Bug#868956: libmspack: CVE-2017-11423

On 2017-08-15 05:55:49 [+0900], Marc Dequènes (Duck) wrote: > Quack, Hi, > I was at DebConf in Canada, so I was busy meeting people :-). > It should be done before or after flying back home. No worries. We got the two CVEs sorted out and a release in the meantime. I see an unstable upload almost

Bug#871987: openssl breaks dovecot

On 2017-08-14 10:46:04 [-0700], James Bottomley wrote: > Just a me too on this: on upgrade, both dovecot and a stunnel based web > application got broken for an older android client.  Downgrading > to 1.1.0f-3 fixes the problem for both dovecot and stunnel4 So what are we talking about? Android 4

Bug#871987: openssl breaks dovecot

On 2017-08-16 07:46:14 [-0700], James Bottomley wrote: > When you run a system for others, you don't get to dictate tools. I do :) >  However, from the complaints it seems to be android 2.3.7 and any > embedded system still using openssl 0.9.8, which must be using TLS 1.0 so basically everything

Bug#872594: clamav: please use system libmspack instead of embedded copy

control: tags -1 pending On 2017-08-19 07:48:28 [+0900], Marc Dequènes wrote: > Quack, Hi, > I can see there was some work to use the library instead of the embedded > code, and that upstream even added the changes, which is nice, unfortunately > the resulting packages do not depend on it. > > I

Bug#845193: dpkg: recent -specs PIE changes break openssl

On 2016-11-21 12:01:21 [+0100], Thorsten Glaser wrote: > I’m suspecting it tries to compile library code (which must > be PIC) as PIE, or something. I got this advice from the > openssl maintainer: This is currently still open against openssl1.0, the package is built without a log so I assume that

Bug#867877: clamav-daemon: please respect manual configuration

On 2017-07-10 23:39:53 [+0200], To Luca Capello wrote: > On 2017-07-10 11:40:20 [+0200], Luca Capello wrote: > > Hi there, > Hi, > > > while debugging why the TCP socket was not responding, I discovered that > > everything was fine if clamd was manually started via the CLI. And then > > I found <

Bug#870253: clamav-milter: disengaging debconf management destroys config

On 2017-07-31 19:38:58 [+0900], Marc Dequènes wrote: > Quack, Hi, > I configured this package using debconf and it worked nicely. I then wanted > to handle the file via configuration management and to do so I disengaged > debconf, replying "no" to the question "Handle the configuration file > auto

Bug#868092: Acknowledgement (clamav-freshclam: clean up legacy conf files)

On 2017-07-12 01:54:01 [+0200], Christoph Anton Mitterer wrote: > On Wed, 2017-07-12 at 01:39 +0200, Christoph Anton Mitterer wrote: > > Sorry, haven't seen it was created via debconf =) > > Reverting this... it's still technically a bug, even though you create > the file, as it's marked as a conf

Bug#872885: netty-tcnative-1.1: Please migrate to openssl1.1 in Buster

Package: netty-tcnative-1.1 Version: 1.1.33.Fork26-2 Severity: important Tags: sid buster User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1-trans Control: block 871056 by -1 Please migrate to libssl-dev in the Buster cycle. Sebastian

Bug#870253: clamav-milter: disengaging debconf management destroys config

On 2017-08-22 16:52:12 [+0900], Marc Dequènes (Duck) wrote: > Quack, Hi, > This may be what people using ucf expect, and in this case you might > probably close the bug, but I don't find this a nice behavior. To me > disengaging debconf mean: leave as it is, I'll take care of it from now > on. I s

Bug#868092: Acknowledgement (clamav-freshclam: clean up legacy conf files)

On 2017-08-20 21:50:32 [+0200], Christoph Anton Mitterer wrote: > Hey. Hi, > Nothing special, I never manually changed the config, only via debconf. > > What seems to be the case here is the following: > > /etc/logrotate.d/clamav-freshclam seems to have been once a "conffile" > (i.e. a config fi

Bug#871918: libssl1.1: tls_process_server_hello:unsupported protocol

On 2017-08-23 09:32:12 [+0200], Michal Palenik wrote: > it look like a something strange with libssl1.1 version 1.1.0f-4 and > some of the certificates. > > openssl s_client -connect mail7.hostmaster.sk:465 (and port 995) > > gives some buggy output (including connections with postfix or > fetchm

Bug#871987: back to dovecot

.cc/openssl-rebuild/dovecot/ > Kurt Sebastian >From fb214b15c5b6bf60da7781bae55b659bcb86db75 Mon Sep 17 00:00:00 2001 From: Sebastian Andrzej Siewior Date: Sat, 26 Aug 2017 17:04:59 +0200 Subject: [PATCH] Add support for lower TLS version than default The openssl library in Debian unstable (

