[Pkg-openssl-devel] Bug#813468: cross-references and workaround

Christian Beer christian.beer at aei.mpg.de
Tue Feb 2 14:04:41 UTC 2016


There are already bugs filed with ca-certificates. I'm going to cross
reference them here:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812708#15
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812488

There are also other websites and tools affected. I personally think
that adding the certificates back to ca-certificates in Jessie is the
way to go.

Since it works in openssl 1.0.2 you can either upgrade the package in
Jessie to 1.0.2 (which is unlikely I think) or backport the fix for
1.0.2 to 1.0.1 upstream (which is even more unlikely).

I will also reference the workaround we advise to "downgrade" the
ca-certificates package:
https://einstein.phys.uwm.edu/forum_thread.php?id=11760&postid=151305

Regards
Christian



More information about the Pkg-openssl-devel mailing list