** Description changed: [Impact] Upstream NGINX notified me that for proper TLS1.3 controls in NGINX it needs rebuilt against OpenSSL 1.1.1 that is how in Bionic. [Test Case] - N/A + PREREQUISITES: + (1) Install `curl` and `ssl-cert` if not already installed. + (2) Replace the contents of /etc/nginx/sites-available/default with the contents of the attached `test-config-ssl.conf` file attached on this bug. + + (3) Install the current NGINX version. + (4) [Regression Potential] Moderate but all would be due to OpenSSL versions which we can’t revert to. This is a no-change rebuild, any regressions in this would be directly due to OpenSSL. - [Other Info] This is based on info obtained from https://trac.nginx.org/nginx/ticket/1654 + + Upstream has indicated that a rebuild against 1.1.1 shouldn't introduce + any other 'oddness' that isn't already a problem due to the OpenSSL SRU + independently of the NGINX rebuild. TLS1.2 and such should still + function as intended, TLS1.3 will be disabled by default.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1836366 Title: [SRU] No Changes Rebuild in Bionic for OpenSSL compat reasons To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1836366/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
