I'm marking this bug as `Won't Fix` as this new behavior is a deliberate
upstream choice that is documented in their migration documentation
https://www.openssl.org/docs/manmaster/man7/migration_guide.html
Granted, the documentation in question isn't exactly obvious (search for
RFC 5746), but we've showed here that there's a workaround for those who
can't convince their server admins to upgrade to a more secure SSL
implementation. Thank you all for your work on testing and documenting
said workarounds!
** Changed in: openssl (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1963834
Title:
openssl 3.0 - SSL: UNSAFE_LEGACY_RENEGOTIATION_DISABLED]
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1963834/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
