This bug was fixed in the package openssl - 1.1.1-1ubuntu2.2
---
openssl (1.1.1-1ubuntu2.2) cosmic; urgency=medium
* debian/rules: Ship openssl.cnf in libssl1.1-udeb, as required to use
OpenSSL by other udebs, e.g. wget-udeb. LP: #1822898
* Drop debian/patches/UBUNTU-lower-tl
Thanks for the verification! The SRU has some reported autopkgtest
regressions - could you take a look at those?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1822984
Title
generated new weak key, cert and try to use it with current cosmic's
openssl and succeed:
# openssl genrsa -des3 -out myCA.key 600
# openssl req -x509 -new -nodes -key myCA.key -sha256 -days 1825 -out myCA.pem
# openssl s_server -cert myCA.pem -key myCA.key -WWW
# wget --ca-certificate myCA.pem h
Hello Dimitri, or anyone else affected,
Accepted openssl into cosmic-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/openssl/1.1.1-1ubuntu2.2 in a few
hours, and then in the -proposed repository.
Please help us by testing this new package. See
https:
This bug was fixed in the package openssl - 1.1.1b-1ubuntu2
---
openssl (1.1.1b-1ubuntu2) disco; urgency=medium
* debian/rules: Ship openssl.cnf in libssl1.1-udeb, as required to use
OpenSSL by other udebs, e.g. wget-udeb. LP: #1822898
* Drop debian/patches/UBUNTU-lower-tls-s
** Changed in: openssl (Ubuntu Cosmic)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1822984
Title:
revert tls security level back to 1
But equally, I would not want to keep cosmic more insecure than what
bionic and disco will be. And currently, cosmic is a release regression
w.r.t. bionic GA. Upgrading to newer releases, should not result in
looser acceptance of insecure protocols.
** Description changed:
[Impact]
* increase
The patch was added by Dimitri in cosmic to restore compatibility with
older and less secure TLS implementations using weak keys. However,
bionic shipped without compatibility with those less secure keys, and we
are unaware of any complaints about this change in bionic. This distro
patch to lower
looks like someone else accepted with this question still pending...
still would appreciate an answer
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1822984
Title:
revert
that regression potential doesn't really describe what might regress...
I think it could be improved.
since you asked me to review, can you give a bit more context for the
change please? why did we have the patch before and why can it be
removed now?
--
You received this bug notification because
** Changed in: openssl (Ubuntu Disco)
Status: New => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1822984
Title:
revert tls security level back to 1
11 matches
Mail list logo
