Bug#828550: socat: FTBFS with openssl 1.1.0

6657f5fcaffa9987 Mon Sep 17 00:00:00 2001 From: Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Date: Mon, 29 Aug 2016 19:25:15 + Subject: [PATCH] socat-2: port to openssl 1.1.0 TLSv1_server_method() and frieds are deprecated and could be removed in a future release. It is reommend

Bug#828584: unbound: FTBFS with openssl 1.1.0

On 2016-08-28 22:42:39 [+0200], Kurt Roeckx wrote: > Maybe you should just call OPENSSL_free() instead of > CRYPTO_free()? done. > Kurt Sebastian >From d3a1b1ff8bad701944aec8edc13ef0421da81fa0 Mon Sep 17 00:00:00 2001 From: Sebastian Andrzej Siewior <sebast...@breakpoint.cc>

Bug#828584: unbound: FTBFS with openssl 1.1.0

gainst that to see if everything works. compiles. > Kurt Sebastian >From 2477206520dc5228a15bdd8eb47dbf44adb37223 Mon Sep 17 00:00:00 2001 From: Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Date: Sun, 28 Aug 2016 21:49:41 +0200 Subject: [PATCH] get it compiled againt openssl 1.1.0 As

Bug#835811: libica: FTBFS with openssl 1.1.0

Source: libica Version: 2.6.1-3 Severity: important Control: block 827061 by -1 OpenSSL 1.1.0 is about to released. During a rebuild of all packages using OpenSSL this package fail to build. A log of that build can be found at:

Bug#835806: freebsd-utils: looks like FTBFS

Source: freebsd-utils Version: 10.3~svn296373-2 Severity: important I was looking on falla.d.o if this package builds against openssl 1.1.0 which sits currently in experimental. This package failed to build with the same error as in clean sid environment. The build log is located at

Bug#835794: python3.5: FTBFS with openssl 1.1.2

Source: python3.5 Version: 3.5.2-3 Severity: important Control: block 827061 by -1 Control: forwarded -1 https://bugs.python.org/issue26470 OpenSSL 1.1.0 has been released. During a rebuild of all packages using OpenSSL this package succeeded to build but it should have failed. That is why this

Bug#835793: python2.7: FTBFS with openssl 1.1.2

Source: python2.7 Version: 2.7.12-2 Severity: important Control: block 827061 by -1 Control: forwarded -1 https://bugs.python.org/issue26470 OpenSSL 1.1.0 has been released. During a rebuild of all packages using OpenSSL this package succeeded to build but it should have failed. That is why this

Bug#648114: openssl: speed can't decide what RC4 options are in use

On 2011-11-09 02:19:39 [+], brian m. carlson wrote: > It seems that openssl can't decide which options it is to use for rc4: > 8x int, 8x char, or 1x char. Whatever options it is using, it should > pick one using some deterministic method and not change its mind > constantly. I get here

Bug#835293: [Pkg-clamav-devel] Bug#835293: Clamav: Log file shows: ERROR: Can't save PID in file /var/run/clamd.pid

On 2016-08-24 11:26:35 [+0100], Gavin Donald wrote: > I installed /clamav-daemon/ without problems but when trying to get it to > connect to /TCP:3310/ by adding the following lines: I am not familiar with this / … / syntax. Is it just to highligt things? > TCPSocket 3310 > TCPAddr

Bug#827028: openssl: Consider adding Multi-Arch: foreign

tags -1 pending On 2016-06-12 21:07:34 [+0100], Ben Hutchings wrote: > > Could you consider setting it to Multi-Arch: foreign?  It's > > This is also needed to cross-build the linux source package. Just for reference: You asked for this [0]. And the only reason is to install openssl:i386 on a

Bug#835260: recommends non existing package

Package: rhash Version: 1.3.3-1 Severity: important rhash (and librhash0) recommends libssl1.0.0. It has a list of libcrypto.so.XX names and tries to load a few crypto algos from libcrypto at runtime via dlopen() if it can fine the library. With libssl1.0.0 gone this does not work anymore. The

Bug#835258: recommends non-existing package

Package: libhttrack-dev Version: 3.48.23-1 Severity: normal libhttrack-dev recommends libssl1.0.0 which is no longer in unstable. Why ist that? libhttrack2 depends on libssl1.0.2 so I doubt there is any need for this recommends. Sebastian

Bug#731634: xz-utils: new upstream version 5.2.1

On 2016-01-31 21:30:17 [+0100], Sebastian Andrzej Siewior wrote: > On 2016-01-19 10:44:06 [-0800], Jonathan Nieder wrote: > > Hi Sebastian, Hi Jonathan, > > > I package new upstream at > > >git://git.breakpoint.cc/bigeasy/xz-utils-debian.git > > > &g

Bug#817067: [Pkg-clamav-devel] Bug#817067: Bug#817067: clamscan large archive DOS protection could be used to hide virus

