[Pkg-openssl-devel] Bug#774882: openssl: fail to verify some sites when 1024bit root CAs removed
Sebastian Andrzej Siewior
sebastian at breakpoint.cc
Thu Apr 21 21:59:26 UTC 2016
On 2016-03-28 18:57:59 [+0200], Christian Seiler wrote:
control: fixed -1 1.0.2b-1
> Hi,
Hi,
> For example, this breaks curl with those sites, which is used in a
> large variety of contexts, especially scripting languages. This might
> lead some people to disable certificate checking altogether because
> they don't know how to fix this, which is _much_ worse than keeping
> 1024 bit CAs in the root store.
Do you have a test case for this? Unstable /testing should be fixed.
Stable not yet. The fix made into 1.0.1n and we are at k and the patch
seem not to be backported into our k.
This might be something we want for stable, right?
> Regards,
> Christian
Sebastian
More information about the Pkg-openssl-devel
mailing list