On Sat, 2020-05-02 at 22:29 +0200, Sebastian Andrzej Siewior wrote: > On 2020-05-02 20:32:01 [+0100], Adam D. Barratt wrote: > > On Sat, 2020-05-02 at 18:36 +0200, Sebastian Andrzej Siewior wrote: > > > I'm fairly late, I know. > > > > Just a little. :-( Particularly as OpenSSL builds udebs. > > > > CCing KiBi and -boot so they're aware of the discussion, but this > > does > > come quite late. > > Yes, I know. I'm won't cry if this skips this pu, I just couldn't get > earlier to it.
OK. To be honest, at this stage I would be happier looking at this for 10.5 than 10.4. > > Do we have any feeling for how widespread such certificates might > > be? > > The fact that there have been two different upstream reports isn't > > particularly comforting. > > This is correct. I don't know if there is tooling that is generating > broken certificates or just some individuals. I updated my two > OpenVPN instances and I saw clients connecting again. Thanks for the information. Regards, Adam
