On 2021-03-22 19:52:00 [+0100], To Kurt Roeckx wrote:
> > I will prepare 1.1.1k for unstable, do buster-security based on
> > 1.1.1d-0+deb10u5 and then come back with an updated pu :)
New round. I prepared a pu for Buster based on OpenSSL 1.1.1k. The
unstable release migrated to testing. I am not
Resending because I managed to accidently clear TO:
On 2021-03-22 19:48:31 [+0100], Cc 959...@bugs.debian.org wrote:
> On 2021-02-24 23:23:07 [+0100], To Kurt Roeckx wrote:
> > On 2021-02-10 21:52:46 [+0100], To Kurt Roeckx wrote:
> > > OpenSSL upstream announced [0] 1.1.1j for next Tuesday with
On 2021-02-24 23:23:07 [+0100], To Kurt Roeckx wrote:
> On 2021-02-10 21:52:46 [+0100], To Kurt Roeckx wrote:
> > OpenSSL upstream announced [0] 1.1.1j for next Tuesday with a security
> > fix classified as MODERATE [1].
So this happened. OpenSSL upstream announced [0] 1.1.1k for next
Thursday
On 2021-02-01 23:50:03 [+0100], To Kurt Roeckx wrote:
> in case someone wants to test.
> I think the ship for this pu is sailing without me but I'm ready for the
> next cruise :)
OpenSSL upstream announced [0] 1.1.1j for next Tuesday with a security
fix classified as MODERATE [1].
[0]
On 2021-01-29 20:35:52 [+0100], To Kurt Roeckx wrote:
> On 2021-01-28 00:28:03 [+0100], Kurt Roeckx wrote:
> > On Thu, Jan 14, 2021 at 07:03:37PM +0100, Kurt Roeckx wrote:
> > > There are a whole bunch of other issues and pull requests related to
> > > this. I hope this is the end of the
On 2021-01-28 00:28:03 [+0100], Kurt Roeckx wrote:
> On Thu, Jan 14, 2021 at 07:03:37PM +0100, Kurt Roeckx wrote:
> > There are a whole bunch of other issues and pull requests related to
> > this. I hope this is the end of the regressions in the X509 code.
>
> So there is something else now:
>
On Thu, Jan 14, 2021 at 07:03:37PM +0100, Kurt Roeckx wrote:
> There are a whole bunch of other issues and pull requests related to
> this. I hope this is the end of the regressions in the X509 code.
So there is something else now:
https://github.com/openssl/openssl/issues/13931
On 2021-01-25 19:57:18 [+0100], Cyril Brulebois wrote:
> Not really *much* easier, to be honest. I can definitely build a package
> locally given a source debdiff, or slightly better, given a source
> package I can run dget against (since we're talking about new upstream
> releases, by the looks
Adam D. Barratt (2021-01-25):
> KiBi - I'm assuming that it would be much easier for you to check d-i
> against the new OpenSSL version if it were already in p-u?
Not really *much* easier, to be honest. I can definitely build a package
locally given a source debdiff, or slightly better, given a
On Sun, 2021-01-24 at 12:25 +0100, Sebastian Andrzej Siewior wrote:
> On 2021-01-22 16:38:28 [+], Adam D. Barratt wrote:
> > Both would be good, please.
>
> Here is the complete diff against the last openssl release in Buster.
Thanks.
I realise that this has been dragging on for quite some
On 2021-01-22 16:38:28 [+], Adam D. Barratt wrote:
> Assuming that a patched m2crypto will also build fine against openssl
> 1.1.1d, then there's no reason that the two shouldn't proceed in
> parallel (i.e. feel free to file the m2crypto request already).
Yes, it does. Bug filled. Thank you.
On 2021-01-22 16:38:28 [+], Adam D. Barratt wrote:
> Both would be good, please.
here is the with the two additional patches.
Sebastian
diff --git a/debian/changelog b/debian/changelog
index 088c914a3dd4a..56a950734f01d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,8 +4,9 @@
On Thu, 2021-01-21 at 21:06 +0100, Sebastian Andrzej Siewior wrote:
> On 2021-01-16 19:14:53 [+0100], Kurt Roeckx wrote:
> > So I went over the open issues and pull requests, and currently
> > don't see a reason not to upload it to unstable with those 2
> > patches. I don't know about any other
On 2021-01-16 19:14:53 [+0100], Kurt Roeckx wrote:
> So I went over the open issues and pull requests, and currently
> don't see a reason not to upload it to unstable with those 2
> patches. I don't know about any other regressions in 1.1.1.
The openssl package migrated to testing.
I would
On Thu, Jan 14, 2021 at 09:13:49PM +0100, Sebastian Andrzej Siewior wrote:
> On 2021-01-14 19:03:37 [+0100], Kurt Roeckx wrote:
> > > Do you have pointers to upstream issues?
> >
> > There are a whole bunch of other issues and pull requests related to
> > this. I hope this is the end of the
On 2021-01-14 19:03:37 [+0100], Kurt Roeckx wrote:
> > Do you have pointers to upstream issues?
>
> There are a whole bunch of other issues and pull requests related to
> this. I hope this is the end of the regressions in the X509 code.
