Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
Dear release team, Since the last upload of Python and OpenSSL, oslo.messaging is broken, because we've removed PROTOCOL_SSLv3 (almost certainly, the intend is to prevent protocol downgrade attacks). My last upload of oslo.messaging removes the use of PROTOCOL_SSLv3, which make the package work again. Debdiff attached, as always... Please unblock oslo.messaging/1.4.0.0+really+1.3.1-2. Cheers, Thomas Goirand (zigo)
diff -Nru oslo.messaging-1.4.0.0+really+1.3.1/debian/changelog oslo.messaging-1.4.0.0+really+1.3.1/debian/changelog --- oslo.messaging-1.4.0.0+really+1.3.1/debian/changelog 2014-09-21 16:28:27.000000000 +0000 +++ oslo.messaging-1.4.0.0+really+1.3.1/debian/changelog 2014-11-21 09:53:40.000000000 +0000 @@ -1,3 +1,9 @@ +oslo.messaging (1.4.0.0+really+1.3.1-2) unstable; urgency=medium + + * Removed the use of PROTOCOL_SSLv3 which is gone from Python. + + -- Thomas Goirand <z...@debian.org> Fri, 21 Nov 2014 09:50:49 +0000 + oslo.messaging (1.4.0.0+really+1.3.1-1) unstable; urgency=medium * Repairing wrong upload to unstable (this was due to a wrong release of diff -Nru oslo.messaging-1.4.0.0+really+1.3.1/debian/patches/remove-PROTOCOL_SSLv3.patch oslo.messaging-1.4.0.0+really+1.3.1/debian/patches/remove-PROTOCOL_SSLv3.patch --- oslo.messaging-1.4.0.0+really+1.3.1/debian/patches/remove-PROTOCOL_SSLv3.patch 1970-01-01 00:00:00.000000000 +0000 +++ oslo.messaging-1.4.0.0+really+1.3.1/debian/patches/remove-PROTOCOL_SSLv3.patch 2014-11-21 09:53:40.000000000 +0000 @@ -0,0 +1,19 @@ +Description: Remove the use of ssl.PROTOCOL_SSLv3 + The ssl.PROTOCOL_SSLv3 support has been removed from Python and OpenSSL, + which broke completely oslo.messaging. This patch fixes it. +Author: Thomas Goirand <z...@debian.org> +Forwarded: https://review.openstack.org/136278 +Last-Update: 2014-11-21 + +--- oslo.messaging-1.4.0.0+really+1.3.1.orig/oslo/messaging/_drivers/impl_rabbit.py ++++ oslo.messaging-1.4.0.0+really+1.3.1/oslo/messaging/_drivers/impl_rabbit.py +@@ -477,8 +477,7 @@ class Connection(object): + # FIXME(markmc): use oslo sslutils when it is available as a library + _SSL_PROTOCOLS = { + "tlsv1": ssl.PROTOCOL_TLSv1, +- "sslv23": ssl.PROTOCOL_SSLv23, +- "sslv3": ssl.PROTOCOL_SSLv3 ++ "sslv23": ssl.PROTOCOL_SSLv23 + } + + try: diff -Nru oslo.messaging-1.4.0.0+really+1.3.1/debian/patches/series oslo.messaging-1.4.0.0+really+1.3.1/debian/patches/series --- oslo.messaging-1.4.0.0+really+1.3.1/debian/patches/series 2014-09-21 16:28:27.000000000 +0000 +++ oslo.messaging-1.4.0.0+really+1.3.1/debian/patches/series 2014-11-21 09:53:40.000000000 +0000 @@ -1 +1,2 @@ no-intersphinx.patch +remove-PROTOCOL_SSLv3.patch
