Package: tcl-tls Version: 1.5.0.dfsg-10build1 Severity: important Dear Maintainer,
I maintain Ubuntu 12.04 packages for Sguil (http://sguil.net), which is written in tcl/tk and uses tcl-tls. After installing the recent openssl updates, the Sguil client reports: Error: SSL channel "sock4": error: dh key too small This error message seems related to this: "As a security improvement, this update also modifies OpenSSL behaviour to reject DH key sizes below 768 bits, preventing a possible downgrade attack." http://www.ubuntu.com/usn/usn-2639-1/ Looks like tls.c is using DH512. Is this going to be updated to 768 or higher? Also see this upstream bug: http://sourceforge.net/p/tls/bugs/59/ Thanks! -- System Information: Debian Release: wheezy/sid APT prefers precise-updates APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 'precise'), (100, 'precise-backports') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-85-generic (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages tcl-tls depends on: ii libc6 2.15-0ubuntu10.12 ii libssl1.0.0 1.0.1-4ubuntu5.28 ii tcl8.4 [tclsh] 8.4.19-4ubuntu3 ii tcl8.5 [tclsh] 8.5.11-1ubuntu1securityonion1 tcl-tls recommends no packages. tcl-tls suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