Bug#870253: clamav-milter: disengaging debconf management destroys config

On 2017-08-22 21:21:14 [+0200], To Marc Dequènes wrote: > @team: any opinion here? I am going to drop that part where the debconf created file gets overwritten with the sample file. Need to test before I commit it… Sebastian

Bug#870253: clamav-milter: disengaging debconf management destroys config

On 2017-08-28 17:04:51 [+0900], Marc Dequènes (Duck) wrote: > Quack, Hi, > Thanks. > > I can help you test if you provide a test package. as you wish. At https://breakpoint.cc/clamav/ you can find a .dsc file of what we have currently in git on alioth and a prebuilt binary for amd64. >

Bug#873574: openssh-ssh1: Please migrate to openssl1.1 in Buster

Package: openssh-ssh1 Version: 1:7.5p1-8 Severity: important Tags: sid buster User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1-trans Control: block 871056 by -1 Please migrate to libssl-dev in the Buster cycle. Sebastian

Bug#873647: libshout: Please migrate to openssl1.1 in Buster

Package: libshout Version: 2.4.1-1 Severity: important Tags: sid buster User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1-trans Control: block 871056 by -1 Please migrate to libssl-dev in the Buster cycle. Sebastian

Bug#824817: [Pkg-clamav-devel] Bug#824817: Bug#824817: Please include bytecode.cvd in one .deb

On 2016-08-09 21:58:50 [+0200], To Mathieu Parent (Debian) wrote: > On 2016-05-22 12:14:29 [+0200], Sebastian Andrzej Siewior wrote: > > Ah. You scan for the eicar sample. Okay. So you try to do something like > > we do in [0] ? Because that shouldn't work: > >

Bug#868766: clamav-freshclam: please update logcheck rules

control: found -1 0.99.2+dfsg-0+deb7u2 control: found -1 0.99.2+dfsg-6 control: tags -1 pending On 2017-07-18 13:08:19 [+0200], Václav Ovsík wrote: > > Dear Maintainer, > there is a tiny improvement to logcheck file please: thanks. Sebastian

Bug#867877: clamav-daemon: please respect manual configuration

On 2017-08-21 15:22:49 [+0200], Luca Capello wrote: > Hi there, Hi, > Given that no documentation was available, not even in the upstream > files, I was lost, so this would be the first improvement. > > I was not aware that upstream chose the "full-systemd path", so I guess > changing that is a n

Bug#873978: sendmail-base: Please check for /usr/share/sendmail/dynamic before sourcing it

Package: sendmail-base Version: 8.15.2-8 Severity: serious I had sendmail installed. Then I removed it including sendmail-base. I used "apt-get remove" instead of "purge" and this did not end well. The log was quickly filled with this: |Sep 1 21:28:02 debbuildd dhclient[3221]: DHCPREQUEST of 172

Bug#689529: libssl1.0.0: Cannot connect to www.labanquepostale.fr:443

On 2012-10-04 00:17:45 [+0200], Kurt Roeckx wrote: > For reference, BigIP tracks this as Bug 376483. It is fixed in > the BIG-IP LTM 10.2.4 software release. > > An other site that seems to be affected by this is > my.t-mobile.com:443. closing. This BigIP issue should be solved and even my.t-mobi

Bug#742240: libssl1.0.0: TLSv1_client_method()/SSL_Connect() heap overrun

On 2014-03-21 02:04:11 [-0400], Brandon wrote: > When creating a client context with SSL_CTX_new(TLSv1_client_method()), > SSL_Connect() triggers a heap overrun with the following output from valgrind: Does this still occur as of 1.1.0f? > Thanks, > Brandon Sebastian

Bug#385907: [Pkg-openssl-devel] Bug#385907: marked as done (openssl: missing purging at remove-time)

On 4 September 2017 22:08:27 CEST, Kurt Roeckx wrote: >> >> Since >> https://piuparts.debian.org/stretch/source/o/openssl.html >> >> says "successfully-tested 1.1.0f-3" I think that we are done here. > >I think it's other packages that call openssl from the maintainer >scripts that fail. Ther

Bug#825646: trace-cmd: New upstream release 2.6

On 2016-05-28 15:17:16 [+0200], Javi Merino wrote: > trace-cmd has a new version upstream: 2.6. I have prepared an update > for it, find it attached. You could close that one since you uploaded it. Could you however update it to 2.6.1 which would address #867440? Sebastian

Bug#859740: tcpdump: Please migrate to openssl1.1 in Buster

On 2017-07-02 11:56:19 [+0200], Romain Francoise wrote: > OpenSSL 1.1 is not supported upstream yet. It builds, but the resulting > tcpdump binary segfaults when running the ESP test suite, which is why I > changed the package to target OpenSSL 1.0 in stretch. I am not talkig about Stretch here. F

