On 12/10/2019 07:57, Drew Parsons wrote:
> Hi Daniele, just letting you know I uploaded python-urllib3 1.25.6 to
Thanks for taking care of urllib3.
> I was having some SSL trouble connecting to https://pub.orcid.org. The error
> trace cited urllib3/contrib/pyopenssl.py, so I downloaded and installed
> python-urllib3 1.25.6 to see if updates to default SSL/TLS versions made any
> difference. It didn't fix my problem, but since I had the package update
> I figured I might as well present it to experimental.
I hope to have the time to investigate also this: urllib3/contrib/pyopenssl.py
contains code to have SSL with SNI_-support for Python 2 and it depends on
pyOpenSSL, cryptography and idna. Maybe looking at them can give us more clues.
Also, could you see if using Python3 the connection to https://pub.orcid.org
> The new version fixes CVE-2019-11236 (Bug#927172). As far as I can tell it
> also fixes CVE-2019-11324 (Bug#927412), but I figured it's best to let you
> review that.
> Th package build was successful on my system but gives build-time errors in
> chroot (on buildd). I'm not sure why that's failing.
I will look at them during this weekend, I already had a look at build log from
the phone, but it's better to look from a PC.
Daniele Tricoli 'eriol'
Description: OpenPGP digital signature