ACK on the two PR9780* patches, but I must say I'm a bit uncomfortable making a bug fix optional (which is what is done in the lp1940141* patches).
While it does change what is returned to the client, that part shouldn't be there in the first place. While it's nice to be overly cautious, we don't typically make bug fixes optional unless there is an unwanted behaviour change, and I don't think that is applicable here. This was fixed in all later releases without causing regressions that I know of, and having it by default will fix more users than having it be optional. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1940141 Title: OpenSSL servers can send a non-empty status_request in a CertificateRequest To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1940141/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
