This issue also affects rsyslog. I hit this when I upgraded a bunch of
servers, including an rsyslog server from wheezy to jessie.
There are still a few wheezy servers that have yet to be upgraded, but
now they are unable to send their logs to the jessie rsyslog server
due to what appears to be th
Hi, it is fine if gnutls26 is obsolete and was removed from the unstable
repository, but we are talking about issues with Exim in Stable/Wheezy...
you shouldn't just close this bug unless you update Wheezy to gnutls
IMHO... :-(
Or exim & others in stable should be recompiled with openssl... which
On 23/10/2014 04:46, Desai, Jason wrote:
I ran into this bug too - not fun. I was not able to find a work around until
I started investigating how to disable SSLv3 to protect against POODLE. Since
it seems that the issue is with TLS 1.2 and SHA512, I think you can disable the
TLS 1.2 protoco
I ran into this bug too - not fun. I was not able to find a work around until
I started investigating how to disable SSLv3 to protect against POODLE. Since
it seems that the issue is with TLS 1.2 and SHA512, I think you can disable the
TLS 1.2 protocol altogether as a work around until this ge
> Ivan Shmakov writes:
> I’ve built the patched gnutls26 (now as of 2.12.20-8+deb7u2) package
> with pbuilder and briefly tested Exim (as of 4.80-7) with the
> resulting libgnutls26, and seen no issues so far.
> The resulting packages, both source (signed) and binary (along with
> signe
I’ve built the patched gnutls26 (now as of 2.12.20-8+deb7u2)
package with pbuilder and briefly tested Exim (as of 4.80-7)
with the resulting libgnutls26, and seen no issues so far.
The resulting packages, both source (signed) and binary (along
with signed .c
Hi,
As workaround, you can use stunnel.
It do the job on my servers.
Waiting for a real issue too.
Stéphane
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Hi,
this is getting a real issue for us now. We need new gnutls versions for Wheezy
and at least Squeeze - We still have a lot of internal infrastructure running
on Debian/Squeeze and we are facing certificate expiration issues now.
Our internal LDAP infrastructure is giving us a lot of headache
Hi,
I have applied the diff on 2.12.23-16 version (provided by Ivan) and it
works for me (I use libgnutls26 with slapd).
No issue appear for this moment
--
Linux une histoire de VI ou de more
GPG id 0x92B8416C | http://verry.org/92B8416C
signature.asc
Description: OpenPGP digital signature
Heho,
I'd like to push this issue again. My point may not have come across in
my previous post.
With the heartbleed stuff many people currently re-issue. In the same
process some CA's now decided to bump their settings to max, i.e. impose
sha512 on their users.
The bug in place basically means no
Hallo,
I agree with Tobias, this is a major problem.
Best regards,
Roland Tapken
signature.asc
Description: This is a digitally signed message part.
Heho,
the severity of this should be bumped. With hearbleed around the corner
many people are forced to re-issue now.
With the bug in place this meant that the whole auth-infrastructure in
my setup (around openldap) remains broken. A fix should be pushed as a
security update for libgnutls2.6.
Wi
Control: tags 737921 + patch
> Jan Nordholz writes:
> Hi Daniel,
[…]
>> Have you tested this against libgnutls28? GnuTLS 3.2.10-2 is the
>> latest version in jessie and sid, and 3.2.8.1-2~bpo70+1 is in
>> wheezy-backports. I believe you'll find it resolved in this
>> version.
>
On 2014-02-07 Jan Nordholz wrote:
[...]
>> Have you tested this against libgnutls28? GnuTLS 3.2.10-2 is the latest
>> version in jessie and sid, and 3.2.8.1-2~bpo70+1 is in wheezy-backports.
>> I believe you'll find it resolved in this version.
> well, I tested against gnutls-serv, which indee
Hi Daniel,
> I agree this is a bad error message for the situation where the digest
> isn't supported.
>
> Have you tested this against libgnutls28? GnuTLS 3.2.10-2 is the latest
> version in jessie and sid, and 3.2.8.1-2~bpo70+1 is in wheezy-backports.
> I believe you'll find it resolved in th
Hi Jan--
On 02/06/2014 06:14 PM, Jan Nordholz wrote:
> Package: gnutls26
> Version: 2.12.23-10
[...]
> Better not be an early adopter and create certificates with SHA512...
> downgraded the certificate's hash algorithm, and it works flawlessly again.
>
> This error message "Insufficient credenti
Package: gnutls26
Version: 2.12.23-10
Severity: minor
Dear GnuTLS maintainers,
I've just spent several hours debugging a problem which I think should be
stated somewhere. (Severity minor as it's a documentation issue.)
After replacing some expired certificates, I wondered why satellite exim4
ins
17 matches
Mail list logo