On 2016-03-07 21:32:22 [+0100], Sebastian Andrzej Siewior wrote: > Sounds reasonable. I forwarded your report upstream. proxy mode on. |Kevin Lin 2016-03-10 21:24:37 CET |Engine limitations, as well as certain non-fatal internal errors, are |suppressed within the engine. This is done to simpl

Bug#835090: [Pkg-openssl-devel] Bug#835090: libssl1.0.0: broken dependencies in backports

On 2016-08-22 13:15:19 [+0200], Bernd Zeimetz wrote: > Hi, Hi, > if a package from backports depends on the libssl version from backports, > the openssl package won't be upgraded, resulting in > > /usr/bin/openssl: /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0: version > `OPENSSL_1.0.1s' not

Bug#827909: [Pkg-clamav-devel] Bug#827909: clamav-freshclam and clamav-daemon not starting after install

On 2016-06-22 14:39:50 [+0200], Christian Ehrhardt wrote: > ## The case ## > 1. "sudo apt-get install clamav-daemon clamav-freshclam" > 2. ClamAV doesn't start even though it should. > > $ systemctl status clamav-daemon > ● clamav-daemon.service - Clam AntiVirus userspace daemon >Loaded:

Bug#824817: [Pkg-clamav-devel] Bug#824817: Bug#824817: Please include bytecode.cvd in one .deb

On 2016-05-22 12:14:29 [+0200], Sebastian Andrzej Siewior wrote: > Ah. You scan for the eicar sample. Okay. So you try to do something like > we do in [0] ? Because that shouldn't work: > |$ sigtool -lbytecode.cvd > |BC.Win32.Patched.User32 > |BC.PDF.{JS.HighEntropy} > |B

Bug#825055: [Pkg-clamav-devel] Bug#825055: clamav: Mostly easy-to-fix lintian errors

On 2016-05-23 08:59:54 [+0200], Peter Gervai wrote: > Hello, Hi Peter, > This is mainly cosmetics, as most of the lintian errors are spelling errors > or minor fixups: > > https://lintian.debian.org/maintainer/pkg-clamav-de...@lists.alioth.debian.org.html#clamav > > Still you might want to fix

Bug#833156: [Pkg-openssl-devel] Bug#833156: Bug#833156: openssl: Please enable s390x asm optimisations

On 2016-08-01 21:38:07 [+0200], Kurt Roeckx wrote: > I'm just wondering if we should do this for: > - Stable (Does 1.0.1 also have the assembler?) yes, commited > - Backports commited. > Kurt Sebastian

Bug#833328: openssl does not start on x86_64: version `OPENSSL_1.0.1s' not found

control: tags -1 pending On 2016-08-06 15:19:16 [+0200], Kurt Roeckx wrote: > Right, now we do. We didn't at that time. okay. commited, built: | openssl version | OpenSSL 1.0.1t 3 May 2016 (Library: OpenSSL 1.0.2h 3 May 2016) so it seems to work. > Kurt Sebastian

Bug#833698: icedove: SIGSEGV, Segmentation fault in js::jit::HandleExceptionIon

On 2016-08-08 17:50:38 [+0200], Carsten Schoenert wrote: > Hello Andrzej, Hi Carsten, > we will try, I was already thinking of that. > The problem at the end is this all is only a workaround in my eyes. The > source is lacking some fixups for getting compiled with gcc-6 without > regressions. I

Bug#833698: icedove: SIGSEGV, Segmentation fault in js::jit::HandleExceptionIon

On 2016-08-08 12:06:24 [+1200], jfp wrote: > Thread 1 "icedove" received signal SIGSEGV, Segmentation fault. > 0x73e007a1 in js::jit::SnapshotIterator::numAllocations > (this=0x7ffeb560) at ./mozilla/js/src/jit/JitFrames.cpp:2159 > 2159 ./mozilla/js/src/jit/JitFrames.cpp: No such

Bug#833328: openssl does not start on x86_64: version `OPENSSL_1.0.1s' not found

On 2016-08-04 00:21:18 [+0200], Kurt Roeckx wrote: > The problem is that both 1.0.1s and 1.0.2g introduced those symbol > in a security update, and I didn't know what to do with it. > > For things in unstable that want to use the symbols, you really > want to have at least 1.0.2g. > > I still

Bug#833328: [Pkg-openssl-devel] Bug#833328: Bug#833328: openssl does not start on x86_64: version `OPENSSL_1.0.1s' not found

On 2016-08-03 17:06:22 [+0200], Kurt Roeckx wrote: > You're using openssl from stable but libssl1.0.0 from backports. > > It's rather annoying, but I wasn't sure how to deal with it. I > guess I should add a Breaks in the backports version. I think the linker version script is wrong. In stable

Bug#833328: [Pkg-openssl-devel] Bug#833328: Please close or delete this issue.

