Ubuntu
python3.8 package

SECLEVEL=2 & tls1.2-min by default are causing ftbfs / autopkgtest failures

Bug #1858971 reported by Dimitri John Ledkov on 2020-01-09

This bug affects 1 person

	Status	Importance	Assigned to
cmake (Ubuntu)	Fix Released	Undecided	Unassigned
nodejs (Ubuntu)	Fix Released	Undecided	Unassigned
openssl (Ubuntu)	Fix Released	Undecided	Unassigned
python2.7 (Ubuntu)	Fix Released	Undecided	Unassigned
python3.7 (Ubuntu)	Fix Committed	Undecided	Unassigned
python3.8 (Ubuntu)	Fix Committed	Undecided	Unassigned
ruby-openssl (Ubuntu)	Fix Committed	Undecided	Unassigned
ruby2.5 (Ubuntu)	Fix Committed	Undecided	Unassigned

Bug Description

SECLEVEL=2 by default is causing ftbfs / autopkgtest failure

openssl switched to SECLEVEL=2 by default

Causes:

SSL_CTX_use_certificate: ca md too weak in ruby2.5 ruby-openssl

openssl uses tls1.2-min:

test_ssl failing in python2.7
ERROR: test_protocol_sslv23 (test.test_ssl.ThreadedTests)
Connecting to an SSLv23 server with various client options
ERROR: test_protocol_tlsv1_1 (test.test_ssl.ThreadedTests)
Connecting to a TLSv1.1 server with various client options.

See original description

Tags:

Dimitri John Ledkov (xnox) on 2020-01-09

tags:	added: update-excuse
description:	updated
tags:	added: tls1.2-min
summary:	- SECLEVEL=2 by default is causing ftbfs / autopkgtest failure + SECLEVEL=2 & tls1.2-min by default are causing ftbfs / autopkgtest + failures

Revision history for this message

Dimitri John Ledkov (xnox) wrote on 2020-01-09:

nodejs small keys

Error: error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small

Revision history for this message

Dimitri John Ledkov (xnox) wrote on 2020-01-09:

mysql-8.0 confused about it

CURRENT_TEST: main.events_bugs
mysqltest: At line 1036: Query 'CREATE EVENT e1 ON SCHEDULE AT '2020-01-01 00:00:00' DO SET @a = 1' succeeded, should have failed with error '1290'

Dimitri John Ledkov (xnox) on 2020-01-09

no longer affects:

openssh (Ubuntu)

Dimitri John Ledkov (xnox) on 2020-01-15

Changed in ruby-openssl (Ubuntu):
status:	New → Fix Committed
Changed in nodejs (Ubuntu):
status:	New → Fix Committed

Dimitri John Ledkov (xnox) on 2020-01-15

Changed in ruby2.5 (Ubuntu):
status:	New → Fix Committed

Dimitri John Ledkov (xnox) on 2020-01-16

Changed in python3.8 (Ubuntu):
status:	New → Fix Committed

Dimitri John Ledkov (xnox) on 2020-01-16

Changed in python3.7 (Ubuntu):
status:	New → Fix Committed
Changed in python2.7 (Ubuntu):
status:	New → Fix Committed
Changed in cmake (Ubuntu):
status:	New → Fix Committed

Dimitri John Ledkov (xnox) on 2020-02-09

Changed in openssl (Ubuntu):
status:	New → Fix Released
Changed in cmake (Ubuntu):
status:	Fix Committed → Fix Released
Changed in nodejs (Ubuntu):
status:	Fix Committed → Fix Released
Changed in python2.7 (Ubuntu):
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntupython3.8 package

SECLEVEL=2 & tls1.2-min by default are causing ftbfs / autopkgtest failures

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
python3.8 package