On 2020-05-02 20:32:01 [+0100], Adam D. Barratt wrote: > On Sat, 2020-05-02 at 18:36 +0200, Sebastian Andrzej Siewior wrote: > > I'm fairly late, I know. > > Just a little. :-( Particularly as OpenSSL builds udebs. > > CCing KiBi and -boot so they're aware of the discussion, but this does > come quite late.
Yes, I know. I'm won't cry if this skips this pu, I just couldn't get earlier to it. > Do we have any feeling for how widespread such certificates might be? > The fact that there have been two different upstream reports isn't > particularly comforting. This is correct. I don't know if there is tooling that is generating broken certificates or just some individuals. I updated my two OpenVPN instances and I saw clients connecting again. > Regards, > > Adam Sebastian