Okay. Please ping once this gets sorted out and I will
On Thu, Jan 14, 2021 at 05:43:00PM +, Adam D. Barratt wrote:
> Hi,
>
> On Fri, 2021-01-08 at 23:59 +0100, Kurt Roeckx wrote:
> > On Fri, Jan 08, 2021 at 11:39:13PM +0100, Sebastian Andrzej Siewior
> > wrote:
> [...]
> > > The i release in unstable managed to migrate to testing. It was
> > >
Hi,
On Fri, 2021-01-08 at 23:59 +0100, Kurt Roeckx wrote:
> On Fri, Jan 08, 2021 at 11:39:13PM +0100, Sebastian Andrzej Siewior
> wrote:
[...]
> > The i release in unstable managed to migrate to testing. It was
> > blocked due to ci by m2crypto and swi-prolog. The swi-prolog issue
> > got fixed
On Fri, Jan 08, 2021 at 11:39:13PM +0100, Sebastian Andrzej Siewior wrote:
> On 2020-11-24 20:18:15 [+], Adam D. Barratt wrote:
>
> > At some point, could we please have a combined / single diff between
> > the current 1.1.1d-0+deb10u3 and the proposed 1.1.1h-0+deb10u1 (I
> > assume)?
>
>
On 2020-11-24 20:18:15 [+], Adam D. Barratt wrote:
> That would be preferable at this point, yes, sorry. We should try and
> make sure it's sorted soon afterwards though, to avoid things getting
> stuck again.
I will set up an alarm on my side :)
> At some point, could we please have a
On Fri, 2020-11-20 at 21:04 +0100, Sebastian Andrzej Siewior wrote:
> On 2020-11-20 17:24:30 [+], Adam D. Barratt wrote:
> > Predictably we're again quite close to a point release. :-( (One
> > week from freeze, specifically.)
>
> oh.
In fairness, given an approximately two month cycle,
On 2020-11-20 17:24:30 [+], Adam D. Barratt wrote:
> Predictably we're again quite close to a point release. :-( (One week
> from freeze, specifically.)
oh.
> Looking at the upstream issues regarding certificate validation changes
> between 1.1.1e and f/g, #11456 appears to have been
On Sun, 2020-11-15 at 11:29 +0100, Sebastian Andrzej Siewior wrote:
> control: retitle -1 buster-pu: package openssl/1.1.1h-1
>
> On 2020-05-02 22:34:40 [+0100], Adam D. Barratt wrote:
> > > > Do we have any feeling for how widespread such certificates
> > > > might be?
> > > > The fact that
On 2020-11-15 20:59:18 [+0100], Paul Gevers wrote:
> Hi Sebastian,
Hi Paul,
> I don't fully understand what you say here. We *do* run autopkgtests in
> stable to check for issues.
Yes, but the package does not use it in stable.
Sebastian
Hi Sebastian,
On 15-11-2020 11:29, Sebastian Andrzej Siewior wrote:
> The same error is also present in the stable version of swi-prolog.
> However, this is not the only failure in the test suite (it also
> complains about too small keys) and there is no debci for stable which
> would cause a
Processing control commands:
> retitle -1 buster-pu: package openssl/1.1.1h-1
Bug #959469 [release.debian.org] buster-pu: package openssl/1.1.1g-1
Changed Bug title to 'buster-pu: package openssl/1.1.1h-1' from 'buster-pu:
package openssl/1.1.1g-1'.
--
959469:
control: retitle -1 buster-pu: package openssl/1.1.1h-1
On 2020-05-02 22:34:40 [+0100], Adam D. Barratt wrote:
> > > Do we have any feeling for how widespread such certificates might
> > > be?
> > > The fact that there have been two different upstream reports isn't
> > > particularly comforting.
On Sat, 2020-05-02 at 22:29 +0200, Sebastian Andrzej Siewior wrote:
> On 2020-05-02 20:32:01 [+0100], Adam D. Barratt wrote:
> > On Sat, 2020-05-02 at 18:36 +0200, Sebastian Andrzej Siewior wrote:
> > > I'm fairly late, I know.
> >
> > Just a little. :-( Particularly as OpenSSL builds udebs.
> >
On 2020-05-02 20:32:01 [+0100], Adam D. Barratt wrote:
> On Sat, 2020-05-02 at 18:36 +0200, Sebastian Andrzej Siewior wrote:
> > I'm fairly late, I know.
>
> Just a little. :-( Particularly as OpenSSL builds udebs.
>
> CCing KiBi and -boot so they're aware of the discussion, but this does
> come
On Sat, 2020-05-02 at 18:36 +0200, Sebastian Andrzej Siewior wrote:
> I'm fairly late, I know.
Just a little. :-( Particularly as OpenSSL builds udebs.
CCing KiBi and -boot so they're aware of the discussion, but this does
come quite late.
> The last update was addressed via DSA providing only
On 2020-05-02 18:36:42 [+0200], To sub...@bugs.debian.org wrote:
> Package: release.debian.org
> User: release.debian@packages.debian.org
> Usertags: pu
> Tags: buster
> Severity: normal
>
> I'm fairly late, I know.
> The last update was addressed via DSA providing only a patch for the CVE
>
31 matches
Mail list logo