On 2016-08-03 11:00:18 [+0300], Mihail Artamonov wrote: > Hello, this problem was solved. Thank you! What changed in the last 9 minutes that solved the problem? Sebastian

Bug#778747: openssl: RFC 7465 says RC4 is broken, never to be used

On 2015-02-22 11:44:37 [+0100], Kurt Roeckx wrote: > Even with RC4 enabled on both sides, it does provide something > secure that doesn't use RC4 as long as you don't don't touch the > defaults. And I've seen many applications that screw up the > defaults. As of openssl in experimental we don't

Bug#833156: [Pkg-openssl-devel] Bug#833156: Bug#833156: openssl: Please enable s390x asm optimisations

On 2016-08-01 21:38:07 [+0200], Kurt Roeckx wrote: > I'm just wondering if we should do this for: > - Stable (Does 1.0.1 also have the assembler?) From the jessie_stable branch: |./Configure:my $s390x_asm="s390xcap.o s390xcpuid.o:bn-s390x.o s390x-mont.o s390x-gf2m.o::aes-s390x.o aes-ctr.o

Bug#833156: [Pkg-openssl-devel] Bug#833156: openssl: Please enable s390x asm optimisations

control: fixed -1 1.1.0~pre5-5 control: found -1 1.0.2h-1 control: notfound -1 1.0.2g-1ubuntu4.1 On 2016-08-01 15:32:18 [+0100], Dimitri John Ledkov wrote: > Version: 1.0.2g-1ubuntu4.1 since when do file bugs under an ubuntu version? > openssl as built in unstable does not have s390x asm

Bug#176058: [openssl.org #447] [Fwd: Bug#176058: openssl: Should ask password only after basic input validation]

Version: 1.1.0~pre5-5 On 2003-01-13 18:47:28 [+0100], Florian Weimer wrote: > "Richard Levitte via RT" writes: > > "openssl ca" is one of them, and probably the most cumbersome. > "openssl req -new -out $FILE" does not verify that $FILE is a writable > file. since exp: |$

Bug#829108: [Pkg-openssl-devel] Bug#829108: libssl-dev: HMAC_Init_ex incompatible change (possibly doc bug)

control: tags -1 fixed-upstream pending On 2016-07-02 13:19:39 [+0200], Kurt Roeckx wrote: > Forwarded upstream. fixed upstream in master via commit bd19d1aa04d ("Clarify digest change in HMAC_Init_ex()") which is only a doc update. Should be part of next exp upload :) > Kurt Sebastian

Bug#671672: openssl s_client -starttls xmpp burn cpu with broken server

On 2015-11-04 21:23:03 [+0100], Paul Muster wrote: > any news on this? > > Shouldn't be a big thing since patch is available and confirmed... could someone please verify if this problem still exists in current stable and if so if it exists in current experimental version of openssl. Upstream

Bug#790854: closed by Michael Lustfield <mich...@lustfield.net> ()

On 2016-07-17 01:18:04 [+], Debian Bug Tracking System wrote: > Date: Sat, 16 Jul 2016 18:14:05 -0700 > From: Michael Lustfield > To: 790854-cl...@bugs.debian.org > > I'm marking this as closed because the fix has made it's way into Debian. not in stable. Please leave

Bug#824196: [Pkg-clamav-devel] Bug#824196: Bug#824196: clamav-daemon: clamd crashes daily

On 2016-07-12 00:07:34 [+0200], Sebastian Andrzej Siewior wrote: > I took 2015.NHMU_.AccessionForm_distributed-2.pdf and the > local-js-sigs.ndb from the archive and could reproduce the bug on 0.99.2 > without any further changes. I applied the patch from upstream's > bugzilla #11549

Bug#824196: [Pkg-clamav-devel] Bug#824196: clamav-daemon: clamd crashes daily

control: tags -1 + patch fixed-upstream upstream control: forwarded -1 https://bugzilla.clamav.net/show_bug.cgi?id=11549 On 2016-07-08 10:57:02 [-0600], Will Aoki wrote: > Posted at > ftp://ftp.umnh.utah.edu/general-temporary/clamav/var_lib_clamav.tar.bz2 thanks. > After additional testing, I

Bug#829270: [Pkg-clamav-devel] Bug#829270: tomsfastmath: please make the build reproducible

control: tags -1 + pending fixed-upstream On 2016-07-01 22:49:49 [+0200], Reiner Herrmann wrote: > Hi! Hi, > While working on the "reproducible builds" effort [1], we have noticed > that tomsfastmath could not be built reproducibly. > A list of object files is unsorted, which causes a

Bug#829597: [Pkg-clamav-devel] Bug#829597: clamav-daemon: LocalSocket not created.

