Source: debian-installer
Version: 20171204
Severity: normal
Tags: sid buster
User: pkg-openssl-de...@lists.alioth.debian.org
Usertags: c_rehash
This package is using the c_rehash command which is part of the
openssl package. The c_rehash script is considered by upstream as a
fallback script and wi
control: retitle -1 buster-pu: package openssl/1.1.1h-1
On 2020-05-02 22:34:40 [+0100], Adam D. Barratt wrote:
> > > Do we have any feeling for how widespread such certificates might
> > > be?
> > > The fact that there have been two different upstream reports isn't
> > > particularly comforting.
>
On 2020-11-20 17:24:30 [+], Adam D. Barratt wrote:
> Predictably we're again quite close to a point release. :-( (One week
> from freeze, specifically.)
oh.
> Looking at the upstream issues regarding certificate validation changes
> between 1.1.1e and f/g, #11456 appears to have been addresse
On 2020-11-24 20:18:15 [+], Adam D. Barratt wrote:
> That would be preferable at this point, yes, sorry. We should try and
> make sure it's sorted soon afterwards though, to avoid things getting
> stuck again.
I will set up an alarm on my side :)
> At some point, could we please have a combin
On 2021-01-14 19:03:37 [+0100], Kurt Roeckx wrote:
> > Do you have pointers to upstream issues?
>
> There are a whole bunch of other issues and pull requests related to
> this. I hope this is the end of the regressions in the X509 code.
Okay. Please ping once this gets sorted out and I will prepe
On 2021-01-16 19:14:53 [+0100], Kurt Roeckx wrote:
> So I went over the open issues and pull requests, and currently
> don't see a reason not to upload it to unstable with those 2
> patches. I don't know about any other regressions in 1.1.1.
The openssl package migrated to testing.
I would prepare
4,9 @@ openssl (1.1.1i-0+deb10u1) buster; urgency=medium
- CVE-2019-1551 (Overflow in the x64_64 Montgomery squaring procedure),
(Closes: #947949).
* Update symbol list.
+ * Apply two patches from upstream to address x509 related regressions.
- -- Sebastian Andrzej Siewior Wed, 06 Jan 2
On 2021-01-22 16:38:28 [+], Adam D. Barratt wrote:
> Assuming that a patched m2crypto will also build fine against openssl
> 1.1.1d, then there's no reason that the two shouldn't proceed in
> parallel (i.e. feel free to file the m2crypto request already).
Yes, it does. Bug filled. Thank you.
On 2021-01-25 19:57:18 [+0100], Cyril Brulebois wrote:
> Not really *much* easier, to be honest. I can definitely build a package
> locally given a source debdiff, or slightly better, given a source
> package I can run dget against (since we're talking about new upstream
> releases, by the looks of
On 2021-01-28 00:28:03 [+0100], Kurt Roeckx wrote:
> On Thu, Jan 14, 2021 at 07:03:37PM +0100, Kurt Roeckx wrote:
> > There are a whole bunch of other issues and pull requests related to
> > this. I hope this is the end of the regressions in the X509 code.
>
> So there is something else now:
> htt
enssl (1.1.1i-0+deb10u1) buster; urgency=medium
(Closes: #947949).
* Update symbol list.
* Apply two patches from upstream to address x509 related regressions.
+ * Cherry-pick a patch from upstream to address #13931.
- -- Sebastian Andrzej Siewior Sun, 24 Jan 2021 11:22:16 +0100
+ --
On 2021-02-01 23:50:03 [+0100], To Kurt Roeckx wrote:
> in case someone wants to test.
> I think the ship for this pu is sailing without me but I'm ready for the
> next cruise :)
OpenSSL upstream announced [0] 1.1.1j for next Tuesday with a security
fix classified as MODERATE [1].
[0] https://mta
On 2021-02-24 23:23:07 [+0100], To Kurt Roeckx wrote:
> On 2021-02-10 21:52:46 [+0100], To Kurt Roeckx wrote:
> > OpenSSL upstream announced [0] 1.1.1j for next Tuesday with a security
> > fix classified as MODERATE [1].
