Your message dated Wed, 05 Apr 2023 11:18:55 +0000
with message-id <[email protected]>
and subject line Bug#1029588: fixed in devscripts 2.23.4
has caused the Debian Bug report #1029588,
regarding bts: Changes in libio-socket-ssl-perl 2.078 make bts fail to send
mail to mail-server via SSL/TLS - hostname verification failed
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1029588: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029588
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: devscripts
Version: 2.22.2
Severity: important
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi,
I'm running a mail server. The server is using wildcard-certificates issued by
letsencrypt (but the same issue happens with a dedicated certificate). Since
the last update of libio-socket-ssl-perl, whenever I try to send mails via the
bts command, I receive the following error:
bts: failed to open SMTPS connection to smtps://mail.wgdd.de
(hostname verification failed)
Same happens if I use TLS. I checked the certificates and I cannot find any
issues. All other tools work well. If I downgrade libio-socket-ssl-perl to
version 2.077-1, everything works fine. The main change between versions 2.077
and 2.078 in libio-socket-ssl-perl is:
2.078 2022/12/11
- - revert decision from 2014 to not verify hostname by default if hostname is
IP address but no explicit verification scheme given
https://github.com/noxxi/p5-io-socket-ssl/issues/121
I found some hints, that Net::SMTPS, used by bts, does not support
SSL_verifycn_scheme smtp. But this is not my expertise. I'd just like to see
bts fixed and being able to send mail to a mailserver via SSL/TLS.
Issues with SSL support in bts have come up multiple times. I remember, that I
even had to patch some code myself in the past to make it work. There are even
now patches (e.g. #853991), which might improve the situation. But like this,
bts is unusable.
Regards, Daniel
- -- System Information:
Debian Release: bookworm/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500,
'stable-security'), (500, 'stable-debug'), (500, 'unstable'), (500, 'testing'),
(500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.0-1-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages libio-socket-ssl-perl depends on:
ii libnet-ssleay-perl 1.92-2+b1
ii netbase 6.4
ii perl 5.36.0-7
Versions of packages libio-socket-ssl-perl recommends:
pn libio-socket-ip-perl | libio-socket-inet6-perl <none>
ii libnet-idn-encode-perl 2.500-3+b1
ii libnet-libidn-perl 0.12.ds-4+b1
ii liburi-perl 5.17-1
ii perl-base [libsocket-perl] 5.36.0-7
Versions of packages libio-socket-ssl-perl suggests:
ii ca-certificates 20211016
- -- no debconf information
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEvu1N7VVEpMA+KD3HS80FZ8KW0F0FAmPQmXwACgkQS80FZ8KW
0F1P+hAA1KcFh8/lqTRkrrL85H0vGbr82KNFvNRLGwqOyzL9N4vLjfIedlt+hzbU
6/YzRznl5dCzTHCwju4BYyZfrpo6NPPtfLjjwPRtajwUnbw3Q9INGACTupkTtwoC
eKCFQM2dpGODERD1zjPN16iBfoGc97pWzE3nCZpxUFZxhKTKw78tpmbr7LMnHx2j
DKXAJgejlmhtYxVLk9YKynLR0x8MoSNlYRB1T7hdoQt0lo5KnbQbEsZjlXSg9AFb
8I/T29YO9n2dA2litq4RMVONtDN9p1YyCsY+fBO8RUnLS6v+Wy+vCEhwBYPm/dQp
DajXqxmWwU94oMF3UT8NuvgGW2OCWOhbrpFaSRRnGctXoTHTzJ/D7qMza5Qakdxh
SdORO9d5LRAwFDti54zx9c62Z42wUn2P7tIIhYJpI/VcqMeVIlPw9lOzb/Xkur2e
lX2ARUbFxFuyP87pn90LNv+GIsNe6lrXfY9GXQ080RZ9lozui1YKk9bGVvLHYOVR
XGEIPSBX9FqosBA8ZQ6FrJiUZ7yC+1Cz0dToHMiGNaDSlS/naxadQCSp3ZHuHl0g
Esxq7MnnKIgzjqLx7PSgGzDNan5mnS+k0c5T6uC+6jL9z2m5czPqGLUVaAFYjwd3
X3+dsBZY34R1qZ1qzzqJutp0nZXO4NiIwSINbXVO8dcdsjTACoE=
=+f0s
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
Source: devscripts
Source-Version: 2.23.4
Done: Benjamin Drung <[email protected]>
We believe that the bug you reported is fixed in the latest version of
devscripts, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Benjamin Drung <[email protected]> (supplier of updated devscripts package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 05 Apr 2023 12:40:28 +0200
Source: devscripts
Built-For-Profiles: noudeb
Architecture: source
Version: 2.23.4
Distribution: unstable
Urgency: medium
Maintainer: Devscripts Maintainers <[email protected]>
Changed-By: Benjamin Drung <[email protected]>
Closes: 597988 989696 1004213 1029588 1033973
Changes:
devscripts (2.23.4) unstable; urgency=medium
.
