[Pkg-openssl-devel] Bug#941987: libssl1.1: Ciphers AES-*-CBC-HMAC-* are missing in libssl 1.1.1d, but available in 1.1.1c
Ondřej Surý
ondrej at sury.org
Tue Oct 8 21:15:33 BST 2019
The one package particularly hit by this is PHP.
The openssl_get_cipher_methods() function does list the hmac variants with 1.1.1c, but it doesn’t with 1.1.1d, so there’s definitely a regression somewhere.
O.
--
Ondřej Surý <ondrej at sury.org>
> On 8 Oct 2019, at 22:12, Sebastian Andrzej Siewior <sebastian at breakpoint.cc> wrote:
>
> On 2019-10-08 17:35:22 [+0200], Greg wrote:
>> Package: libssl1.1
>> Version: 1.1.1c-1+0~20190710.13+debian10~1.gbp359e02
>> Severity: normal
>>
>> Dear Maintainer,
>>
>> * What led up to the situation?
>> Upgraded package libssl1.1 from 1.1.1c to 1.1.1d
>>
>> * What exactly did you do (or not do) that was effective (or
>> ineffective)?
>> Downgraded to 1.1.1c
>>
>> * What was the outcome of this action?
>> 4 more ciphers were back
>
> I am completely lost here. Why is there such a strange version string?
> More importantly *how* do you determine whether or not AES-*-CBC-HMAC-*
> is available?
>
> Sebastian
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-openssl-devel/attachments/20191008/8460cb4d/attachment.html>
More information about the Pkg-openssl-devel
mailing list