handle TLS session renegotiation
Bug #1829861 reported by
Julian Andres Klode
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apt (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Undecided
|
Unassigned | ||
Disco |
Fix Released
|
Undecided
|
Unassigned | ||
Eoan |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[Impact]
TLS sessions can renegotiate keys, but APT does not support it; meaning their HTTPS connections stop working.
[Test case]
We don't really have a reproducer. You'd need a server that re-negotiates by path; e.g. because it requires a a certain client certificate for a certain path.
We know it does not break other use cases, having run that for quite some time in eoan and Debian stretch, and the patch was tested by the patch submitter @ Akamai (see https:/
[Regression potential]
- Could we get stuck on renegotiation?
description: | updated |
description: | updated |
no longer affects: | apt (Ubuntu Cosmic) |
Changed in apt (Ubuntu Disco): | |
status: | New → In Progress |
Changed in apt (Ubuntu Bionic): | |
status: | New → In Progress |
To post a comment you must log in.
This bug was fixed in the package apt - 1.8.2+19.10
---------------
apt (1.8.2+19.10) eoan; urgency=medium
* Upload to eoan
apt (1.8.2) unstable; urgency=medium
[ Alwin Henseler ]
* Flip /: in documented default value of DPkg::Path (Closes: #917986)
[ TilmanK ]
* Fix typo in German manpage translation
[ Américo Monteiro ]
* Portuguese manpages translation update (Closes: #926614)
[ Jean-Pierre Giraud ]
* French manpages translation update (Closes: #929290)
[ Michael Zhivich ]
* methods: https: handle requests for TLS re-handshake (LP: #1829861)
[ Julian Andres Klode ]
* Unlock dpkg locks in reverse locking order (LP: #1829860)
-- Julian Andres Klode <email address hidden> Tue, 28 May 2019 23:25:22 +0200