On 2016-07-04 10:37:01 [-0400], Gordon Dickens wrote: > Dear Maintainer, Hi Gordon, > I just upgraded three Debian exim mail servers from clamav 0.99 to clamav > 0.99.2 and now all three mail servers are broken. That is, I have LocalSocket > defined in /etc/clamav/clamd.conf as follows: and

Bug#826607: jessie-pu: package clamav/0.99.2+dfsg-0+deb8u2

On 2016-06-28 11:56:47 [+0200], Julien Cristau wrote: > Please go ahead. thanks, done. > Cheers, > Julien Sebastian

Bug#828083: [Pkg-clamav-devel] Bug#828083: bind9: clamav with openssl 1.1: Doesn't find openssl

2001 From: Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Date: Sat, 2 Jul 2016 00:12:01 +0200 Subject: [PATCH] make it compile against openssl 1.1.0 - SSL_library_init() is no longer a function but a define invoking another function with parameters. Thus a link check against this fun

Bug#825863: percona-xtradb-cluster-galera-2.x: should it be removed from Debian?

retitle 825863 RM: percona-xtradb-cluster-galera-2.x -- RoQA; NPOASR; FTBFS; RC-buggy; unmaintained; low popcon severity 825863 normal reassign 825863 ftp.debian.org thanks Dear FTP-Master, please remove percona-xtradb-cluster-galera-2.x from unstable. It is RC-buggy and FTBFS (not to mention

Bug#826607: jessie-pu: package clamav/0.99.2+dfsg-0+deb8u2

406). + + -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Mon, 06 Jun 2016 22:06:52 +0200 + clamav (0.99.2+dfsg-0+deb8u1) stable; urgency=medium * Import new Upstream. diff --git a/debian/patches/ingore-AllowSupplementaryGroups-option.patch b/debian/patches/ingore-AllowSupplement

Bug#826406: [Pkg-clamav-devel] Bug#826406: Too abrupt removal of AllowSupplementaryGroups option in stable

On 2016-06-05 13:27:08 [+0200], Hans van Kranenburg wrote: > Hi Maintainer, Hi, > The version in the main Debian Stable archive (so not in the additional > jessie-updates) has the option AllowSupplementaryGroups removed (see > #822444), which prevents the program from starting when this option is

Bug#533365: openssl: cannot remove short password from key

Version: 1.1.0~pre5-1 This is fixed in experimental. The 1.0.2 branch which contains the fixed has not yet been released. Sebastian

Bug#804619: tlsdate: FTBFS: undefined reference to `SSLv3_client_method'

On 2016-05-30 21:40:17 [+], Mattia Rizzolo wrote: > Hello everybody! Hi, > Is anybody working on this? > We would like to proceed with the complete RM of the old libssl1.0.0 > library, and this package is one of the very few left. A side note: if we apply the patch then it builds against

Bug#471958: openssl: Generated private keys world-readable by default

On 2008-04-06 15:04:58 [+0200], Lionel Elie Mamane wrote: > OK, fair enough. If only Debian patches it, people using Debian will > write scripts using genrsa that are dangerous on other OSes. I've > emailed upstream with the suggestion, we'll see what they think of > it. Upstream suggested to use

Bug#778308: [Pkg-openssl-devel] Bug#778308: libssl1.0.0: Certificate Signature verify failed

On 2015-02-13 19:23:03 [+0100], Kurt Roeckx wrote: > On Fri, Feb 13, 2015 at 01:30:06PM +0100, Marco Nietz wrote: > > root@neo:~# openssl verify -CAfile myCa.cer myClient.pem > > myClient.pem: CN = My Client, emailAddress = someone@somewhere.local > > error 7 at 0 depth lookup:certificate

Bug#689490: openssl: using openssl from maintainer scripts creates /root/.rnd

On 2016-05-26 23:11:13 [+0200], Kurt Roeckx wrote: > > So do we feel like changing something or sitting that one out until post new > > RNG code? I *guess* a patch to allow using /dev/urandom instead of .rnd will > > be deferred until the new RNG is there. > > I guess I didn't look close enough

Bug#689490: openssl: using openssl from maintainer scripts creates /root/.rnd

On 2016-05-26 00:28:05 [+0200], Kurt Roeckx wrote: > > Kurt, what about dropping that .rnd thingy and going straight for > > /dev/urandom as default? > > If I read it right, it is just the internal seed. We would use instead > > always what the 2KiB the OS gives us and never write it back. The

Bug#689490: openssl: using openssl from maintainer scripts creates /root/.rnd

On 2012-10-03 18:05:21 [+0200], Kurt Roeckx wrote: > > while doing piuparts tests I noticed several packages leaving around a > > /root/.rnd file. The thing all these have in common is a (indirect) > Oh, you want random users to write to root's .rnd file? That sounds > like a good idea. Kurt,

Bug#770123: openssl: c_rehash ignores crt-files with non-unix line endings

On 2014-11-19 01:08:53 [+0100], Robert Scheer wrote: > c_rehash in "wheezy" does not create hash symlinks anymore for certificate > files with non-unix line endings. This seems to be a side effect of the > change in r509, which patched c_rehash to solve #628780. Is this still required as of the

Bug#766214: c_rehash - stable hash symlink output needed

On 2014-10-21 17:03:30 [+0200], Vaclav Ovsik wrote: > an output of the utility c_rehash depends on the order the readdir > function returns filenames. The order can vary depending on dir-entry > order in the file-system. The different order can be annoying in the case of > version control of CA