Bug#867140: cqrlog: Please migrate to openssl1.1 in Buster

Package: cqrlog Version: 2.0.5-1 Severity: important Tags: sid buster User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1-trans Please migrate to libssl-dev in the Buster cycle. Sebastian

Bug#867209: libreoffice: Letter wizard can't find wizardi templates

Package: libreoffice Version: 1:5.4.0~rc1-1 Severity: normal I clickety clack File -> Wizards -> Letter and nothing happens. Except for the console where I read: Traceback (most recent call last): File "/usr/lib/libreoffice/program/wizards/letter/LetterWizardDialogImpl.py", line 87, in

Bug#867209: libreoffice: Letter wizard can't find wizardi templates

On 2017-07-04 21:59:17 [+0200], Rene Engelhard wrote: > > -- System Information: > > Debian Release: buster/sid > > APT prefers unstable > > APT policy: (500, 'unstable') > > How did you get this version on your system if you don't have experimental > in your sources.list? I have it commented

Bug#867248: stretch-pu: package libclamunrar/0.99-3+deb9u1

) stable; urgency=medium + + * Cherry pick fix for arbitrary memory write. CVE-2012-6706 +(Closes: #867223). + + -- Sebastian Andrzej Siewior Wed, 05 Jul 2017 08:30:54 +0200 + libclamunrar (0.99-3) unstable; urgency=medium * Add a fixup for bb11601. diff -Nru libclamunrar-0.99/debian/.git

Bug#867328: jessie-pu: package libclamunrar/0.99-0+deb8u3

) oldstable; urgency=medium + + * Cherry pick fix for arbitrary memory write. CVE-2012-6706 +(Closes: #867223). + + -- Sebastian Andrzej Siewior Wed, 05 Jul 2017 21:20:40 +0200 + libclamunrar (0.99-0+deb8u2) stable; urgency=medium * Add patches from upstream bugzilla bb11600 and bb11601 to

Bug#867440: trace-cmd: segfaults while processing certain trace files

Package: trace-cmd Version: 2.6-0.1 Severity: important Tags: fixed-upstream upstream patch Hi, I record a trace with trace-cmd start -e sched_switch; sleep 2; trace-cmd stop; trace-cmd extract; and then dump it and this crashes trace-cmd report trace.dat | [xhci-hcd:xhci_urb_

Bug#874699: node-evp-bytestokey: Please migrate to openssl1.1 in Buster

Package: node-evp-bytestokey Version: 1.0.3-1 Severity: important Tags: sid buster User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1-trans Control: block 871056 by -1 Please migrate to libssl-dev in the Buster cycle. Sebastian

Bug#875349: libp11: Please migrate to openssl1.1 in Buster

Package: libp11 Version: 0.4.7-1 Severity: important Tags: sid buster User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1-trans Control: block 871056 by -1 Please migrate to libssl-dev in the Buster cycle. Sebastian

Bug#844770: xzcmp: SIGPIPE is raised because CMP does exit while the XZ commands are still writing to the pipe

On 2016-11-18 22:51:29 [+0100], ViaThinkSoft wrote: > Version: 5.1.1alpha+20120614-2+b3 > I noticed that xzcmp returns status code 2 (error) for a few file pairs, > especially if they differ in size. can you please check if current 5.2.2 is affected and if so provide a testcase? Sebastian

Bug#876314: stretch-pu: package trace-cmd/2.6-0.1+b1

ainer upload. + * Fix segfault while processing certain trace files (Closes: #867440). + + -- Sebastian Andrzej Siewior Wed, 20 Sep 2017 21:51:23 +0200 + trace-cmd (2.6-0.1) unstable; urgency=medium * Non-maintainer upload. diff -Nru trace-cmd-2.6/debian/patches/0002-tools-lib-traceeven

Bug#871056: Qt4 in the context of OpenSSL 1.0 removal

On 2017-08-26 16:44:34 [-0300], Lisandro Damián Nicanor Pérez Meyer wrote: > Hi! src:qt4-x11 is not listed in the transition but it's definitely using > libssl (although trough dllopen). It is. The other qt-related bugs are: #828522 [i| |♔] [src:qt4-x11] qt4-x11: FTBFS with openssl 1.1.0 #859671

Bug#871056: transition: openssl

On 2017-09-13 18:51:43 [+0200], Emilio Pozuelo Monfort wrote: > tags 871056 confirmed > thanks just noticed that this bug has been confirmed. Does this mean anything for the openssl transition? Usually this confirmed comes with "Go ahead" which leads to an upload to unstable and the severity of th

