Your message dated Sun, 16 Nov 2014 21:21:12 +0000
with message-id <[email protected]>
and subject line Re: Bug#769829: unblock: haskell-tls/1.2.9-2
has caused the Debian Bug report #769829,
regarding unblock: haskell-tls/1.2.9-2
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
769829: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769829
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Please unblock package haskell-tls
Thijs Kinkhorst suggested to remove SSL3 support from haskell-tls due to
the POODLE attack. This patch follows that recommendating, taking
upstream’s trivial change to disable SSL3 by default.
See http://bugs.debian.org/768164
unblock haskell-tls/1.2.9-2
- -- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (101, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
armhf
Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlRpFAgACgkQ9ijrk0dDIGyPjgCfcz7/6ki8vVlccE3aw+PBzbJ3
YdcAn0r90WOQpw0STAbfvgB3QHJjo35h
=WlbC
-----END PGP SIGNATURE-----
diff -Nru haskell-tls-1.2.9/debian/changelog haskell-tls-1.2.9/debian/changelog
--- haskell-tls-1.2.9/debian/changelog 2014-09-16 20:43:09.000000000 +0200
+++ haskell-tls-1.2.9/debian/changelog 2014-11-16 21:47:16.000000000 +0100
@@ -1,3 +1,9 @@
+haskell-tls (1.2.9-2) unstable; urgency=medium
+
+ * Disable SSL3 by default (Closes: #768164)
+
+ -- Joachim Breitner <[email protected]> Sun, 16 Nov 2014 21:47:16 +0100
+
haskell-tls (1.2.9-1) unstable; urgency=medium
* New upstream version.
diff -Nru haskell-tls-1.2.9/debian/patches/no-ssl3 haskell-tls-1.2.9/debian/patches/no-ssl3
--- haskell-tls-1.2.9/debian/patches/no-ssl3 1970-01-01 01:00:00.000000000 +0100
+++ haskell-tls-1.2.9/debian/patches/no-ssl3 2014-11-16 21:43:56.000000000 +0100
@@ -0,0 +1,16 @@
+Debian-Bug: http://bugs.debian.org/768164
+Upstream-Patch: https://github.com/vincenthz/hs-tls/commit/5353bd2f717a31fd63c2a5d67112d8d8279bd1e6
+
+Index: haskell-tls-1.2.9/Network/TLS/Parameters.hs
+===================================================================
+--- haskell-tls-1.2.9.orig/Network/TLS/Parameters.hs 2014-11-16 21:42:36.875208330 +0100
++++ haskell-tls-1.2.9/Network/TLS/Parameters.hs 2014-11-16 21:42:47.111406646 +0100
+@@ -126,7 +126,7 @@
+
+ defaultSupported :: Supported
+ defaultSupported = Supported
+- { supportedVersions = [TLS12,TLS11,TLS10,SSL3]
++ { supportedVersions = [TLS12,TLS11,TLS10]
+ , supportedCiphers = []
+ , supportedCompressions = [nullCompression]
+ , supportedHashSignatures = [ (Struct.HashSHA512, SignatureRSA)
diff -Nru haskell-tls-1.2.9/debian/patches/series haskell-tls-1.2.9/debian/patches/series
--- haskell-tls-1.2.9/debian/patches/series 1970-01-01 01:00:00.000000000 +0100
+++ haskell-tls-1.2.9/debian/patches/series 2014-11-16 21:41:55.000000000 +0100
@@ -0,0 +1 @@
+no-ssl3
--- End Message ---
--- Begin Message ---
On Sun, Nov 16, 2014 at 10:15:58PM +0100, Joachim Breitner wrote:
> Please unblock package haskell-tls
>
> Thijs Kinkhorst suggested to remove SSL3 support from haskell-tls due to
> the POODLE attack. This patch follows that recommendating, taking
> upstream’s trivial change to disable SSL3 by default.
Unblocked.
--
Jonathan Wiltshire [email protected]
Debian Developer http://people.debian.org/~jmw
4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
signature.asc
Description: Digital signature
--- End Message ---
