[Touch-packages] [Bug 1858971] [NEW] SECLEVEL=2 & tls1.2-min by default are causing ftbfs / autopkgtest failures

Wed, 08 Jan 2020 19:31:00 -0800 

Public bug reported:

SECLEVEL=2 by default is causing ftbfs / autopkgtest failure

openssl switched to SECLEVEL=2 by default

Causes:

SSL_CTX_use_certificate: ca md too weak in ruby2.5 ruby-openssl

openssl uses tls1.2-min:

test_ssl failing in python2.7
ERROR: test_protocol_sslv23 (test.test_ssl.ThreadedTests)
Connecting to an SSLv23 server with various client options
ERROR: test_protocol_tlsv1_1 (test.test_ssl.ThreadedTests)
Connecting to a TLSv1.1 server with various client options.

** Affects: openssh (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: openssl (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: python2.7 (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: ruby-openssl (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: ruby2.5 (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: tls1.2-min update-excuse

** Also affects: ruby2.5 (Ubuntu)
   Importance: Undecided
       Status: New

** Tags added: update-excuse

** Also affects: ruby-openssl (Ubuntu)
   Importance: Undecided
       Status: New

** Description changed:

  SECLEVEL=2 by default is causing ftbfs / autopkgtest failure
  
  openssl switched to SECLEVEL=2 by default
  
  Causes:
  
  SSL_CTX_use_certificate: ca md too weak in ruby2.5 ruby-openssl
+ 
+ openssl uses tls1.2-min:
+ 
+ test_ssl failing in python2.7
+ ERROR: test_protocol_sslv23 (test.test_ssl.ThreadedTests)
+ Connecting to an SSLv23 server with various client options
+ ERROR: test_protocol_tlsv1_1 (test.test_ssl.ThreadedTests)
+ Connecting to a TLSv1.1 server with various client options.

** Tags added: tls1.2-min

** Also affects: python2.7 (Ubuntu)
   Importance: Undecided
       Status: New

** Summary changed:

- SECLEVEL=2 by default is causing ftbfs / autopkgtest failure
+ SECLEVEL=2 & tls1.2-min by default are causing ftbfs / autopkgtest failures

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1858971

Title:
  SECLEVEL=2 & tls1.2-min by default are causing ftbfs / autopkgtest
  failures

Status in openssh package in Ubuntu:
  New
Status in openssl package in Ubuntu:
  New
Status in python2.7 package in Ubuntu:
  New
Status in ruby-openssl package in Ubuntu:
  New
Status in ruby2.5 package in Ubuntu:
  New

Bug description:
  SECLEVEL=2 by default is causing ftbfs / autopkgtest failure

  openssl switched to SECLEVEL=2 by default

  Causes:

  SSL_CTX_use_certificate: ca md too weak in ruby2.5 ruby-openssl

  openssl uses tls1.2-min:

  test_ssl failing in python2.7
  ERROR: test_protocol_sslv23 (test.test_ssl.ThreadedTests)
  Connecting to an SSLv23 server with various client options
  ERROR: test_protocol_tlsv1_1 (test.test_ssl.ThreadedTests)
  Connecting to a TLSv1.1 server with various client options.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1858971/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to