Bug#875423: openssl: Please re-enable TLS 1.0 and TLS 1.1 (at least in testing)

On 2017-09-11 12:30:30 [+0200], Raphael Hertzog wrote: > Yes, I'm aware of that but Kurt never said that he would be willing to > back off from completely disabling it before the buster release and > I don't see any benefit in modifying all server applications to re-enable > the protocols that we w

Bug#876403: Ship ct_log_list.cnf so -ct works

On 2017-09-21 12:03:19 [-0700], Josh Triplett wrote: > Attempting to use "openssl s_client -ct" produces this error: > > 139776622486784:error:02001002:system library:fopen:No such file or > directory:../crypto/bio/bss_file.c:74:fopen('/usr/lib/ssl/ct_log_list.cnf','rb') > 139776622486784:error:2

Bug#867877: clamav-daemon: please respect manual configuration

On 2017-07-10 11:40:20 [+0200], Luca Capello wrote: > Hi there, Hi, > while debugging why the TCP socket was not responding, I discovered that > everything was fine if clamd was manually started via the CLI. And then > I found . > > Please, this is becoming ridicu

Bug#867240: [Pkg-openssl-devel] Bug#867240: openssl: Please add support for arm64ilp32 architecture

control: tags -1 pending On 2017-07-05 03:39:45 [+0100], Wookey wrote: > This package FTBFS on arm64ilp32. The package has upstream support > already. It just needs the correct debian target conf information adding. > "debian-arm64ilp32" => { > inherit_from => [ "linux-arm64ilp32

Bug#868956: libmspack: CVE-2017-11423

On 2017-07-23 16:52:16 [+0100], Stuart Caie wrote: > Hello, Hi Stuart, > https://github.com/kyz/libmspack/commit/3e3436af6010ac245d7a390c6798e2b81ce09191 > > 2015-05-10 Stuart Caie > > * cabd_read_string(): correct rejection of empty strings. Thanks to > > Hanno Böck for finding the issu

Bug#870775: boxbackup: Please migrate to openssl1.1 in Buster

Package: boxbackup Version: 0.12~gitcf52058f-3 Severity: important Tags: sid buster User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1-trans Please migrate to libssl-dev in the Buster cycle. Sebastian

Bug#870778: libtgvoip: Please migrate to openssl1.1 in Buster

Package: libtgvoip Version: 1.0~git20170704.445433f-2 Severity: important Tags: sid buster User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1-trans Please migrate to libssl-dev in the Buster cycle. Sebastian

Bug#870777: casync: Please migrate to openssl1.1 in Buster

Package: casync Version: 2-1 Severity: important Tags: sid buster User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1-trans Please migrate to libssl-dev in the Buster cycle. Sebastian

Bug#870779: pev: Please migrate to openssl1.1 in Buster

Package: pev Version: 0.80-3 Severity: important Tags: sid buster User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1-trans Please migrate to libssl-dev in the Buster cycle. Sebastian

Bug#870777: casync: Please migrate to openssl1.1 in Buster

On 2017-08-05 11:16:06 [-0400], Felipe Sateler wrote: > Hi Sebastian, Hi Felipe, > I still have the libssl1.0-dev fallback in order to be able to build > in my sid workstation (nodejs-dev still requires libssl1.0), but > uploads are whenever possible source-only, and if not, built in a > fresh chr

Bug#869856: openssl: FTBFS: Testsuite failures

control: tags -1 patch fixed-upstream pending control: forwaded -1 https://github.com/openssl/openssl/issues/3562 On 2017-07-27 19:06:19 [-0700], Daniel Schepler wrote: > It appears so. (Though I did have to apply it by hand as there was no > "clientsession" line for patch to sync to in hunk #2.)

Bug#869856: openssl: FTBFS: Testsuite failures

On 5 August 2017 23:31:33 CEST, Kurt Roeckx wrote: >I planned to break things by disabling TLS 1.0 and 1.1, which I >might upload soon. I guess I can fix that at the same time. Do you intend a transition like we had for SSLv2 removal or do you plan just to disable it? I remember a few packages

Bug#868956: libmspack: CVE-2017-11423

On 2017-08-06 10:22:11 [+0100], Stuart Caie wrote: > Commited a fix: > https://github.com/kyz/libmspack/commit/17038206fcc384dcee6dd9e3a75f08fd3ddc6a38 > > I'll put out a release in the near future. thank you Stuart. Marc do plan you upload something to unstable/security soon, wait for a new rel

Bug#871056: transition: openssl

Package: release.debian.org User: release.debian@packages.debian.org Usertags: transition Severity: normal This transition should be the final one to get libssl1.0.2 out of unstable for Buster and move all libssl1.0-dev users back to libssl-dev. There are new 1.0-users comming from to time. Th

