Control: severity -1 serious On 2019-06-03 Dominik George <dominik.geo...@teckids.org> wrote: > Package: libgnutls30 > Version: 3.6.7-3 > Severity: grave > Justification: renders package unusable
> The update to 3.6.7-3 reproducibly breaks ldap-utils (or, maybe,the ldap > client library) when connecting to a server with the previous 3.6.6-2 > version. I am afraid it breaks more than that. GnuTLS-secured connections > are just closed with no visible reason. > Seen on more than 12 systems, then went to a system that had not got the > update yet. An ldapsearch works with 3.6.6-2, and fails after updating to > 3.6.7-3 with the connection just being closed after reading some data from > the LDAP server setill on 3.6.6-2. Upgrading GnuTLS to 3.6.7-3 on the > server made the problem go away. Hello, Is this reproducile with gnutls-cli or is the respective server publically accessible? > I am setting this critical as I cannot imagine it is expected that GnuTLS > clients require the server to be the exact same version. Downgrading to serious for the time being, critical means something different. [1] cu Andreas [1] https://www.debian.org/Bugs/Developer.en.html#severities -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure'