[Bug 1825212] Re: [SRU] openssl disco

Mathew Hodson mathew.hodson at gmail.com
Sat Jun 1 22:17:38 UTC 2019 

Fixed in Eoan
---

openssl (1.1.1b-2ubuntu1) devel; urgency=medium

  * Merge from Debian unstable, remaining changes:
    - Replace duplicate files in the doc directory with symlinks.
    - debian/libssl1.1.postinst:
      + Display a system restart required notification on libssl1.1
        upgrade on servers.
      + Use a different priority for libssl1.1/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
    - Revert "Enable system default config to enforce TLS1.2 as a
      minimum" & "Increase default security level from 1 to 2".
    - Drop the NEWS entry, not applicable on Ubuntu.

openssl (1.1.1b-2) unstable; urgency=medium

  * Fix BUF_MEM regression (Closes: #923516)
  * Fix error when config can't be opened (Closes: #926315)
  * Ship an openssl.cnf in libssl1.1-udeb.dirs

 -- Dimitri John Ledkov <xnox at ubuntu.com>  Wed, 17 Apr 2019 17:26:42
+0100

** Changed in: openssl (Ubuntu)
       Status: Confirmed => Fix Released

** Bug watch removed: gitlab.labs.nic.cz/datovka/datovka/issues #410
   https://gitlab.labs.nic.cz/datovka/datovka/issues/410

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1825212

Title:
  [SRU] openssl disco

Status in openssl package in Ubuntu:
  Fix Released
Status in openssl source package in Disco:
  Fix Committed

Bug description:
  [Impact]

   * openssl has BUF_MEM regression that may affect packages at runtime.
   * openssl has a regression of failing to initialize SSL context without openssl.cnf file

  [Test Case]

   * Compile an old r-cran-openssl and run its autopkgtest against the
  current & fixed openssl, it should fail and pass respectively

   * remove openssl.cnf and try to use curl https://www.ubuntu.com it
  should succeed

  [Regression Potential]

   * These are regressions in the 1.1.1 series, witch patches cherrypicked from openssl stable branch and the same patches were uploaded into Debian.
   * The above two issues may continue to persist

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1825212/+subscriptions

More information about the foundations-bugs mailing list