Bug#802658: libesmtp: Should support TLS 1.1+

On 2017-08-07 14:26:07 [+0200], Salvatore Bonaccorso wrote: > Control: severity important as in SSL not working anymore in unstable for libesmtp. > Hi Jeremy, Hi Salvatore, > Please find attached a (refreshed) patch which is still valid to add > the proper support for TLSv1.1+ Description: Add

Bug#871403: RM: clamav/experimental -- NVIU; lower version in unstable

Package: ftp.debian.org Severity: normal The experimental suite for clamav has 0.99.3~snapshot20170704+dfsg-1 and unstable 0.99.3~beta1+dfsg-1 and this makes the unstable version appear to be lower than the version in experimental. Therefore I am asking for its removal from experimental. The diff

Bug#802658: libesmtp: Should support TLS 1.1+

On 2017-08-07 21:00:05 [+0200], Salvatore Bonaccorso wrote: > Hi Sebastian Hi Salvatore, > Thanks for review. The reason I did that is indeed, to have a patch > which is most acceptable for upstream to include, independent on > Debian, although upstream since I initially pinged never replied to my

Bug#871427: argyll: please switch to SSLv23_… or TLS_…_method

Package: argyll Version: 1.9.2+repack-1 Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: TLS1.0_1.1_removal Your packages uses a function which requests a TLS1.0 and/or TLS1.1 only connection. Since openssl 1.1.0f-4 (currently in unstable) this means won't work because

Bug#871428: dcap: please switch to SSLv23_… or TLS_…_method

Package: dcap Version: 2.47.10-3 Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: TLS1.0_1.1_removal Your packages uses a function which requests a TLS1.0 and/or TLS1.1 only connection. Since openssl 1.1.0f-4 (currently in unstable) this means won't work because it pro

Bug#871429: dma: please switch to SSLv23_… or TLS_…_method

Package: dma Version: 0.11-1 Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: TLS1.0_1.1_removal Your packages uses a function which requests a TLS1.0 and/or TLS1.1 only connection. Since openssl 1.1.0f-4 (currently in unstable) this means won't work because it provide

Bug#871430: elog: please switch to SSLv23_… or TLS_…_method

Package: elog Version: 3.1.3-1-1 Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: TLS1.0_1.1_removal Your packages uses a function which requests a TLS1.0 and/or TLS1.1 only connection. Since openssl 1.1.0f-4 (currently in unstable) this means won't work because it pro

Bug#871432: nmh: please switch to SSLv23_… or TLS_…_method

Package: nmh Version: 1.6-16 Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: TLS1.0_1.1_removal Your packages uses a function which requests a TLS1.0 and/or TLS1.1 only connection. Since openssl 1.1.0f-4 (currently in unstable) this means won't work because it provide

Bug#871431: libexosip2: please switch to SSLv23_… or TLS_…_method

Package: libexosip2 Version: 4.1.0-2.1 Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: TLS1.0_1.1_removal Your packages uses a function which requests a TLS1.0 and/or TLS1.1 only connection. Since openssl 1.1.0f-4 (currently in unstable) this means won't work because

Bug#871433: poco: please switch to SSLv23_… or TLS_…_method

Package: poco Version: 1.7.6+dfsg1-5 Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: TLS1.0_1.1_removal Your packages uses a function which requests a TLS1.0 and/or TLS1.1 only connection. Since openssl 1.1.0f-4 (currently in unstable) this means won't work because it

Bug#871434: rdesktop: please switch to SSLv23_… or TLS_…_method

Package: rdesktop Version: 1.8.3-2 Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: TLS1.0_1.1_removal Your packages uses a function which requests a TLS1.0 and/or TLS1.1 only connection. Since openssl 1.1.0f-4 (currently in unstable) this means won't work because it p

Bug#871435: sofia-sip: please switch to SSLv23_… or TLS_…_method

Package: sofia-sip Version: 1.12.11+20110422.1-2.1 Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: TLS1.0_1.1_removal Your packages uses a function which requests a TLS1.0 and/or TLS1.1 only connection. Since openssl 1.1.0f-4 (currently in unstable) this means won't w

Bug#871436: uhub: please switch to SSLv23_… or TLS_…_method

Package: uhub Version: 0.4.1-3.1 Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: TLS1.0_1.1_removal Your packages uses a function which requests a TLS1.0 and/or TLS1.1 only connection. Since openssl 1.1.0f-4 (currently in unstable) this means won't work because it pro

Bug#871477: upgrade of libssl1.1 to breaks dovecot imap via tls: kmail from debian stable/unstable cannot connect to dovecot any more