[ Johannes Schauer Marin Rodrigues ]
* uscan: s/+dfsg1/+dfsg/ repack suffix to avoid lintian
anticipated-repack-count. MR: !340
.
[ Arnaud Rebillout ]
* Salsa/Hooks: fix _check_config for boolean. MR: !339
.
[ Jakub Kuczys ]
* deb-reversion:
+ Fix issues with paths that have spaces in them. MR: !341
+ Allow reversioning of debs without changelog. MR: !342
+ Make deb-reversion not dependent on system locale
.
[ Dominique Dumont ]
* bts:
+ drop obsolete Net::SMTPS (Closes: 1029588) MR: !343
+ clean up usage of obsolete Net::SMTPS
.
[ Roland Mas ]
* uscan: Fix uscan for multiple mode=git sources, thanks to Jonas Smedegaard
for the patch. Closes: #1004213. MR: !300
.
[ Tobias Frost ]
* mk-build-deps: remove buildinfo and changes file (Closes: #989696)
.
[ Nelson A. de Oliveira ]
* dget: Make dget understand -k option (Closes: #597988)
.
[ Benjamin Drung ]
* Fix or drop several wrong fuzzy German and Portuguese translations
.
[ Jakub Wilk ]
* Fix syntax error in salsa bash completion (Closes: #1033973)
Checksums-Sha1:
477307dd1d98bc71e2852a725c37396dd91b7f1a 3345 devscripts_2.23.4.dsc
e2d8cc1d044c59b57bab2c812f98b207c70d9aeb 994388 devscripts_2.23.4.tar.xz
3d67d8830dc24962ac35c928825ae6de3c116a3b 17551
devscripts_2.23.4_source.buildinfo
Checksums-Sha256:
dff08ed9311516b7652f8fc8d435ee32c65f5f88c5c0cacdcb051e71d4a7e57d 3345
devscripts_2.23.4.dsc
3dc68972734c0aeb310beb35d01b83d85e445270acefd8caeda6a6fef6f6f4f3 994388
devscripts_2.23.4.tar.xz
1c86ab492663e9150635b1930075fa8ed8f699136953fd0b14ef1e8cfbf14d53 17551
devscripts_2.23.4_source.buildinfo
Files:
1032a3bb6ef75438816f784f9c2c6c82 3345 devel optional devscripts_2.23.4.dsc
aa333fb875a84cb4e360688536fc59c9 994388 devel optional devscripts_2.23.4.tar.xz
b16a379cc842b68841a602711d30e9ef 17551 devel optional
devscripts_2.23.4_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEpi0s+9ULm1vzYNVLFZ61xO/Id0wFAmQtVYwACgkQFZ61xO/I
d0xvrhAAoQujtZ6cN09lef0I//OIiKMaeOdDuwPlTS4U5f8gWiDXl5/yV17t9Dhk
+4aBNTDLSJpPJTp59lg9ZlYcyNCVYt2JawTGOrbUCYgBrkcB7aq7Nn+AQQ4oemiJ
S5dFfzoLwrM/CnkfHnulR491v6T9InBIAVf/yRylgbRp2nDtWEVPnak+VxKgCR/w
oWqiGgF/16C6x+NiTCd3pFHBTugcy2iMgHNLFHSal1acZpeE+uX7CkPbDBpqGtF7
7J+4f3yJIB036LoHwnKoU1YIunpScp50wJlUivOutr8XAiamaPQnBsy4scqqF45O
RiD9k4bFcWBirpo0hlUL6KAvfVxtNEoPrWl/dbu06H03OhPcWwk9GiA/ICB2DNiM
brzZ579Dk7cpLeA858dZyGuvzXBRAGDaI8dnddxi+A55mJ8Zdv0zDAKQIoUTlifi
8L4Cd6hh1nkgTSoemQebCYJ13NBRQp6BFQxB44ECkBWRYs8n93EhxYtRcbh5KjIW
5cGv2rQvSoJ5j3BCXCFHaiASBlp8jst4HE3a4liumw9W0I3NLEnWYNix4oL7zr9n
rTn1tMgpqFLCDo82Du6Kd/WRsUbdSKbwC0YJSUry+ETmr4uIzqscU6dl/9f48d/W
s+F7hHDpd/bw8sWkFhNk+7nraGe3CGSOjVV3KzEHMExx5KeDlAs=
=GPE2
-----END PGP SIGNATURE-----
--- End Message ---
