openssl/libssl1 in Debian now blocks offlineimap?
law_ence.dev at ntlworld.com
Thu Aug 31 14:37:56 BST 2017
On Fri, Aug 18, 2017 at 05:16:02PM +0200, Wouter Verhelst wrote:
> On Tue, Aug 15, 2017 at 05:04:50PM +0200, Kurt Roeckx wrote:
> So ship a version of OpenSSL that ships with TLS1.0 and TLS1.1 (aka
> TLS1.old) disabled, but *allow people to re-enable it* if things break
> (without requiring them to compile their own version). By shipping a
> version of OpenSSL that has TLS1.old not even compiled in, you're not
> doing that.
It seems that Kurte has done this: I just discovered a new version in
unstable. He has provided procedures to permit TLS1.0/1. But the Debian
offlineimap package in unstable has not been modified to support them,
so it is still failing. I have submitted a bug report (against the
Debian package). The obvious stategy would be to add configuration
options to .offlineimaprc. Maybe that is something that might be
supported upstream? Nicolas?
More information about the OfflineIMAP-project