Bug#824196: [Pkg-clamav-devel] Bug#824196: clamav-daemon: clamd crashes daily

On 2016-05-23 16:26:51 [-0600], Will Aoki wrote: > After a fresh start, it's steady at 9 until I scan the file at > , > after which it increases. Scanning other PDFs from >

Bug#820241: jessie-pu: package clamav/0.99.1+dfsg-0+deb8u1

On 2016-05-23 19:38:27 [+0100], Adam D. Barratt wrote: > Please go ahead. Thanks, done. > Regards, > > Adam Sebastian

Bug#824196: [Pkg-clamav-devel] Bug#824196: clamav-daemon: clamd crashes daily

On 2016-05-23 09:02:34 [-0600], Will Aoki wrote: > ERROR: accept() failed: > LibClamAV Error: cli_tgzload: Can't duplicate descriptor 468 > LibClamAV Error: Can't load /var/lib/clamav/bytecode.cld: Can't duplicate > file descriptor > LibClamAV Error: cli_loaddbdir(): error loading database >

Bug#799606: [Pkg-openssl-devel] Bug#799606: Cannot compile OpenSSL 1.0.2d under X32 (fatal error: sys/cdefs.h: No such file or directory)

On 2016-05-22 23:20:33 [+0200], Kurt Roeckx wrote: > On Sun, May 22, 2016 at 11:13:50PM +0200, Sebastian Andrzej Siewior wrote: > > On 2015-09-20 15:52:34 [-0400], Jeffrey Walton wrote: > > > This could be a problem with the include paths for the standard > > > li

Bug#799606: Cannot compile OpenSSL 1.0.2d under X32 (fatal error: sys/cdefs.h: No such file or directory)

On 2015-09-20 15:52:34 [-0400], Jeffrey Walton wrote: > This could be a problem with the include paths for the standard > library. Examining features.h and what's going on around the cdefs.h > include: Jeffrey, can this be closed? The overview page for x32 shows 1.0.2h-1 as `Installed' but if I

Bug#824817: [Pkg-clamav-devel] Bug#824817: Please include bytecode.cvd in one .deb

On 2016-05-21 03:26:54 [+0200], Mathieu Parent (Debian) wrote: > I need this for clamd. I currently do: > http://anonscm.debian.org/cgit/collab-maint/c-icap-modules.git/tree/debian/tests/virus-scan?id=846f5eaf67f92edb26775317dd4ad1699c61a681 > > But this dowork offline. Ah. You scan for the

Bug#824817: [Pkg-clamav-devel] Bug#824817: Please include bytecode.cvd in one .deb

On 2016-05-20 07:05:11 [+0200], Mathieu Parent wrote: > Hi, Hi, > There is no offline way to test clamav. I need this to ensure c-icap is > working properly using autopkgtest. > > I propose that you include bytecode.cvd in clamav-testfiles. bytecode.cvd? You mean that you need a sig database

Bug#804623: osptoolkit: SSLv3 method

On 2015-11-14 14:10:27 [+0100], Kurt Roeckx wrote: > You should change the call from SSLv3_client_method() to > SSLv23_client_method(). > > The SSLv3_* call only talks SSLv3 while the SSLv23_* call is the > only one supporting multiple protocol version. > > I suggest you also get that fixed in

Bug#824042: [Pkg-clamav-devel] Bug#824042: gets into kill/restart loop

On 2016-05-12 19:47:17 [-0300], Felipe Sateler wrote: > > This functionality will come with systemd 230: > > https://github.com/systemd/systemd/pull/3148 , so nothing out of the > > box yet. > > > > A more involved solution (but working right now) would be to have > >

Bug#824196: [Pkg-clamav-devel] Bug#824196: clamav-daemon: clamd crashes daily

control: tags -1 + moreinfo On 2016-05-17 10:18:48 [-0600], Will Aoki wrote: > It doesn't dump core. Memory grows very slightly over time. The very end > of the debug log and a journal of memory use are attached; error code > will be available once I run it again without nohup. it seems to grow

Bug#823513: clamav-freshclam: freshclam fails to download daily.cvd and clamav do not start

On 2016-05-06 23:51:13 [+0200], Sebastian Andrzej Siewior wrote: > > Update failed. Your network may be down or none of the mirrors listed in > > /etc/clamav/freshclam.conf is working. Check > > http://www.clamav.net/doc/mirrors-faq.html for possible reasons. > > To

Bug#824485: [Pkg-clamav-devel] Bug#824485: clamav-freshclam: Segfault

On 2016-05-16 19:33:58 [+0200], Kurt Roeckx wrote: > I'm guessing there is some ABI breakage between the 2 versions. So now learnt how to use/ read abipkgdiff properly: | in unqualified underlying type 'struct cl_engine' at others.h:250:1: |type size changed from 8640 to 8704 bits |1

