Package: courier-ssl Version: 0.73.1-1.6 Severity: important Hi, after upgrading libnss3 on my sid box, sending out email using icedove with STARTTLS to courier-mta stopped working with the error:
courieresmtpd: STARTTLS failed: couriertls: accept: error:14094417:SSL routines:SSL3_READ_BYTES:sslv3 alert illegal parameter I found a relevant discussion on bug #787505, where it's mentioned that by design, libnss3 no longer accepts keys with <1024 bits. Turns out mkdhparams - which also runs on postinst - only creates 768 bit keys by default. Maybe it's time to change this. Regards, -- Mourad DC -- System Information: Debian Release: 8.0 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages courier-ssl depends on: ii courier-base 0.73.1-1.6 ii debconf [debconf-2.0] 1.5.56 ii libc6 2.19-18 ii libssl1.0.0 1.0.1k-3 ii openssl 1.0.1k-3 courier-ssl recommends no packages. courier-ssl suggests no packages. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
