This bug was fixed in the package openssl - 1.1.1-1ubuntu2.2
---
openssl (1.1.1-1ubuntu2.2) cosmic; urgency=medium
* debian/rules: Ship openssl.cnf in libssl1.1-udeb, as required to use
OpenSSL by other udebs, e.g. wget-udeb. LP: #1822898
* Drop
Thanks for the verification! The SRU has some reported autopkgtest
regressions - could you take a look at those?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1822984
Title:
revert tls security
generated new weak key, cert and try to use it with current cosmic's
openssl and succeed:
# openssl genrsa -des3 -out myCA.key 600
# openssl req -x509 -new -nodes -key myCA.key -sha256 -days 1825 -out myCA.pem
# openssl s_server -cert myCA.pem -key myCA.key -WWW
# wget --ca-certificate myCA.pem
Hello Dimitri, or anyone else affected,
Accepted openssl into cosmic-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/openssl/1.1.1-1ubuntu2.2 in a few
hours, and then in the -proposed repository.
Please help us by testing this new package. See
This bug was fixed in the package openssl - 1.1.1b-1ubuntu2
---
openssl (1.1.1b-1ubuntu2) disco; urgency=medium
* debian/rules: Ship openssl.cnf in libssl1.1-udeb, as required to use
OpenSSL by other udebs, e.g. wget-udeb. LP: #1822898
* Drop
** Changed in: openssl (Ubuntu Cosmic)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1822984
Title:
revert tls security level back to 1
To manage notifications
But equally, I would not want to keep cosmic more insecure than what
bionic and disco will be. And currently, cosmic is a release regression
w.r.t. bionic GA. Upgrading to newer releases, should not result in
looser acceptance of insecure protocols.
** Description changed:
[Impact]
*
The patch was added by Dimitri in cosmic to restore compatibility with
older and less secure TLS implementations using weak keys. However,
bionic shipped without compatibility with those less secure keys, and we
are unaware of any complaints about this change in bionic. This distro
patch to
looks like someone else accepted with this question still pending...
still would appreciate an answer
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1822984
Title:
revert tls security level back to
that regression potential doesn't really describe what might regress...
I think it could be improved.
since you asked me to review, can you give a bit more context for the
change please? why did we have the patch before and why can it be
removed now?
--
You received this bug notification
** Changed in: openssl (Ubuntu Disco)
Status: New => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1822984
Title:
revert tls security level back to 1
To manage notifications
11 matches
Mail list logo