So this happened. OpenSSL upstream announced [0] 1.1.1k for next
Thursday (25
Resending because I managed to accidently clear TO:
On 2021-03-22 19:48:31 [+0100], Cc 959...@bugs.debian.org wrote:
> On 2021-02-24 23:23:07 [+0100], To Kurt Roeckx wrote:
> > On 2021-02-10 21:52:46 [+0100], To Kurt Roeckx wrote:
> > > OpenSSL upstream announced [0] 1.1.1j for next Tuesday with a
G_X509_STRICT)) {
ctx->error = X509_V_ERR_INVALID_EXTENSION;
diff --git a/debian/changelog b/debian/changelog
index 45bfdb99fe8d9..9d1b9d6590ab9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,9 +1,16 @@
-openssl (1.1.1j-0+deb10u1) buster; urgency=medium
+openssl (1.1.1k-0
On 2023-10-02 13:41:17 [+0200], Cyril Brulebois wrote:
> Adam D. Barratt (2023-10-02):
> > Unfortunately, the version format change from -0+deb11uX to -0~deb11uX
> > has broken the installer.
> >
> > The udebs end up with dependencies of the form ">= 1.1.1w", which
> > 1.1.1w-0~deb11u1 doesn't fu
On 2020-05-02 20:32:01 [+0100], Adam D. Barratt wrote:
> On Sat, 2020-05-02 at 18:36 +0200, Sebastian Andrzej Siewior wrote:
> > I'm fairly late, I know.
>
> Just a little. :-( Particularly as OpenSSL builds udebs.
>
> CCing KiBi and -boot so they're aware of the d
On 2022-02-19 17:04:16 [+], Adam D. Barratt wrote:
> Control: tags -1 + confirmed d-i
…
> Thanks. Assuming the above is still accurate, then this looks good to
> me.
>
> As the package builds a udeb, it will need a d-i ack; tagging and CCing
> accordingly.
I'm confused. May I upload or do I w
On 2022-02-19 17:57:25 [+], Adam D. Barratt wrote:
>
> Feel free to upload; we'll wait for the d-i ack before accepting the
> package into p-u.
Okay. The Bullseye package has been uploaded.
> Regards,
>
> Adam
Sebastian
On 2022-02-19 17:57:25 [+], Adam D. Barratt wrote:
> Feel free to upload; we'll wait for the d-i ack before accepting the
> package into p-u.
There will be the release of 1.1.1n on Tuesday 15th March 2022 including
a security fix. Therefore I will:
- prepare a security release against 1.1.1k-1
On 2022-03-18 09:21:50 [+], Adam D. Barratt wrote:
> Apologies if the status here got confused - based on the above, I was
> assuming that in the absence of a negative response you would proceed
> with the 1.1.1n-0+deb11u1 plan. For complete clarity, please feel free
> to do so, bearing in mind
On 2022-03-18 14:51:32 [+], Adam D. Barratt wrote:
> Boo. Hope you're doing better.
Thanks, yes.
> > I would also do the upload for Buster, would that work? I remember
> > that
> > the packages, that broken, were already uploaded a few cycles ago.
>
> Also as 1.1.1n?
Yes.
> I assume there
On 2017-02-13 18:01:34 [+0100], Emilio Pozuelo Monfort wrote:
> On 04/02/17 15:20, Sebastian Andrzej Siewior wrote:
> > Package: release.debian.org
> > User: release.debian@packages.debian.org
> > Usertags: unblock
> > Severity: normal
> >
> > Please
On 2016-06-24 10:35:43 [+0200], Yann Soubeyrand wrote:
> Le jeudi 23 juin 2016 à 23:13 +0200, jcris...@debian.org a écrit :
> > That doesn't sound suitable for a stable update, sorry.
> OK, I understand.
Closing with no change then.
Sebastian
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Package: cdebconf-entropy
Severity: serious
Version: 0.19
Tags: d-i
Your package FTBFS on all architectures[0]. Here is a snippet from i386[1]:
|dh build
| dh_testdir
| debian/rules override_dh_auto_configure
|make[1]: Entering directory
`/build/
Package: src:cdebconf-terminal
Version: 0.12
Tags: d-i
Severity: serious
Your package FTBFS on almost all architectures (it built fine on
hppa)[0]. Here is a snippet from alpha[1].
|[ -e configure ] || ./autogen.sh
|autoreconf: Entering directory `.'
|autoreconf: configure.ac: not using Gettext
|
26 matches
Mail list logo
