It appears one of the patches added some new errors to the build logs: ... ./testssl: 128: [: SSLv3: unexpected operator Testing AES256-SHA Available compression methods: 1: zlib compression TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 1024 bit RSA 1 handshakes of 256 bytes done ./testssl: 128: [: SSLv3: unexpected operator ...
Thankfully the fix was simple (change == to = in debian/patches/CVE-2013-0169.patch for testssl), and once fixed didn't itself indicate any new errors. However now I'm at a loss how to test this package; my first shot, using "LD_PRELOAD=/path/to/libssl.so.0.9.8 openssl" didn't actually work. How did you test it and is there something I can do to at least smoke-test it? Thanks ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-0169 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1331452 Title: Please backport current CVEs for Precise LTS openssl098 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1331452/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs