Your message dated Sat, 21 Mar 2026 15:56:17 +0100
with message-id <[email protected]>
and subject line Re: Bug#793565: libssl1.0.0: HMAC broken after upgrade to
1.0.2d-1
has caused the Debian Bug report #793565,
regarding libssl1.0.0: HMAC broken after upgrade to 1.0.2d-1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
793565: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793565
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libssl1.0.0
Version: 1.0.2d-1
Severity: normal
[This is a re-sent, as the debian mailserver accepted the original
reportbug mail, but it never showed up, so I assume it was lost. Apologies
if it turns out to be a duplicate].
Dear Maintainer,
upgrading libssl1.0.0 from 1.0.1k-3+deb8u1 to 1.0.2d-1 breaks HMAC
authentication in a gvpe compiled with 1.0.1k-3. This is probably related
to #788511, but the problem occurs with the supposedly fixed version.
Downgrading libssl to 1.0.1k-3+deb8u1 (and nothing else) makes connections
work again.
Since the ABI was apparently broken before (#788511), chances are high
that the fix in 1.0.2d-1 isn't effective and 1.0.2d-1 is still ABI
incompatible to the version in jessie.
-- System Information:
Debian Release: 8.1
APT prefers stable
APT policy: (990, 'stable'), (500, 'unstable'), (500, 'testing'), (1,
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.18.14-031814-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages libssl1.0.0 depends on:
ii debconf [debconf-2.0] 1.5.56
ii libc6 2.19-18
ii multiarch-support 2.19-18
libssl1.0.0 recommends no packages.
libssl1.0.0 suggests no packages.
-- debconf information excluded
--- End Message ---
--- Begin Message ---
On 2015-07-25 08:45:39 [+0200], Marc Lehmann wrote:
> Dear Maintainer,
>
> upgrading libssl1.0.0 from 1.0.1k-3+deb8u1 to 1.0.2d-1 breaks HMAC
> authentication in a gvpe compiled with 1.0.1k-3. This is probably related
> to #788511, but the problem occurs with the supposedly fixed version.
>
> Downgrading libssl to 1.0.1k-3+deb8u1 (and nothing else) makes connections
> work again.
>
> Since the ABI was apparently broken before (#788511), chances are high
> that the fix in 1.0.2d-1 isn't effective and 1.0.2d-1 is still ABI
> incompatible to the version in jessie.
I've been just reading the thread and I *think* this bug no longer
applies/ has been resovled. Please come back if this is not the case.
Sebastian
--- End Message ---
