Your message dated Mon, 17 Oct 2016 22:02:24 +0200
with message-id <20161017200224.ueh3rimq5fnr7...@breakpoint.cc>
and subject line Re: [Pkg-openssl-devel] Bug#838928: Bug#838928: libssl1.0.0: 
Some E-mail clients stopped working with dropped connections with deb8u5. 
deb8u3 works ok.
has caused the Debian Bug report #838928,
regarding libssl1.0.0: Some E-mail clients stopped working with dropped 
connections with deb8u5. deb8u3 works ok.
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
838928: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838928
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libssl1.0.0
Version: 1.0.1t-1+deb8u5
Severity: important

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
   * What exactly did you do (or not do) that was effective (or
     ineffective)?
   * What was the outcome of this action?
   * What outcome did you expect instead?

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: 8.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-openvz-042stab113.11-amd64 (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages libssl1.0.0 depends on:
ii  debconf [debconf-2.0]  1.5.56
ii  libc6                  2.19-18+deb8u3
ii  multiarch-support      2.19-18+deb8u6

libssl1.0.0 recommends no packages.

libssl1.0.0 suggests no packages.

-- debconf information excluded

--- End Message ---
--- Begin Message ---
On 2016-09-26 18:35:25 [+0200], Kurt Roeckx wrote:
> On Mon, Sep 26, 2016 at 04:38:13PM +0200, Hrvoje Dagelic wrote:
> > Package: libssl1.0.0
> > Version: 1.0.1t-1+deb8u5
> > Severity: important
> 
> This is probably a result of moving 3DES from the HIGH level to
> the MEDIUM level because of the sweet32 attack.
> 
> My guess is that those systems that have a problem are still
> running windows XP.
> 
> I suggest you alter the settings of your server to allow the
> MEDIUM ciphers.

closing since this is mostly the same thing as in #838765: no more 3des
in the HIGH category due to sweet32.

> Kurt

Sebastian

--- End Message ---

Reply via email to