diff -Nru lastpass-cli-1.0.0/debian/changelog lastpass-cli-1.0.0/debian/changelog --- lastpass-cli-1.0.0/debian/changelog 2018-02-28 21:09:46.000000000 +0000 +++ lastpass-cli-1.0.0/debian/changelog 2018-05-17 14:18:00.000000000 +0000 @@ -1,3 +1,13 @@ +lastpass-cli (1.0.0-1.2ubuntu2) cosmic; urgency=medium + + * Add debian/patches/0004-revert-removed-certificate-pins.patch: + - Cherry-pick upstream commit b888411 to revert 46e2a0f + that disabled some GlobalSign intermediate certificates. + - This make the client start working again after the LastPass + servers updated their certificate (Closes: #1555562). + + -- Nafallo Bjälevik Thu, 17 May 2018 14:18:00 +0000 + lastpass-cli (1.0.0-1.2ubuntu1) bionic; urgency=medium * Switch build-dependencies back to openssl 1.1. diff -Nru lastpass-cli-1.0.0/debian/patches/0004-revert-removed-certificate-pins.patch lastpass-cli-1.0.0/debian/patches/0004-revert-removed-certificate-pins.patch --- lastpass-cli-1.0.0/debian/patches/0004-revert-removed-certificate-pins.patch 1970-01-01 00:00:00.000000000 +0000 +++ lastpass-cli-1.0.0/debian/patches/0004-revert-removed-certificate-pins.patch 2018-05-17 14:16:58.000000000 +0000 @@ -0,0 +1,30 @@ +From b888411b042df9414d1d78d99332b672e65c4eb9 Mon Sep 17 00:00:00 2001 +From: Bob Copeland +Date: Wed, 16 May 2018 16:07:58 -0400 +Subject: [PATCH] Revert "pins: remove GlobalSign R1/R3 pins" + +This reverts commit 46e2a0fb488f4ed7fd8cc3f1c5b64ca009abc5ba. +--- + pins.h | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/pins.h b/pins.h +index e629b6f..7455574 100644 +--- a/pins.h ++++ b/pins.h +@@ -5,8 +5,12 @@ const char *PK_PINS[] = { + "HXXQgxueCIU5TTLHob/bPbwcKOKw6DkfsTWYHbxbqTY=", + /* current lastpass.eu primary (AddTrust) */ + "lCppFqbkrlJ3EcVFAkeip0+44VaoJUymbnOaEUk7tEU=", ++ /* future lastpass root CA (GlobalSign R1) */ ++ "K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q=", + /* future lastpass root CA (GlobalSign R2) */ + "iie1VXtL7HzAMF+/PVPR9xzT80kQxdZeJ+zduCB3uj0=", ++ /* future lastpass root CA (GlobalSign R3) */ ++ "cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A=", + /* future lastpass.com primary (leaf) */ + "0hkr5YW/WE6Nq5hNTcApxpuaiwlwy5HUFiOt3Qd9VBc=", + /* future lastpass.com backup (leaf) */ +-- +2.17.0 + diff -Nru lastpass-cli-1.0.0/debian/patches/series lastpass-cli-1.0.0/debian/patches/series --- lastpass-cli-1.0.0/debian/patches/series 2016-12-06 20:10:47.000000000 +0000 +++ lastpass-cli-1.0.0/debian/patches/series 2018-05-17 14:17:08.000000000 +0000 @@ -2,3 +2,4 @@ 0001-cipher-support-opaque-EVP_CIPHER_CTX.patch 0002-cipher-drop-p8inf-broken-flag-check.patch 0003-pbkdf2-support-openssl-1.1.patch +0004-revert-removed-certificate-pins.patch