Am Dienstag, 8. August 2017, 15:13:23 schrieben Sie:
> reassign kmail 4:16.04.3-3
> thanks
>
> On Tue, Aug 08, 2017 at 12:44:09PM +0200, Wolfgang Walter wrote:
> > Package: libssl1.1
> > Version: 1.1.0f-4
> > Severity: important
> >
> > After upgrading a server to libssl1.1 1.1.0f-4 kmail on debian/stable could
> > not connect to dovecot on debian/unstable any more (kmail on
> > debian/unstable can't connect, either).
> >
> > Dovecot logs "... tls_process_client_hello:version too low ..."
> >
> > Probably this is due to "Disable TLS 1.0 and 1.1".
> >
> > Please reactivate it. We would like to continue our policy to continously
> > test debian/unstable and debian/testing on servers in our environment.
>
> I'm going to start with reassigning this to kmail. I believe all
> such issues should get fixed, and that they should get fixed in
> stable and maybe oldstable too.
>
But this also exists in ubuntu and other systems.
I agree that it would be good to fix that in debian/stable and debian/oldstable
anyway (if it is indeed a kmail problem). But disabling TLS 1.0 and 1.1 in
openssl directly to find other (mostly remote, often other people's) systems is
bad. It makes testing unstable much harder because you have to rebuild openssl
yourself with TLS 1.0 and 1.1 reactivated.
Regards,
--
Wolfgang Walter
Studentenwerk München
Anstalt des öffentlichen Rechts