On 2017-08-08 12:44:09 [+0200], Wolfgang Walter wrote: > Package: libssl1.1 > Version: 1.1.0f-4 > Severity: important > > After upgrading a server to libssl1.1 1.1.0f-4 kmail on debian/stable could > not connect to dovecot on debian/unstable any more (kmail on debian/unstable > can't connect, ei

Bug#871514: clamav: FTBFS on mips64el

Package: clamav Version: 0.99.2+dfsg-6 Severity: serious The last build of clamav (0.99.3~beta1+dfsg-1) failed on mips64el. However the build in experimtal (0.99.3~snapshot…) succeeded and code change is very minimal (almost non-existing). The I tried 0.99.2+dfsg-6 on eller and it failed, too but

Bug#871514: clamav: FTBFS on mips64el

On 2017-08-08 20:34:37 [+0200], To sub...@bugs.debian.org wrote: … > returned (the important part): > |LibClamAV debug: parseEmailBody() rc 1 infect 0 > |LibClamAV debug: parseEmailBody() returning 3 … > The exp build passed with gcc-6_6.4.0-1 [0]. Is there an easy way to > downgrade the compiler o

Bug#871514: clamav: FTBFS on mips64el

control: reassign -1 gcc-7 7.1.0-12 control: affects -1 clamav On 2017-08-09 16:43:29 [+0200], Aurelien Jarno wrote: > I got a quick look. It's indeed a regression introduced by GCC 7. It can > be workarounded by building the file with -O0, but already appears with > -O1 optimization. > > I got a

Bug#859826: xca: Please migrate to openssl1.1 in Buster

On 2017-04-10 12:09:39 [+0200], Tino Mettler wrote: > Hi, Hi, > I already talked to upstream about this last year during the "OpenSSL > 1.0 vs. 1.1 in Stretch" discussion. XCA makes use of many data that is > not available in 1.1 anymore, making a migration non-trivial. please get upstream of xca

Bug#859826: xca: Please migrate to openssl1.1 in Buster

On 2017-04-10 14:23:42 [+0200], Tino Mettler wrote: > Hi, Hi, > I didn't want to state that there are no successors in 1.1. It's just > that the accessors work differently, and making XCA build with 1.0 and > 1.1 results in a little #ifdef hell. Another annoyance was that the > OpenSSL documentati

Bug#860254: [Pkg-openssl-devel] Bug#860254:

On 2017-04-20 09:35:27 [+], Jonathon Delgado wrote: > Even if something in this script requires full perl, many ca-certificate > users won't run it after the initial install (of ca-certificates), and apt > won't let me uninstall just perl because of the hard dependency. The openssl package s

Bug#828342: Building with OpenSSL 1.0.2 is sufficient for stretch

Can upstream please look at it? > cu > Adrian > Sebastian >From d22a8aad49283131472f79c9a1f369d78a397c9d Mon Sep 17 00:00:00 2001 From: Sebastian Andrzej Siewior Date: Thu, 8 Dec 2016 20:47:15 + Subject: [PATCH] httest: add OpenSSL 1.1.0 support Most things are straight f

Bug#835800: transmission: FTBFS with openssl 1.1.0

On 2016-09-05 23:27:57 [+0100], Sandro Tosi wrote: > On Mon, Sep 5, 2016 at 10:59 PM, Sebastian Andrzej Siewior > wrote: > > control: tags -1 patch > > thanks for the patch, against which version is this based on? 2.92 > reached unstable after this bug was filed This bug re

Bug#828267: reopen, it is still valid

control: reopen -1 control: merge -1 828267 from the change [0] you use say that a compatible API is used but the CFLAG change makes no sense. This is probably a miss understanding. You have two choices: - port (or let port) the software to use libssl-dev which provides the openssl 1.1.0 API and

Bug#828267: [Pkg-citadel-devel] Bug#828267: reopen, it is still valid

control: merge -1 846543 On 2016-12-11 09:54:42 [+0100], Michael Meskes wrote: > What are you trying to do here? Reopen 828267 and merge with itself? > There is no other bug mentioned. What do I miss? Yeah. Not very smart. I intended to merge it with 846543. > > from the change [0] you use say th

Bug#828267: [Pkg-citadel-devel] Bug#828267: reopen, it is still valid

On 2016-12-11 21:07:14 [+0100], Michael Meskes wrote: > Sorry, wasn't precise enough it seems. I was wondering why you left out > the third possible option, namely the compatibility API in libssl 1.1. Ach. It does not work that way, this "compatibility" API is defined by the openssl build and shou

Bug#828387: libcrypt-openssl-rsa-perl: FTBFS with openssl 1.1.0

On 2016-11-26 16:18:44 [+0100], gregor herrmann wrote: > I also mentioned your patch in the upstream bug: > https://rt.cpan.org/Ticket/Display.html?id=117481 > which contains a different patch from Petr Písař. > > No reaction there from either Petr or the upstream authors. > I just pinged the tick

