<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto">The one package particularly hit by this is PHP.<br><br>The <span style="font-size: 16px; text-rendering: optimizeLegibility; color: rgb(51, 102, 153); font-family: "Fira Mono", "Source Code Pro", monospace; letter-spacing: -1px; word-spacing: -2px; -webkit-text-size-adjust: 100%;">openssl_get_cipher_methods() </span>function does list the hmac variants with 1.1.1c, but it doesn’t with 1.1.1d, so there’s definitely a regression somewhere.<div><br>O.<br><div dir="ltr">--<div>Ondřej Surý <ondrej@sury.org></div></div><div dir="ltr"><br><blockquote type="cite">On 8 Oct 2019, at 22:12, Sebastian Andrzej Siewior <sebastian@breakpoint.cc> wrote:<br><br></blockquote></div><blockquote type="cite"><div dir="ltr"><span>On 2019-10-08 17:35:22 [+0200], Greg wrote:</span><br><blockquote type="cite"><span>Package: libssl1.1</span><br></blockquote><blockquote type="cite"><span>Version: 1.1.1c-1+0~20190710.13+debian10~1.gbp359e02</span><br></blockquote><blockquote type="cite"><span>Severity: normal</span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>Dear Maintainer,</span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>   * What led up to the situation?</span><br></blockquote><blockquote type="cite"><span>   Upgraded package libssl1.1 from 1.1.1c to 1.1.1d</span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>   * What exactly did you do (or not do) that was effective (or</span><br></blockquote><blockquote type="cite"><span>     ineffective)?</span><br></blockquote><blockquote type="cite"><span>   Downgraded to 1.1.1c</span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>   * What was the outcome of this action?</span><br></blockquote><blockquote type="cite"><span>   4 more ciphers were back</span><br></blockquote><span></span><br><span>I am completely lost here. Why is there such a strange version string?</span><br><span>More importantly *how* do you determine whether or not AES-*-CBC-HMAC-*</span><br><span>is available?</span><br><span></span><br><span>Sebastian</span><br><span></span><br></div></blockquote></div></body></html>