Hi Laszlo,
Thanks for your answer!
Would it be possible for subversion to nevertheless allow me to continue
with this operations? Or is that strictly forbidden by libneon?
Simon
Debian Bug Tracking System wrote:
This is an automatic notification regarding your Bug report
which was filed against the libneon27-gnutls package:
#548773: [libneon27-gnutls] authentication to subversion via https fails with
"Insecure Algorithm" error
It has been closed by Laszlo Boszormenyi <g...@debian.hu>.
Their explanation is attached below along with your original report.
If this explanation is unsatisfactory and you have not received a
better one in a separate message then please contact Laszlo Boszormenyi
<g...@debian.hu> by
replying to this email.
------------------------------------------------------------------------
Subject:
neon27 v0.29.0 insecure algorithm error
From:
Laszlo Boszormenyi <g...@debian.hu>
Date:
Mon, 05 Oct 2009 00:46:16 +0200
To:
548773-d...@bugs.debian.org
To:
548773-d...@bugs.debian.org
Hi Simon,
It's an user error. Please read the details of this error message[1]. It
comes from GNU TLS, quoting the description:
"GNUTLS_CERT_INSECURE_ALGORITHM:
The certificate was signed using an insecure algorithm such as
MD2 or MD5. These algorithms have been broken and should not be
trusted."
Please recreate your certificate with a trusted algorithm and it will be
fine with neon.
Regards,
Laszlo/GCS
[1]
http://www.gnu.org/software/gnutls/manual/html_node/Verifying-X_002e509-certificate-paths.html
------------------------------------------------------------------------
Subject:
[libneon27-gnutls] authentication to subversion via https fails with
"Insecure Algorithm" error
From:
Simon Eugster <simon...@gmail.com>
Date:
Mon, 28 Sep 2009 19:29:36 +0200
To:
sub...@bugs.debian.org
To:
sub...@bugs.debian.org
Package: libneon27-gnutls
Version: 0.29.0-1
Severity: serious
--- Please enter the report below this line. ---
Since 0.29.0-1 I've got the following problem when trying to do anything
with svn (update, commit, checkout, whatever):
$ svn up
svn: OPTIONS von »https://myuri/...«: Certificate verification error:
signed using insecure algorithm (https://myuri)
Downgraded libneon27 and libneon27-gnutls to 0.28.6-1 solved the problem.
I tagged this as serious because users depending on svn and not knowing
the origin of this problem may really have a problem.
--- System information. ---
Architecture: i386
Kernel: Linux 2.6.31-1.slh.1-sidux-686
Debian Release: squeeze/sid
500 unstable www.debian-multimedia.org
500 unstable ftp.spline.de
500 unstable ftp.ch.debian.org
--- Package information. ---
Depends (Version) | Installed
=======================================-+-===================
libc6 (>= 2.3) | 2.9-26
libcomerr2 (>= 1.01) | 1.41.9-1
libgcrypt11 (>= 1.4.2) | 1.4.4-4
libgnutls26 (>= 2.7.14-0) | 2.8.4-1
libgpg-error0 (>= 1.6-1) | 1.6-1
libgssapi-krb5-2 (>= 1.7dfsg~beta1) | 1.7dfsg~beta3-1
libk5crypto3 (>= 1.6.dfsg.2) | 1.7dfsg~beta3-1
libkrb5-3 (>= 1.6.dfsg.2) | 1.7dfsg~beta3-1
libtasn1-3 (>= 1.6-0) | 2.3-1
libxml2 (>= 2.6.27) | 2.7.5.dfsg-1
zlib1g (>= 1:1.1.4) | 1:1.2.3.3.dfsg-15
Recommends (Version) | Installed
==============================-+-===========
ca-certificates | 20090814
Package's Suggests field is empty.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
