[Pkg-openssl-devel] Bug#907457: x509: Bad format "engine" must be PEM or DER CSR; (Certificate Signing Request) using openssl
Philipp Rosenberger
p.rosenberger at linutronix.de
Tue Aug 28 08:54:37 BST 2018
Package: openssl
Version: 1.1.0f-3+deb9u2
Severity: important
Dear Maintainer,
There is a typo in the Code for the x509 options, which leads to the point that
no CAengine can be specified. With this bug a CA can't be stored on a smartcard
or something alike.
This bug has been fixed with 1.1.0g
Here is a upstream bug report:
https://github.com/openssl/openssl/issues/4366
The simple fix is here:
https://github.com/openssl/openssl/commit/bd6eba79d70677f891f1bb55b6f5bc5602c47cbc
And here for the 1.1.0 stable branch:
https://github.com/openssl/openssl/commit/b701fa8340944c2a0481457f96e7f38b03180c24
-- System Information:
Debian Release: 9.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armel, armhf
Kernel: Linux 4.17.0-0.bpo.1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)
Versions of packages openssl depends on:
ii libc6 2.24-11+deb9u3
ii libssl1.1 1.1.0f-3+deb9u2
openssl recommends no packages.
Versions of packages openssl suggests:
ii ca-certificates 20161130+nmu1+deb9u1
-- no debconf information
More information about the Pkg-openssl-devel
mailing list