Hello, we've noticed the same problem and i can add some information.
The issue happens when connecting with curl using the lucid version of libssl0.9.8 (version: 0.9.8k-7ubuntu8.14) connecting to i.e. a precise server using libssl1.0.0 (version: 1.0.1-4ubuntu5.8). Just a few days ago some posted a patch upstream to the libssl-dev mailaing list [1]. However there's not reply there yet. I just finished tested this patch by applying it on top of the lucid version and doing that i can successfully connect to the precise system using https again. So functionally that fixes the problem for me. As the patch has not been reviewed yet we only compiled a patched libssl and are using it only for the failing curl invocation to avoid system- wide side-effects. In case it is useful for anyone: apt-get build-dep libssl0.9.8 cd openssl-0.9.8 patch -p1 < 0001-Fix-handling-of-warning-level-alerts-in-SSL23-client.patch debuild -us -uc -b can be used to provided a patched libssl0.9.8. Note: patch applies fine with some fuzz ignoring refects for the CHANGES file. I would be very happy to see a pathced libssl packages for lucid when possible to be able to remove the locally patched version again. [1] http://marc.info/?l=openssl-dev&m=136760073921954&w=2 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1144408 Title: libssl upgrade causes failure from old clients To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1144408/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
