Package: openssl Version: 0.9.8o-4squeeze13 Severity: normal
My exim4 server is configured to relay messages to FastMail as a smarthost (using mail.messagingengine.com::587). The day the openssl security update 0.9.8o-4squeeze13 was installed, exim4 started failing to relay, logging: TLS error on connection to mail.messagingengine.com [66.111.4.52] (gnutls_handshake): The Diffie-Hellman prime sent by the server is not acceptable (not long enough). It seems like some sort of default minimum acceptable key size must have changed, or else FastMail changed something at the same time. I can't find any setting in exim4 to change this. -- System Information: Debian Release: 6.0.5 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages openssl depends on: ii libc6 2.11.3-3 Embedded GNU C Library: Shared lib ii libssl0.9.8 0.9.8o-4squeeze13 SSL shared libraries ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime openssl recommends no packages. Versions of packages openssl suggests: ii ca-certificates 20090814+nmu3squeeze1 Common CA certificates -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