Bug#824485: [Pkg-clamav-devel] Bug#824485: clamav-freshclam: Segfault

On 2016-05-16 17:32:55 [+0200], Kurt Roeckx wrote: > Received signal: wake up > ClamAV update process started at Mon May 16 15:52:55 2016 > main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: > amishhammer) > Downloading daily-21555.cdiff [100%] > Downloading

Bug#820241: Re: jessie-pu: package clamav/0.99.1+dfsg-0+deb8u1

On 2016-05-14 17:46:19 [+0100], Adam D. Barratt wrote: > > There were no > > complains regarding the transition, upstream has no plans for 0.99.2 > > soon so I think the time might be good now :) > > In the meantime, 0.99.2 has ended up in unstable and testing; I guess > that's the version we now

Bug#805112: zorp: FTBFS: SSLv3 method removed

On 2015-11-14 21:50:33 [+0100], Kurt Roeckx wrote: > The SSLv3 methods in the openssl package have been removed and as > a result your package can't be build anymore. SZALAY, do you plan to look at this? The 3.9.5 release is from 2012, there is 3.9.8 from 2014 and v6.0.7 from 2015. Would it make

Bug#797867: libzypp: ABI transition needed for libstdc++ v5

On 2015-10-30 15:56:38 [+0100], Emilio Pozuelo Monfort wrote: > This is a friendly ping wrt the libstdc++ ABI transition. Your package is > listed > as needing a transition but has seen no action. It'd be good to get things > going > so we can finish the transition soon. Mike, this package

Bug#824196: [Pkg-clamav-devel] Bug#824196: clamav-daemon: clamd crashes daily

On 2016-05-13 14:06:27 [-0600], Will Aoki wrote: > That's it. A space is logged after the colon, but nothing else. interresting. The source says that there should be more. Your bug report says you run i386. Is this the case for the server or just the machine you made the report? > May 13

Bug#824196: [Pkg-clamav-devel] Bug#824196: clamav-daemon: clamd crashes daily

On 2016-05-13 09:43:24 [-0600], Will Aoki wrote: > After upgrading from 0.98.7+dfsg-0+deb7u1 to 0.99+dfsg-0+deb7u2 two > months ago, clamd on one of our servers has crashed approximately daily. > It's rarely stayed running for more than 24 hours. > > Before crashing, the daemon spews the message

Bug#824042: [Pkg-clamav-devel] Bug#824042: gets into kill/restart loop

On 2016-05-11 12:12:42 [-0400], Joey Hess wrote: > Looks like it was being killed each time by the OOM killer. Which makes > sense; clamav uses 18% of the system's 2 gb of ram and so will be the > top target. > > I think there should be something to prevent this runaway scenario. > Maybe a delay,

Bug#823609: jessie-pu: package openssl/1.0.1t-1+deb8u1

644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +openssl (1.0.1t-1+deb8u2) jessie; urgency=medium + + * add Update-S-MIME-certificates.patch to update expired certificates to +pass the test suite + + -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Wed, 11 May 2016

Bug#804531: eagle: cannot be rebuilt against libssl1.0.2

On 2016-05-10 18:19:02 [-0400], Scott Howard wrote: > I agree with this assessment. I'll raise the issue upstream. It's > non-free, so not too high on my priority list (and not much I can do > on my own anyways...) Could you please open a RM bug against ftp-master? There is no need to keep this

Bug#804531: eagle: cannot be rebuilt against libssl1.0.2

On 2016-05-10 00:14:48 [+0200], Sebastian Andrzej Siewior wrote: > Redistributing may be allowed due to the chapter in debian/copyright. It > is not the latest [1] available document which might be "recent" and the > license seems to have change a little, too. My bad. Tha

Bug#804531: eagle: cannot be rebuilt against libssl1.0.2

On 2016-04-22 00:19:58 [+0200], Andreas Beckmann wrote: > Since the only API/ABI difference between libssl1.0.0 and libssl1.0.2 is > the removal of some symbols, you could try the following: … | $ readelf -a bin/eagle|grep -i SSLv3 |09aa3640 00019607 R_386_JUMP_SLOT

Bug#822445: closed by Sebastian Andrzej Siewior <sebast...@breakpoint.cc> (Bug#822445: fixed in clamav 0.99.2+dfsg-1)

On 2016-05-07 21:52:55 [+0200], Helmut Grohne wrote: > >* Drop AllowSupplementaryGroups option which is default now > > (Closes: #822445). > > Seems like you closed the wrong bug. This one is about updating symbols > for nios in src:libgc. This is correct, I am very sorry. > Helmut

Bug#816272: [Pkg-clamav-devel] Bug#816272: clamav-freshclam: logrotate errors out with "gzip: stdin: file size changed while zipping"

On 2016-05-05 14:31:31 [+0200], Christian Pernegger wrote: > Hello! Hi, > So it seems to me like it has migrated to stable, and a while ago at that, > or at least volatile / stable-updates. Or am I missing something? No, this is correct. You reported the bug against 0.98.7+dfsg-0+deb8u1 and this

