FYI I found that I had an old entry in /etc/hosts for this target domain to the
localhost.
In effect it was fetching the (VALID) wildcard cert from my dev server
(localhost) instead of reaching out to live server.
The wildcard cert on localhost is valid, though, (t1.skywaytheatre.com), so the
Marc, if there's a way I can give you access to this server thats no
problem if it would help. As I mentioned this is just a dev server for a
website. Also I just tried update/upgrade again, no go.
ubuntu@t1:~$ sudo apt update
Hit:1 http://us-west-2.ec2.archive.ubuntu.com/ubuntu jammy InRelease
Also this is an Amazon EC2 instance running Ubuntu 22.04. It's a dev web
server.
The live server which is basically the same image without recent updates and
later PHP versions / packages does NOT exhibit this bug.
System with bug:
ubuntu@t1:~$ lsb_release -a
No LSB modules are available.
Thanks for response. Requested output from system with bug (DEV) below:
ubuntu@t1:~$ sudo dpkg -l | grep curl
ii curl 7.81.0-1ubuntu1.13
amd64command line tool for transferring
data with URL syntax
ii
What's the output of "dpkg -l | grep curl"?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to curl in Ubuntu.
https://bugs.launchpad.net/bugs/2028170
Title:
curl 7.81.0-1ubuntu1.11 fails verifying proper ssl cert w/
I'm also experiencing this issue now. did update, upgrade, even reboot (this is
a dev/staging web server).
Example:
ubuntu@t1:~$ curl -v
https://skywaytheatre.com/wp-content/uploads/2023/01/Avatar-flyer-LOCAL-1.png
* Trying 52.37.32.232:443...
* Connected to skywaytheatre.com (52.37.32.232)
Talking to Wordpress and they think I might have a different issue. If
that's not it I'll come back. Sorry about the confusion.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to curl in Ubuntu.
Do you have a specific site I can try that doesn't work?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to curl in Ubuntu.
https://bugs.launchpad.net/bugs/2028170
Title:
curl 7.81.0-1ubuntu1.11 fails verifying proper ssl
Is this fixed for all use cases? I have the 7.81.0-1ubuntu1.13 versions
and I'm still getting "no alternative certificate subject name matches
target host name" messages for Wordpress beta updates and with a couple
of other curl scripts.
--
You received this bug notification because you are a
** Tags added: regression-update
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to curl in Ubuntu.
https://bugs.launchpad.net/bugs/2028170
Title:
curl 7.81.0-1ubuntu1.11 fails verifying proper ssl cert w/ subj-alt-
name
https://ubuntu.com/security/notices/USN-6237-2
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to curl in Ubuntu.
https://bugs.launchpad.net/bugs/2028170
Title:
curl 7.81.0-1ubuntu1.11 fails verifying proper ssl cert w/
** Changed in: curl (Ubuntu Mantic)
Status: Confirmed => Invalid
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to curl in Ubuntu.
https://bugs.launchpad.net/bugs/2028170
Title:
curl 7.81.0-1ubuntu1.11 fails verifying
cpetrie, how were you able to get 7.81.0-1ubuntu1.13? I'm getting
`Version '7.81.0-1ubuntu1.13' for 'curl' was not found` when I deploy.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to curl in Ubuntu.
7.81.0-1ubuntu1.13 fixes the issue for me, thanks for the quick
response!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to curl in Ubuntu.
https://bugs.launchpad.net/bugs/2028170
Title:
curl 7.81.0-1ubuntu1.11 fails
It should appear in -security and get automatically copied to -updates
next time the publisher runs, probably within the next half-hour or so.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to curl in Ubuntu.
Thanks, Marc - When should we see that package promoted to jammy-
updates? It's still showing 1.11 -
https://packages.ubuntu.com/jammy/curl
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to curl in Ubuntu.
This bug was fixed in the package curl - 7.81.0-1ubuntu1.13
---
curl (7.81.0-1ubuntu1.13) jammy-security; urgency=medium
* SECURITY REGRESSION: broken ssl cert wildcard handling (LP: #2028170)
- debian/patches/CVE-2023-28321.patch: fix missing line in backport.
-- Marc
The fix is currently building here:
https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages
As soon as the riscv64 builds finish, I will be releasing it.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to
This only affects Ubuntu 22.04 because of an issue with the backported
patch.
** Changed in: curl (Ubuntu Focal)
Status: In Progress => Invalid
** Changed in: curl (Ubuntu Kinetic)
Status: In Progress => Invalid
** Changed in: curl (Ubuntu Lunar)
Status: In Progress =>
We will be reverting this fix until it can be properly investigated. I
will prepare emergency updates that will be published today.
** Also affects: curl (Ubuntu Kinetic)
Importance: Undecided
Status: New
** Also affects: curl (Ubuntu Focal)
Importance: Undecided
Status: New
I also see the PHP breakage. This took our service partially offline for
a few minutes.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to curl in Ubuntu.
https://bugs.launchpad.net/bugs/2028170
Title:
curl 7.81.0-1ubuntu1.11
AWS S3 connections through the AWS PHP SDK are failing since upgrading
to 1.11 with curl error 60. Downgrading to 1.10 resolves the issue.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to curl in Ubuntu.
This bug is causing breakage in the Lean 4 build cache infrastructure:
https://leanprover.zulipchat.com/#narrow/stream/287929-mathlib4/topic/leantar.20too.20old.20.28lean.20exe.20cache.20get.20not.20working.29/near/376686259
--
You received this bug notification because you are a member of
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: curl (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to curl in Ubuntu.
24 matches
Mail list logo