Your message dated Thu, 17 Sep 2009 01:56:59 +0000
with message-id <[email protected]>
and subject line Bug#541735: fixed in openssl 0.9.8c-4etch9
has caused the Debian Bug report #541735,
regarding libssl0.9.8: asn1 encoding routines:ASN1_item_verify:unknown message
digest algorithm:a_verify.c:146:
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
541735: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=541735
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libssl0.9.8
Version: 0.9.8k-4
Severity: serious
fetchmail: Server certificate verification error: certificate signature failure
32201:error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown message
digest algorithm:a_verify.c:146:
32201:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate
verify failed:s3_clnt.c:983:
fetchmail: SSL connection failed.
fetchmail: socket error while fetching from [email protected]
fetchmail: Query status=2 (SOCKET)
fetchmail: sleeping at Mon Aug 31 12:05:17 2009 for 180 seconds
fetchmail: awakened at Mon Aug 31 12:08:17 2009
fetchmail: Error exchanging credentials
fetchmail: Server certificate verification error: certificate signature failure
32201:error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown message
digest algorithm:a_verify.c:146:
32201:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate
verify failed:s3_clnt.c:983:
fetchmail: SSL connection failed.
fetchmail: socket error while fetching from [email protected]
fetchmail: Query status=2 (SOCKET)
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.30.5
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash
Versions of packages libssl0.9.8 depends on:
ii debconf [debconf-2.0] 1.5.27 Debian configuration management sy
ii libc6 2.9-26 GNU C Library: Shared libraries
ii zlib1g 1:1.2.3.3.dfsg-15 compression library - runtime
libssl0.9.8 recommends no packages.
libssl0.9.8 suggests no packages.
-- debconf information:
libssl0.9.8/restart-failed:
* libssl0.9.8/restart-services: fetchmail clamav-daemon clamav-freshclam bind9
dovecot postgresql-8.2 postfix spamassassin openvpn ssh
--- End Message ---
--- Begin Message ---
Source: openssl
Source-Version: 0.9.8c-4etch9
We believe that the bug you reported is fixed in the latest version of
openssl, which is due to be installed in the Debian FTP archive:
libcrypto0.9.8-udeb_0.9.8c-4etch9_amd64.udeb
to pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch9_amd64.udeb
libssl-dev_0.9.8c-4etch9_amd64.deb
to pool/main/o/openssl/libssl-dev_0.9.8c-4etch9_amd64.deb
libssl0.9.8-dbg_0.9.8c-4etch9_amd64.deb
to pool/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch9_amd64.deb
libssl0.9.8_0.9.8c-4etch9_amd64.deb
to pool/main/o/openssl/libssl0.9.8_0.9.8c-4etch9_amd64.deb
openssl_0.9.8c-4etch9.diff.gz
to pool/main/o/openssl/openssl_0.9.8c-4etch9.diff.gz
openssl_0.9.8c-4etch9.dsc
to pool/main/o/openssl/openssl_0.9.8c-4etch9.dsc
openssl_0.9.8c-4etch9_amd64.deb
to pool/main/o/openssl/openssl_0.9.8c-4etch9_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Kurt Roeckx <[email protected]> (supplier of updated openssl package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.7
Date: Fri, 11 Sep 2009 17:08:07 +0200
Source: openssl
Binary: libssl-dev openssl libssl0.9.8-dbg libcrypto0.9.8-udeb libssl0.9.8
Architecture: source amd64
Version: 0.9.8c-4etch9
Distribution: oldstable-security
Urgency: low
Maintainer: Debian OpenSSL Team <[email protected]>
Changed-By: Kurt Roeckx <[email protected]>
Description:
libcrypto0.9.8-udeb - crypto shared library - udeb (udeb)
libssl-dev - SSL development libraries, header files and documentation
libssl0.9.8 - SSL shared libraries
libssl0.9.8-dbg - Symbol tables for libssl and libcrypt
openssl - Secure Socket Layer (SSL) binary and related cryptographic tools
Closes: 541735
Changes:
openssl (0.9.8c-4etch9) oldstable-security; urgency=low
.
* Don't check self signed certificate signatures in X509_verify_cert()
(Closes: #541735)
Files:
853078a1ba61d986d0862b7052e6a47b 1455 utils optional openssl_0.9.8c-4etch9.dsc
1d168f6505755d3d5b2cc5c8dfc4a314 59037 utils optional
openssl_0.9.8c-4etch9.diff.gz
fe9448a60c33599b868d17865789e2cc 1017888 utils optional
openssl_0.9.8c-4etch9_amd64.deb
373b14c8d5d44eba8e2a704d29621e4e 891856 libs important
libssl0.9.8_0.9.8c-4etch9_amd64.deb
d98c62ccbd82164d39df6366fa654308 580330 debian-installer optional
libcrypto0.9.8-udeb_0.9.8c-4etch9_amd64.udeb
730e51554bee77b38922ab4968f7bd8f 2188696 libdevel optional
libssl-dev_0.9.8c-4etch9_amd64.deb
94723e6134595ff2a407ab3cb99c24c9 1655940 libdevel extra
libssl0.9.8-dbg_0.9.8c-4etch9_amd64.deb
Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQIcBAEBCgAGBQJKqpRtAAoJEGpMZM6DE7Xw/OYP/RQhNSpMtvGItUI/ZXIwtrAJ
avTbhyHW76GJTzUS45KuHCgc7neYfK1B7ZlVuqYYuT9lWrWnEtiqrlVZoIRRJEgp
Vr7nVj9xf9fKJA4zsrLn5t4WyV3yQks/hr+aWu1Cfx9RSFP7bIncMzrV3eUnJqEd
Le9OVWmw6QZDZ4OnfkF1+8fCzwN+5q8P7l6mRAnZX1nY5QV6CR3rxbmMb5fgJBzP
tmmWcIYiZs2mImcjDL7rYG+VIEvGheJDVvnC5cwyOHJHTZnkMV5E4uW7kIFTDw/J
WgJW//5q3FIXnnBSi9PTnxc6iTm+jOjBtGU8G7XMpHANkWzl1t26Eh4Yg8hj/Z7I
OtJ7ubQLgb7GJCEdEHmMd28YYWxL4Hy9KG8gidmlL7k82C/F7AXKUt0zK8q17U1K
wvalyv3CV7xAPrdI+MU/xVOyUeaRkH5r1TMsK4xGcRVa5PfQkv/gFjJJZpXcUioy
WJdfv0oSust35Vp2tudMjMU6mmw3JU/pqK/En/nP2H8/ktDzufadKGD44DjJ2OLI
7lla0LUD7xGThJiROYIwBAXmmYjJrO5YCw/jimvXq645CGKp32IDUUX4QeUHsPz4
9ZceGwBoyLg/pAkKo9Mq4/201oMr0qNVHCDUqanJqSjkK3EllqGMBAnyAYsQDu3G
5ixAU0EaGs28PaYbRTQC
=lkkw
-----END PGP SIGNATURE-----
--- End Message ---
