Bug#770835: marked as done (openvpn: Expired example certificates)

Tue, 02 Dec 2014 07:44:30 -0800 

Your message dated Tue, 02 Dec 2014 15:34:25 +0000
with message-id <[email protected]>
and subject line Bug#770835: fixed in openvpn 2.1.3-2+squeeze3
has caused the Debian Bug report #770835,
regarding openvpn: Expired example certificates
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
770835: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770835
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: openvpn
Version: 2.2.1-8+deb7u2
Severity: normal

The example certificates in the package expired recently:

for cert in usr/share/doc/openvpn/examples/sample-keys/*.crt; do openssl x509 
-noout -in "$cert" -text | grep -A2 Validity; done
        Validity
            Not Before: Nov 25 14:40:55 2004 GMT
            Not After : Nov 23 14:40:55 2014 GMT
        Validity
            Not Before: Nov 25 14:46:49 2004 GMT
            Not After : Nov 23 14:46:49 2014 GMT
        Validity
            Not Before: Nov 25 14:48:55 2004 GMT
            Not After : Nov 23 14:48:55 2014 GMT
        Validity
            Not Before: Nov 25 14:42:22 2004 GMT
            Not After : Nov 23 14:42:22 2014 GMT

I checked the currenty package version 2.3.4-4 in unstable. It
apparently uses the same files.

Please ship usable certificates in coming versions of the package.

-- System Information:
Debian Release: 7.7
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages openvpn depends on:
ii  debconf [debconf-2.0]  1.5.49
ii  initscripts            2.88dsf-41+deb7u1
ii  libc6                  2.13-38+deb7u6
ii  liblzo2-2              2.06-1+deb7u1
ii  libpam0g               1.1.3-7.1
ii  libpkcs11-helper1      1.09-1
ii  libssl1.0.0            1.0.1e-2+deb7u13
ii  net-tools              1.60-24.2

openvpn recommends no packages.

Versions of packages openvpn suggests:
ii  openssl     1.0.1e-2+deb7u13
pn  resolvconf  <none>

-- Configuration Files:
/etc/default/openvpn changed [not included]

-- debconf information excluded

--- End Message ---
--- Begin Message --- 
Source: openvpn
Source-Version: 2.1.3-2+squeeze3

We believe that the bug you reported is fixed in the latest version of
openvpn, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Evgeni Golov <[email protected]> (supplier of updated openvpn package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 02 Dec 2014 13:19:12 +0100
Source: openvpn
Binary: openvpn
Architecture: source amd64
Version: 2.1.3-2+squeeze3
Distribution: squeeze-lts
Urgency: high
Maintainer: Alberto Gonzalez Iniesta <[email protected]>
Changed-By: Evgeni Golov <[email protected]>
Description: 
 openvpn    - virtual private network daemon
Closes: 770835
Changes: 
 openvpn (2.1.3-2+squeeze3) squeeze-lts; urgency=high
 .
   * Non-maintainer upload by the Debian LTS Team.
   * Apply upstream patch that fixes possible DoS by authenticated
     clients. CVE-2014-8104
   * Patch sample certs since they were expired and made the package
     build fail. (Closes: #770835)
Checksums-Sha1: 
 659391c526c096865963453251b9ce9ef417a570 1725 openvpn_2.1.3-2+squeeze3.dsc
 acb63395cac974586f157c7c87ce24cb4d07fbc0 133042 
openvpn_2.1.3-2+squeeze3.debian.tar.gz
 ffc9c43fe9d16d86e3cdab2f9ef54e4d7173c48f 467552 
openvpn_2.1.3-2+squeeze3_amd64.deb
Checksums-Sha256: 
 fe24949d2595bf8733dd744def7c4cd7b554f74b2c086e4d419fabe7b7de7159 1725 
openvpn_2.1.3-2+squeeze3.dsc
 459cb4ef2f491b8025465d340b3c08ff4439803d9ff9b13f056d590127ff307c 133042 
openvpn_2.1.3-2+squeeze3.debian.tar.gz
 703db15ac9e277f80a78c312ce7d1efcf6d0f2bbd2ef667b7ae09ce5dd77b67e 467552 
openvpn_2.1.3-2+squeeze3_amd64.deb
Files: 
 7cf5c3433b0fd55edbe296c0c3582ed5 1725 net optional openvpn_2.1.3-2+squeeze3.dsc
 2d5a59b3cabf018472d0c0d4c78ed5be 133042 net optional 
openvpn_2.1.3-2+squeeze3.debian.tar.gz
 4106160056bb654e7a382eb55836b609 467552 net optional 
openvpn_2.1.3-2+squeeze3_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJUfdnOAAoJEKGwm0IzOWHo24EQAM3uyBkjuTR5ClQlis/S9lRv
4iJcZKq0/TWIvwh3Uzt5xvnIco3xAsxj+vc4hCbn2J7Vh0sm8rvX8FMGkoxOdtKE
YB1wspfABCPgnHl7Td/kmjbq3MiJakRSWgoaqTlHQwej1NfHqNIkxWtmYVH8gde/
6DWIdjgFtliQ3VeSnOsYL3BMFm5h9IW7p5AYQ+rQqZ2v4U3/5lBxr1NmLV1Io/dH
+6HspnuRUuqDHNhlcy2VklyBsyGiB1YhD3uOOPH/vQgnSunJh+zXyGNHvhOUP54n
mKa4cC69CUn4r1CaFB0bFF+Alu6L7yTj/JHjtjr8R7xesda9NeQyJv9JAV3BUTcZ
KZJHmYA6+ugmwx4a8ILX+Ice1rk69+ytuxmhgV0qOy+C/FOvEe3aGYXVEQ+yUlnI
5r0Zv/RSz8m7RAIR9L1TOqm7KCceSY1oluj41aF9xmfgVtof2badJHCwb9QTyU4U
Q95j5sPoTFXYDF3Nd7YJHlqdudOFpc0BIVgoZgviGcXiyyzV/9B9FmFJ5/PpHdyW
MyzVcdrCF6idj4KxFEn7J3hhCXjZeHbzXzDy+4i0J49ctEiFObcOmnk/Eg6bE4Kx
B6uTSEsOlz86cOJCoT4I0FYnWvfGbzP8mCTEt5umiOGvzW8S4oYu5bJEVLvsYTHF
eOwyIklT+d2kV71Tdk5N
=dbjj
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to