Package: release.debian.org Severity: normal Tags: stretch User: release.debian....@packages.debian.org Usertags: pu
Hello SRMs, Due to an error in the certbot 0.28.0-1~deb9u1 upload, users are having their systemd timers disabled and not correctly reactivated by the upload. After consulting with the pkg-systemd folx, we have come up with a solution for the problem, but it will require an upload. There's some amount of time-sensitivity here, as certbot certificates will automatically expire ninety days after they're issued, and if the systemd timer is not running, people's TLS certificates will expire. This could happen as soon as the package is installed depending on when the certificates were issued, but it will defintely happen for everyone using certbot if this update doesn't hit their machine by April. The update will be relatively trivial; dropping the compat level one notch is all that's needed. What are your thoughts about using the security upload process to fix this in a more aggressive timeline? Apologies for the trouble. :( Sincerely, -- Harlan Lieberman-Berg ~hlieberman