openssl/libssl1 in Debian now blocks offlineimap?
Ilias Tsitsimpis
iliastsi at debian.org
Thu Aug 31 19:49:52 BST 2017
Hi ael, Nicolas,
On Thu, Aug 31, 2017 at 06:01PM, Nicolas Sebrecht wrote:
> On Thu, Aug 31, 2017 at 02:37:56PM +0100, ael wrote:
> [...]
> > It seems that Kurte has done this: I just discovered a new version in
> > unstable. He has provided procedures to permit TLS1.0/1. But the Debian
> > offlineimap package in unstable has not been modified to support them,
> > so it is still failing. I have submitted a bug report (against the
> > Debian package). The obvious stategy would be to add configuration
> > Debian package). The obvious stategy would be to add configuration
> > options to .offlineimaprc. Maybe that is something that might be
> > supported upstream? Nicolas?
>
> May I have pointers to the changes you've seen? I need to have a look at
> how this was done.
>
> If we need to update offlineimap, I'm in favour to support this.
> However, it is all Debian specific so this might better be done in
> Debian. I don't know, I need to see more. Also, I'm not sure imaplib2
> would need to be updated, too.
I have replied in the bug report:
https://bugs.debian.org/873824
In a nutshell, offlineimap already supports the `ssl_version`
configuration parameter, and setting it to an appropriate value (i.e.,
tls1_1) should do the trick. I couldn't test this though, so I am
waiting for ael to comment here.
--
Ilias
More information about the OfflineIMAP-project
mailing list