Your message dated Wed, 04 Mar 2026 15:20:44 +0000
with message-id <[email protected]>
and subject line Bug#1129594: Removed package(s) from unstable
has caused the Debian Bug report #880571,
regarding sylpheed: cannon connect to servers using TLSv1 and TLSv1.1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
880571: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880571
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: sylpheed
Version: 3.6.0-1
Severity: normal
Tags: patch
Dear Maintainer,
the Debian openssl package deprecated TLSv1 and TLSv1.1 in August 2017,
see:
https://lists.debian.org/debian-devel-announce/2017/08/msg00004.html
https://anonscm.debian.org/viewvc/pkg-openssl/openssl/branches/1.1.0/debian/patches/tls1_2_default.patch?revision=912&view=markup
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875423
It's not clear if this decision is final and will affect the next Debian
stable release, however in the meantime, sylpheed in Debian unstable
cannot connect to servers using older TLS protocol versions.
Sylpheed gives this message when connecting to a server using TLSv1:
(sylpheed:20968): LibSylph-WARNING **: SSL_connect() failed with error 1, ret
= -1 (error:1417118C:SSL routines:tls_process_server_hello:version too low)
The OpenSSL error is:
SSL routines:tls_process_server_hello:version too low
I am attaching a patch to fix this behavior.
I am not sure if this change should be in the official package, let me
know what your opinion is on this matter.
Thanks,
Antonio
-- System Information:
Debian Release: buster/sid
APT prefers unstable
APT policy: (900, 'unstable'), (500, 'unstable-debug')
Architecture: amd64 (x86_64)
Kernel: Linux 4.13.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=it_IT.utf8, LC_CTYPE=it_IT.utf8 (charmap=UTF-8),
LANGUAGE=it_IT.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages sylpheed depends on:
ii libassuan0 2.4.3-3
ii libatk1.0-0 2.26.1-1
ii libc6 2.24-17
ii libcairo2 1.15.8-2
ii libcompfaceg1 1:1.5.2-5+b2
ii libdbus-1-3 1.12.0-1
ii libdbus-glib-1-2 0.108-2
ii libenchant1c2a 1.6.0-11.1
ii libfontconfig1 2.12.3-0.2
ii libfreetype6 2.8.1-0.1
ii libgdk-pixbuf2.0-0 2.36.11-1
ii libglib2.0-0 2.54.2-1
ii libgpg-error0 1.27-4
ii libgpgme11 1.9.0-6
ii libgtk2.0-0 2.24.31-2
ii libgtkspell0 2.0.16-1.1
ii libldap-2.4-2 2.4.45+dfsg-1
ii libpango-1.0-0 1.40.13-1
ii libpangocairo-1.0-0 1.40.13-1
ii libpangoft2-1.0-0 1.40.13-1
ii libssl1.1 1.1.0f-5
ii pinentry-gtk2 1.0.0-3
Versions of packages sylpheed recommends:
ii aspell-it [aspell-dictionary] 2.4-20070901-0-2.1
ii ca-certificates 20170717
ii sylpheed-i18n 3.6.0-1
ii xfonts-100dpi 1:1.0.4+nmu1
ii xfonts-75dpi 1:1.0.4+nmu1
Versions of packages sylpheed suggests:
ii bogofilter 1.2.4+dfsg1-10
pn bsfilter <none>
pn claws-mail-tools <none>
ii curl 7.56.1-1
pn jpilot <none>
pn sylpheed-doc <none>
-- no debconf information
--
Antonio Ospite
https://ao2.it
https://twitter.com/ao2it
A: Because it messes up the order in which people normally read text.
See http://en.wikipedia.org/wiki/Posting_style
Q: Why is top-posting such a bad thing?
>From 97235129beab0b3a23ec95db3e922321cdf43cf3 Mon Sep 17 00:00:00 2001
From: Antonio Ospite <[email protected]>
Date: Thu, 2 Nov 2017 13:37:53 +0100
Subject: [PATCH] libsylph/ssl.c: explicitly enable the supported protocol
versions
X-Face: z*RaLf`X<@C75u6Ig9}{oW$H;1_\2t5)({*|jhM<pyWR#k60!#=#>/Vb;]yA5<GWI5`6u&+
;6b'@y|8w"wB;4/e!7wYYrcqdJFY,~%Gk_4]cq$Ei/7<j&N3ah(m`ku?pX.&+~:_/wC~dwn^)MizBG
!pE^+iDQQ1yC6^,)YDKkxDd!T>\I~93>J<_`<4)A{':UrE
The Debian openssl package deprecated TLSv1 and TLSv1.1 in August 2017,
see:
https://lists.debian.org/debian-devel-announce/2017/08/msg00004.html
https://anonscm.debian.org/viewvc/pkg-openssl/openssl/branches/1.1.0/debian/patches/tls1_2_default.patch?revision=912&view=markup
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875423
It's not clear if this decision is final and will affect the next Debian
stable release, however in the meantime, sylpheed in Debian unstable
cannot connect to servers using older TLS protocol versions.
Work around that by explicitly setting the minimum protocol versions.
---
libsylph/ssl.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/libsylph/ssl.c b/libsylph/ssl.c
index 84139250..61e770f8 100644
--- a/libsylph/ssl.c
+++ b/libsylph/ssl.c
@@ -132,6 +132,8 @@ void ssl_init(void)
debug_print(_("SSLv23 not available\n"));
} else {
debug_print(_("SSLv23 available\n"));
+ /* XXX workaround for Debian systems, see Debian bug #875423 */
+ SSL_CTX_set_min_proto_version(ssl_ctx_SSLv23, SSL3_VERSION);
if ((certs_file || certs_dir) &&
!SSL_CTX_load_verify_locations(ssl_ctx_SSLv23, certs_file,
certs_dir))
@@ -144,6 +146,8 @@ void ssl_init(void)
debug_print(_("TLSv1 not available\n"));
} else {
debug_print(_("TLSv1 available\n"));
+ /* XXX workaround for Debian systems, see Debian bug #875423 */
+ SSL_CTX_set_min_proto_version(ssl_ctx_TLSv1, TLS1_VERSION);
/* disable SSLv2/SSLv3 */
SSL_CTX_set_options(ssl_ctx_TLSv1,
SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3);
--
2.15.0
--- End Message ---
--- Begin Message ---
Version: 3.8.0~beta1-3+rm
Dear submitter,
as the package sylpheed has just been removed from the Debian archive
unstable we hereby close the associated bug reports. We are sorry
that we couldn't deal with your issue properly.
For details on the removal, please see https://bugs.debian.org/1129594
The version of this package that was in Debian prior to this removal
can still be found using https://snapshot.debian.org/.
Please note that the changes have been done on the master archive and
will not propagate to any mirrors until the next dinstall run at the
earliest.
This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
[email protected].
Debian distribution maintenance software
pp.
Thorsten Alteholz (the ftpmaster behind the curtain)
--- End Message ---
