Ubuntu
apt package

  1. Bug #1829861
  2. Activity log

Activity log for bug #1829861

Date Who What changed Old value New value Message
2019-05-21 12:47:17 Julian Andres Klode bug added bug
2019-05-21 12:47:53 Julian Andres Klode nominated for series Ubuntu Eoan
2019-05-21 12:47:53 Julian Andres Klode bug task added apt (Ubuntu Eoan)
2019-05-21 12:47:53 Julian Andres Klode nominated for series Ubuntu Bionic
2019-05-21 12:47:53 Julian Andres Klode bug task added apt (Ubuntu Bionic)
2019-05-21 12:47:53 Julian Andres Klode nominated for series Ubuntu Cosmic
2019-05-21 12:47:53 Julian Andres Klode bug task added apt (Ubuntu Cosmic)
2019-05-21 12:47:53 Julian Andres Klode nominated for series Ubuntu Disco
2019-05-21 12:47:53 Julian Andres Klode bug task added apt (Ubuntu Disco)
2019-05-29 18:58:20 Launchpad Janitor apt (Ubuntu Eoan): status New Fix Released
2019-08-09 09:35:55 Julian Andres Klode description [Impact] TLS sessions can renegotiate keys, but APT does not support it; meaning their HTTPS connections stop working. [Test case] ... [Regression potential] - Could we get stuck on renegotiation? [Impact] TLS sessions can renegotiate keys, but APT does not support it; meaning their HTTPS connections stop working. [Test case] We don't really have a reproducer. You'd need a server that re-negotiates by path; e.g. because it requires a a certain client certificate for a certain path. We know it does not break other use cases, and the patch was tested by the patch submitter @ Akamai (see https://github.com/Debian/apt/pull/93). [Regression potential] - Could we get stuck on renegotiation?
2019-08-09 09:36:24 Julian Andres Klode description [Impact] TLS sessions can renegotiate keys, but APT does not support it; meaning their HTTPS connections stop working. [Test case] We don't really have a reproducer. You'd need a server that re-negotiates by path; e.g. because it requires a a certain client certificate for a certain path. We know it does not break other use cases, and the patch was tested by the patch submitter @ Akamai (see https://github.com/Debian/apt/pull/93). [Regression potential] - Could we get stuck on renegotiation? [Impact] TLS sessions can renegotiate keys, but APT does not support it; meaning their HTTPS connections stop working. [Test case] We don't really have a reproducer. You'd need a server that re-negotiates by path; e.g. because it requires a a certain client certificate for a certain path. We know it does not break other use cases, having run that for quite some time in eoan and Debian stretch, and the patch was tested by the patch submitter @ Akamai (see https://github.com/Debian/apt/pull/93). [Regression potential] - Could we get stuck on renegotiation?
2019-08-09 09:36:29 Julian Andres Klode bug task deleted apt (Ubuntu Cosmic)
2019-08-09 09:36:36 Julian Andres Klode apt (Ubuntu Disco): status New In Progress
2019-09-02 15:57:46 Łukasz Zemczak apt (Ubuntu Disco): status In Progress Fix Committed
2019-09-02 15:57:50 Łukasz Zemczak bug added subscriber Ubuntu Stable Release Updates Team
2019-09-02 15:57:52 Łukasz Zemczak bug added subscriber SRU Verification
2019-09-02 15:57:54 Łukasz Zemczak tags verification-needed verification-needed-disco
2019-09-03 10:49:53 Julian Andres Klode apt (Ubuntu Bionic): status New In Progress
2019-09-05 11:58:49 Łukasz Zemczak apt (Ubuntu Bionic): status In Progress Fix Committed
2019-09-05 11:58:55 Łukasz Zemczak tags verification-needed verification-needed-disco verification-needed verification-needed-bionic verification-needed-disco
2019-09-10 14:52:42 Julian Andres Klode tags verification-needed verification-needed-bionic verification-needed-disco verification-done verification-done-bionic verification-done-disco
2019-09-12 12:13:46 Launchpad Janitor apt (Ubuntu Disco): status Fix Committed Fix Released
2019-09-12 12:14:08 Łukasz Zemczak removed subscriber Ubuntu Stable Release Updates Team
2019-09-12 12:14:19 Launchpad Janitor apt (Ubuntu Bionic): status Fix Committed Fix Released