Bug#823513: [Pkg-clamav-devel] Bug#823513: clamav-freshclam: freshclam fails to download daily.cvd and clamav do not start

On 2016-05-06 15:10:39 [+0200], Simone Piccardi wrote: > Yes, I tried. > No, it's not a temporary or a network problem. > The error messages/WARNING are the same I already reported. The message regarding 0.90.0 is old and 0.90.2 is current is harmless. > Anyway I reinstalled everything (using a

Bug#823513: [Pkg-clamav-devel] Bug#823513: clamav-freshclam: freshclam fails to download daily.cvd and clamav do not start

On 2016-05-05 15:52:43 [+0200], Simone Piccardi wrote: > After installing clamav-freshclam I got these in syslog: > May 5 15:32:29 jessie freshclam[4851]: ERROR: Can't download daily.cvd from > database.clamav.net > May 5 15:32:29 jessie freshclam[4851]: Giving up on database.clamav.net... >

Bug#804807: utopia-documents: FTBFS with swig 3.0

control: tags -1 patch On 2015-11-11 12:47:33 [-0800], Steve Langasek wrote: > The utopia-documents package fails to build in unstable, now that swig has > been updated to version 3.0.7: The two patches attached will let build again. However due to #812823 I don't think it makes sense to apply

Bug#812823: utopia-documents: Segmentation fault on start

On 2016-01-26 18:38:23 [-0500], Douglas Calvert wrote: > gdb followus: > > #0 0x7fc100d95795 in QMetaObject::className() const () from > /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 with QT's dbg package I get #0 QtPrivate::RefCount::deref (this=0x74430f00) at

Bug#804138: percona-xtradb-cluster-galera-2.x: FTBFS: ssl support required but asio/ssl.hpp not found or not usable

alera-2.x (1:2.11.2675-1.3) unstable; urgency=medium + + * Non-maintainer upload. + * Depend on libasio-dev to avoid build failure on internal asio copy +(Closes: #804138). + * Replace _BSD_SOURCE with _DEFAULT_SOURCE to avoid a warning with -Werror + + -- Sebastian Andrzej Siewior <sebast...@brea

Bug#816272: clamav-freshclam: logrotate errors out with "gzip: stdin: file size changed while zipping"

On 2016-04-05 10:43:13 [+0200], Christian Pernegger wrote: > Hi, Hi, > no error e-mail this week, yay! > > It looks like this is/was a duplicate of #788652 in the end (at least > the clamav-freshclam part of it). If you agree, please close & merge > as appropriate. indeed. This did not yet

Bug#823074: clamav: Fix LSB init output

control: tags -1 pending On 2016-05-04 02:00:22 [+0200], Guillem Jover wrote: > Hi! Hi, > I checked those when fixing freshclam, and they looked fine, but it's > true that they might also miss --quiet for start-stop-daemon itself. Oki. Added to your patch:

Bug#822444: Solved

control: tags -1 patch pending control: forwarded -1 https://bugzilla.clamav.net/show_bug.cgi?id=11557 control: found -1 0.98.5~beta1+dfsg-1 On 2016-05-01 17:33:02 [+0200], Xavier Quost wrote: > Hello Sebastian Hi Xavier, > Basically I was cloning configuration for mail server from wheezy to

Bug#822444: Solved

On 2016-05-01 08:08:14 [+0200], Xavier Quost wrote: > Hello Sebastian Hello Xavier, > > true here (to AllowSupplementaryGroups) then it should work again. I > > Could you please check if this change works for you? > > Yes it solves the problem. Okay. Thanks for confirming. > remarks : > (1) I

Bug#823074: clamav: Fix LSB init output

On 2016-04-30 16:52:55 [+0200], Guillem Jover wrote: > Hi! Hi Guillem, > The attached patch fixes the LSB init script to have more consistent > output. Thanks for the patch. This is only against freshclam. Is clamd + clam-milter good? One change was to add --quiet to the stop option and I don't

Bug#822444: Found the problem

On 2016-04-26 22:39:16 [+0200], Xavier Quost wrote: > Hello Sebastian, Hello Xavier, > /lib/systemd/system/clamav-daemon.service … > [Service] … > User=clamav > Group=clamav > I'm not familiar with systemd, however I'm surprised that when > /etc/init.d/clamav-daemon is somethink like 400

Bug#804619: tlsdate: FTBFS: undefined reference to `SSLv3_client_method'

sted by Kurt. Sebastian >From b1afb00818c8d269c52d4b914e62fd5a9985df69 Mon Sep 17 00:00:00 2001 From: Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Date: Wed, 27 Apr 2016 21:10:03 +0200 Subject: [PATCH] Drop explicit support SSLv3 and TLSv1 There is no addedd value in using only SSLv3 or TLSv1. With current openssl

