** Changed in: openssl
Status: Unknown => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1051892
Title:
[Quantal] Regression in TLS 1.2 workarounds
To manage notifications about
** Branch linked: lp:ubuntu/openssl
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1051892
Title:
[Quantal] Regression in TLS 1.2 workarounds
To manage notifications about this bug go to:
Alright, based on the above, I'll pull openssl back out of the rejected
queue, but I'd certainly like to see this revisited. Agreed that making
it work like precise is good enough for now, though.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed
This bug was fixed in the package openssl - 1.0.1c-3ubuntu2
---
openssl (1.0.1c-3ubuntu2) quantal; urgency=low
[ Tyler Hicks tyhi...@canonical.com ]
* debian/patches/tls12_workarounds.patch: Readd the change to check
TLS1_get_client_version rather than TLS1_get_version to fix
Rejecting for now, based on the diff, until someone explains to me why
the upstream commit adds the same code block to two files (s3_clnt.c and
s23_clnt.c), but the Ubuntu patch only swaps the get_version call to
get_client_version in one of them (s23_clnt.c). This feels wrong to me,
but maybe
On 2012-10-06 02:27:45, Adam Conrad wrote:
Rejecting for now, based on the diff, until someone explains to me why
the upstream commit adds the same code block to two files (s3_clnt.c and
s23_clnt.c), but the Ubuntu patch only swaps the get_version call to
get_client_version in one of them
To put a different way... I'm just attempting to fix the regression from
Precise to Quantal. That simple change is what fixes it and gets OpenSSL
working the same as it is in Precise. If I had more time before release,
then I'd probably propose quite a few other changes to the TLS 1.2
workarounds
debdiff looks good, will upload if it builds
** Tags added: quantal regression-release
** Also affects: openssl (Ubuntu Quantal)
Importance: High
Status: Triaged
** Changed in: openssl (Ubuntu Quantal)
Status: Triaged = In Progress
** Changed in: openssl (Ubuntu Quantal)
Uploaded, waiting in queue for acceptance
** Changed in: openssl (Ubuntu Quantal)
Status: In Progress = Fix Committed
** Changed in: openssl (Ubuntu Quantal)
Assignee: Micah Gersten (micahg) = (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Affects me too, and this breaks connections to twitter's user stream
over SSL, so that's a pretty major service that would be affected if
this isn't fixed before release.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Since the upstream bug hasn't received any attention and it is late in
our release cycle, I decided to just keep it simple and carry over the
simple change that we carry in Precise for ssl23_client_hello().
I still think that we have a strange combination of build options with
The www.mediafire.com:443 is expected. See here :
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/965371/comments/22
The www.evernote.com:443 failure may have been a bad test.
evernote.com:443 (note the lack of 'www.') passes in all three test
environments so I'm not going to look into
** Bug watch added: OpenSSL RT #2881
http://rt.openssl.org/Ticket/Display.html?id=2881
** Also affects: openssl via
http://rt.openssl.org/Ticket/Display.html?id=2881
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a member of Ubuntu
Any news on the upstream. This is affecting me as well and the release
date for 12.10 looms closer.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1051892
Title:
[Quantal] Regression in TLS 1.2
On 2012-10-03 17:10:36, Jessie Morris wrote:
Any news on the upstream. This is affecting me as well and the release
date for 12.10 looms closer.
I've linked this bug to the upstream bug. It has received no attention
upstream. I'm going to propose a debdiff soon to fix this in Ubuntu.
--
You
** Tags added: rls-q-incoming
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1051892
Title:
[Quantal] Regression in TLS 1.2 workarounds
To manage notifications about this bug go to:
** Description changed:
openssl 1.0.1c-3ubuntu1 dropped almost all of
debian/patches/tls12_workarounds.patch because the upstream 1.0.1c
release contained the changes.
However, the dropped pieces of tls12_workarounds.patch had a subtle
difference from upstream. In the Ubuntu patch,
I've submitted a bug, with patch, to OpenSSL's request tracker. I'll
update this bug with a link when it makes its way through their
moderation queue.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
I haven't attached a debdiff because it still isn't clear to me if
calling TLS1_get_client_version() is the correct thing to do here. We
probably need to open an upstream bug and get their opinion. I am
willing to do that tomorrow.
** Changed in: openssl (Ubuntu)
Assignee: (unassigned) =
19 matches
Mail list logo