6:10:4a:
++ff:45:bc:fb:96:3c:36:72:a3:93:06:72:9b:d1:f9:
++90:ed:7c:15:0f:a1:1f:59:89:ab:76:f1:e7:b9:b1:
++b1:90:04:d4:8c:1b:af:6d:56:fc:ac:61:e8:9c:76:
++ef:d6:b2:cb:05:40:53:a9:7d:70:7f:da:4b:9b:77:
++a6:5d:2a:65:4c:ac:06:2d:e6:7b:62:7c:f3:3e:a8:
++
