Your message dated Mon, 30 Sep 2019 08:47:01 +0200
with message-id <[email protected]>
and subject line Re: firefox-esr: No TLS 1.2
has caused the Debian Bug report #941392,
regarding firefox-esr: No TLS 1.2
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
941392: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941392
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: firefox-esr
Version: 60.9.0esr-1~deb10u1
Severity: important
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?
I don't know when they started to, but northwestel (my internet
provider), and pcfinancial (my credit card) now check that the browser
supports TLS 1.2 and if it does not, will not allow acess to the secure
part of their website. This means I can't check my internet usage
(going over the monthly limit is very expensive here in the Yukon) nor
check or pay my credit-card on-line.
* What exactly did you do (or not do) that was effective (or
ineffective)?
I can't find any TLS options in preferences; upstream says it supports
TLS 1.2. The sites that check say I'm running an out-of-date brower.
* What was the outcome of this action?
Denied access to the sites.
* What outcome did you expect instead?
Proper TLS 1.2 support.
*** End of the template - remove these template lines ***
-- Package-specific info:
-- Addons package information
-- System Information:
Debian Release: 10.1
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-6-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), LANGUAGE=
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages firefox-esr depends on:
ii debianutils 4.8.6.1
ii fontconfig 2.13.1-2
ii libasound2 1.1.8-1
ii libatk1.0-0 2.30.0-2
ii libc6 2.28-10
ii libcairo-gobject2 1.16.0-4
ii libcairo2 1.16.0-4
ii libdbus-1-3 1.12.16-1
ii libdbus-glib-1-2 0.110-4
ii libevent-2.1-6 2.1.8-stable-4
ii libffi6 3.2.1-9
ii libfontconfig1 2.13.1-2
ii libfreetype6 2.9.1-3
ii libgcc1 1:8.3.0-6
ii libgdk-pixbuf2.0-0 2.38.1+dfsg-1
ii libglib2.0-0 2.58.3-2+deb10u1
ii libgtk-3-0 3.24.5-1
ii libhunspell-1.7-0 1.7.0-2
ii libjsoncpp1 1.7.4-3
ii libnspr4 2:4.20-1
ii libnss3 2:3.42.1-1+deb10u1
ii libpango-1.0-0 1.42.4-7~deb10u1
ii libsqlite3-0 3.27.2-3
ii libstartup-notification0 0.12-6
ii libstdc++6 8.3.0-6
ii libvpx5 1.7.0-3
ii libx11-6 2:1.6.7-1
ii libx11-xcb1 2:1.6.7-1
ii libxcb-shm0 1.13.1-2
ii libxcb1 1.13.1-2
ii libxcomposite1 1:0.4.4-2
ii libxdamage1 1:1.1.4-3+b3
ii libxext6 2:1.3.3-1+b2
ii libxfixes3 1:5.0.3-1
ii libxrender1 1:0.9.10-1
ii libxt6 1:1.1.5-1+b3
ii procps 2:3.3.15-2
ii zlib1g 1:1.2.11.dfsg-1
Versions of packages firefox-esr recommends:
ii libavcodec57 10:3.3.9-dmo1+deb9u1
ii libavcodec58 10:4.1.4-dmo1+deb10u1
Versions of packages firefox-esr suggests:
ii fonts-lmodern 2.004.5-6
ii fonts-stix [otf-stix] 1.1.1-4
ii libcanberra0 0.30-7
ii libgssapi-krb5-2 1.17-3
ii libgtk2.0-0 2.24.32-3
ii pulseaudio 12.2-4+deb10u1
-- debconf-show failed
Thanks.
--- End Message ---
--- Begin Message ---
On Sun, Sep 29, 2019 at 05:08:44PM -0700, Douglas A. Tutty wrote:
> Package: firefox-esr
> Version: 60.9.0esr-1~deb10u1
> Severity: important
>
> Dear Maintainer,
>
> *** Reporter, please consider answering these questions, where appropriate ***
>
> * What led up to the situation?
>
> I don't know when they started to, but northwestel (my internet
> provider), and pcfinancial (my credit card) now check that the browser
> supports TLS 1.2 and if it does not, will not allow acess to the secure
> part of their website. This means I can't check my internet usage
> (going over the monthly limit is very expensive here in the Yukon) nor
> check or pay my credit-card on-line.
>
> * What exactly did you do (or not do) that was effective (or
> ineffective)?
>
> I can't find any TLS options in preferences; upstream says it supports
> TLS 1.2. The sites that check say I'm running an out-of-date brower.
Enter "about:config" in your URL bar and search for "tls".
Firefox 60.x supports TLS 1.2 by default, your ISP's and credit card
company seem to have a broken capability check.
Cheers,
Moritz
--- End Message ---