Bug#848031: manpages: Can not be installed with initscripts

Package: manpages Version: 4.09-1 Severity: serious An upgrade fails: |Preparing to unpack .../manpages_4.09-1_all.deb ... |Unpacking manpages (4.09-1) over (4.08-1) ... |dpkg: error processing archive /var/cache/apt/archives/manpages_4.09-1_all.deb (--unpack): | trying to overwrite '/usr/share/m

Bug#848079: nmu: libcrypt-openssl-bignum-perl_0.07-1

Package: release.debian.org User: release.debian@packages.debian.org Usertags: binnmu Severity: normal nmu libcrypt-openssl-bignum-perl_0.07-1 . ANY . unstable . -m "rebuild against openssl 1.1.0" This NMU should pickup libssl1.1 instead 1.0.2 which is it currently linked against. Once this

Bug#828477: Building against openssl1.0 for the time being

Control: severity -1 important On 2016-12-12 19:53:38 [+0100], Alberto Gonzalez Iniesta wrote: > Uploaded 2.4~rc1-1 build against openssl1.0 until upstream moves to 1.1 Okay. And with the lower severity it has a chance to get into testing. Sebastian

Bug#847612: [Pkg-nagios-devel] Bug#847612: monitoring-plugins-basic lost OpenSSL support

On 2016-12-11 16:25:27 [+0100], Jan Wagner wrote: > Am 09.12.16 um 22:10 schrieb Adrian Bunk: > > configure: WARNING: OpenSSL or GnuTLS libs could not be found or were > > disabled > > thanks for notifying. Seems that there was a change in depencies in > unstable (and testing) for some of the pac

Bug#828408: fixed in libpoe-filter-ssl-perl 0.30-2

ndrzej Siewior Date: Wed, 14 Dec 2016 22:03:38 +0100 Subject: [PATCH] libpoe-filter-ssl-perl: add openssl 1.1.0 support Signed-off-by: Sebastian Andrzej Siewior --- SSL.xs | 24 ++-- 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/SSL.xs b/SSL.xs index f7ee51

Bug#828469: openipmi: diff for NMU version 2.0.22-1.1

pport (Closes: #828469). + + -- Sebastian Andrzej Siewior Wed, 14 Dec 2016 22:19:50 +0100 + openipmi (2.0.22-1) unstable; urgency=medium * new upstream release from 2016-06-01 diff -Nru openipmi-2.0.22/debian/patches/0001-Add-openssl-1.1.0-support.patch openipmi-2.0.22/debian/patches/0001-Add-op

Bug#828279: davix: diff for NMU version 0.6.4-1.1

;t install gtest's header files or static libs. + + -- Sebastian Andrzej Siewior Thu, 15 Dec 2016 21:40:12 +0100 + davix (0.6.4-1) unstable; urgency=medium * Update to version 0.6.4 diff -Nru davix-0.6.4/debian/control davix-0.6.4/debian/control --- davix-0.6.4/debian/control 2

Bug#848113: libcrypt-openssl-rsa-perl: binary incompatibility with libcrypt-openssl-pkcs10-perl (openssl versions)

On 2016-12-14 19:21:07 [+0100], gregor herrmann wrote: > Hm, a breaks with a binNUM version sounds at least inelegant. > > How about: > libcrypt-openssl-pkcs10-perl: Depends: libcrypt-openssl-rsa-perl (>= 0.28-4) > libcrypt-openssl-rsa-perl: Breaks: libcrypt-openssl-pkcs10-perl (<< 0.16-2) All pe

Bug#848113: libcrypt-openssl-rsa-perl: binary incompatibility with libcrypt-openssl-pkcs10-perl (openssl versions)

On 2016-12-17 14:22:16 [+0200], Niko Tyni wrote: > That's assuming all the rebuilt packages migrate into stretch so that > none with libssl1.0.2 dependencies are left. Is anybody monitoring this? from the transition tracker everything *perl* is green so I don't see a reason why it should not migra

Bug#828247: Building with openssl 1.1

On 2016-11-14 10:53:56 [+0100], Jordi Mallach wrote: > Hi Marc and Salvatore, > > Apologies, > > My intention after the NMU (which was the minimal change approach: build with > the version known to previously work) was to get #828247 cloned and lowered > to severity important so the 1.1 patches t

Bug#848113: libcrypt-openssl-rsa-perl: binary incompatibility with libcrypt-openssl-pkcs10-perl (openssl versions)