Bug#765639: Bug#802159: New OpenSSL upstream version

On 2016-04-13 21:36:49 [+0100], Adam D. Barratt wrote: > Assuming that we went ahead with upstream updates to Jessie (and future > supported stable distributions), I'm presuming that the preferred > workflow would be similar to other packages for which we ship upstream > stable trees - via the

Bug#822444: [Pkg-clamav-devel] Bug#822444: clamav-daemon does not start with same options using sysinit and systemd

On 2016-04-24 17:39:37 [+0200], xavier quost wrote: > It seems that clamav-daemon does not start with thes sames options when using > systemd or sysvinit. > This leads to problem with clamsmtp / clamd communication breaking mail > checking systeme. >From browsing through the logs here I can't

Bug#774882: openssl: fail to verify some sites when 1024bit root CAs removed

On 2016-03-28 18:57:59 [+0200], Christian Seiler wrote: control: fixed -1 1.0.2b-1 > Hi, Hi, > For example, this breaks curl with those sites, which is used in a > large variety of contexts, especially scripting languages. This might > lead some people to disable certificate checking altogether

Bug#736687: [Pkg-openssl-devel] Bug#736687: libssl1.0.0: default cipher list contains insecure ciphers

On 2014-01-26 12:07:52 [+0100], Kurt Roeckx wrote: > > An acceptable default would be HIGH:MEDIUM:!aNULL:!eNULL:!MD5. > > Even that will not be good enough for some people, but it would > clerly be better than the current defaults. > > I guess the problem with changing the default is that nobody

Bug#778599: Vulnerabilities in nanohttp

On 2015-03-15 06:42:08 [+0100], Salvatore Bonaccorso wrote: > On Tue, Feb 17, 2015 at 10:07:06AM +, Patrick Coleman wrote: > > * Remote null pointer dereference > > A remote user can cause a null pointer dereference by sending a > > malformed Authorization: header. > >

Bug#749354: isakmpd: diff for NMU version 20041012-7.3

for certpatch. Patch by Erwan Prioul (Closes: #749354). + + -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Wed, 20 Apr 2016 21:40:11 +0200 + isakmpd (20041012-7.2) unstable; urgency=low * Non-maintainer upload. diff -Nru isakmpd-20041012/debian/patches/08_gnumakefile.patch isakmpd-20

Bug#804606: httest: diff for NMU version 2.4.8-1.1

: #804606). + + -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Wed, 20 Apr 2016 21:00:04 +0200 + httest (2.4.8-1) unstable; urgency=low * New upstream release diff -Nru httest-2.4.8/debian/patches/consider-OPENSSL_NO_SSL3.patch httest-2.4.8/debian/patches/consider-OPENSSL_NO_SSL3

Bug#821729: O: polygraph -- performance testing tool for caching proxies and more

Package: wnpp Severity: normal I hereby orphan the package. The package was maintained by an upstream developer of Measurement Factory which passed away. Upstream is willing to help with bug fixing of their code but don't have Debian expertise for packaging [0]. [0]

Bug#754645: polygraph: FTBFS on kfreebsd-*: error: 'uintptr_t' has not been declared

control: severity -1 normal On 2014-07-13 05:31:36 [+0200], Cyril Brulebois wrote: > Source: polygraph > Version: 4.3.2-1.2 > Severity: serious > Justification: FTBFS > > Hi, Hi, I change the severity to normal because kfreebsd is not a release architecture and as such it is no longer serious.

Bug#805083: polygraph: FTBFS: SSlv3 method

On 2015-11-16 08:19:36 [-0700], Alex Rousskov wrote: > On 11/14/2015 09:02 AM, Alex Rousskov wrote: > > > If we can provide a small better fix, we will. If a better fix requires > > too many unrelated changes to this Polygraph version, we will provide a > > patch that disables SSLv3 (until a

Bug#749354: isakmpd: FTBFS - cannot open /../../Makefile

Hi, The patch looks simple. Any reason why I should not use it and NMU it isakmpd? It would make isakmpd build again and we would have one libssl1.0.0 user less. Sebastian

Bug#742152: _ssl.c:1415: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac

Control: found -1 1.0.1k-3+deb8u2 On 2016-04-07 14:40:54 [+0200], Fabrizio Lippolis wrote: > BUG still exists within openssl: 1.0.1k-3+deb8u2 using: debian jessie Jessie has 1.0.1k-3+deb8u4 by now. Anyway. This is probably getting us nowhere. Is there someone using the SDK successfully? Is there

Bug#686470: libssl1.0.0: uses SHA256 instead of SHA384 for 384-bit EC key

control: tags -1 + patch upstream control: forwarded -1 https://rt.openssl.org/Ticket/Display.html?id=4496=guest=guest On 2012-09-02 00:46:38 [+], brian m. carlson wrote: > I am running postfix on a sid machine (using OpenSSL) and I have set up > both RSA and EC keys. The EC key in question

<    9   10   11   12   13   14   15   16   17   18   >