On 2016-12-17 20:38:43 [+0200], Niko Tyni wrote: > > > For reference, here's a list of lib.*-perl packages depending on > > > libssl1.*. > > As of unstable, there should be nothing perl related depending on libssl1.0. > > If there is then please let me know because it probably might be good to > >

Bug#846569: libsnmp-dev: Should depend on "libssl-dev | libssl1.0-dev" if possible

On 2016-12-02 10:43:17 [+0100], Raphaël Hertzog wrote: > Currently openvas is not buildable because it build-depends on libssh-dev > which depends on libssl1.0-dev and libsnmp-dev which depends on > libssl-dev (and both libssl*-dev are not co-installable). > > I believe we might be able to fix thi

Bug#828471: opensc: FTBFS with openssl 1.1.0

On 2016-12-17 21:52:30 [+0100], Sebastian Andrzej Siewior wrote: > Eric, it seems you moved to openssl 1.0. In general you should have Ah. And from looking at the upstream tracker / pull request, the 1.1.0 support has been merged upstream so you could just cherry-pick the 1.1.0 supp

Bug#828471: opensc: FTBFS with openssl 1.1.0

control: severity -1 important control: unblock 827061 by -1 Eric, it seems you moved to openssl 1.0. In general you should have close this bug with your upload and cloned this bug with severity important so it can be addressed in Buster cycle. For now I unblocked the transition bug and lowered th

Bug#176058: [openssl.org #447] [Fwd: Bug#176058: openssl: Should ask password only after basic input validation]

Version: 1.1.0~pre5-5 On 2003-01-13 18:47:28 [+0100], Florian Weimer wrote: > "Richard Levitte via RT" writes: > > "openssl ca" is one of them, and probably the most cumbersome. > "openssl req -new -out $FILE" does not verify that $FILE is a writable > file. since exp: |$ openssl req -new -out

Bug#833156: [Pkg-openssl-devel] Bug#833156: openssl: Please enable s390x asm optimisations

control: fixed -1 1.1.0~pre5-5 control: found -1 1.0.2h-1 control: notfound -1 1.0.2g-1ubuntu4.1 On 2016-08-01 15:32:18 [+0100], Dimitri John Ledkov wrote: > Version: 1.0.2g-1ubuntu4.1 since when do file bugs under an ubuntu version? > openssl as built in unstable does not have s390x asm optimis

Bug#833156: [Pkg-openssl-devel] Bug#833156: Bug#833156: openssl: Please enable s390x asm optimisations

On 2016-08-01 21:38:07 [+0200], Kurt Roeckx wrote: > I'm just wondering if we should do this for: > - Stable (Does 1.0.1 also have the assembler?) From the jessie_stable branch: |./Configure:my $s390x_asm="s390xcap.o s390xcpuid.o:bn-s390x.o s390x-mont.o s390x-gf2m.o::aes-s390x.o aes-ctr.o aes-xts

Bug#778747: openssl: RFC 7465 says RC4 is broken, never to be used

On 2015-02-22 11:44:37 [+0100], Kurt Roeckx wrote: > Even with RC4 enabled on both sides, it does provide something > secure that doesn't use RC4 as long as you don't don't touch the > defaults. And I've seen many applications that screw up the > defaults. As of openssl in experimental we don't h

Bug#833328: [Pkg-openssl-devel] Bug#833328: Please close or delete this issue.

On 2016-08-03 11:00:18 [+0300], Mihail Artamonov wrote: > Hello, this problem was solved. Thank you! What changed in the last 9 minutes that solved the problem? Sebastian

Bug#833328: [Pkg-openssl-devel] Bug#833328: Bug#833328: openssl does not start on x86_64: version `OPENSSL_1.0.1s' not found

On 2016-08-03 17:06:22 [+0200], Kurt Roeckx wrote: > You're using openssl from stable but libssl1.0.0 from backports. > > It's rather annoying, but I wasn't sure how to deal with it. I > guess I should add a Breaks in the backports version. I think the linker version script is wrong. In stable w

Bug#851615: xz-utils: please upgrade to 5.2.3

Package: xz-utils Version: 5.2.2-1.2 Severity: wishlist Please upgrade to 5.2.3 for Stretch. One visible change is the usage of sched_getaffinity() which is preferred over all online CPUs especially on bigger NUMA boxes where affinity mask is often limited to a node. Sebastian

Bug#851615: xz-utils: please upgrade to 5.2.3

On 2017-01-16 21:43:24 [+], Thorsten Glaser wrote: > Sebastian Andrzej Siewior dixit: > > >Please upgrade to 5.2.3 for Stretch. One visible change is the usage of > > That’s rather late, I’d not risk it, especially not for a package > that is so low in the stack as xz

<    1   2   3   4   5   6   7   8   9   10   >