:: [DNG] openssl/libssl1 in Debian has…
Top Page
Delete this message
Reply to this message
Author: ael
Date:  
To: dng
Subject: [DNG] openssl/libssl1 in Debian has disabled TLS 1.0 & 1.1
The Debian maintainer of openssl has unilaterally decided to disable TLS
1.0 and 1.1 with no option to re-enable.

This breaks situations where users have no access to or influence on servers
which still (unfortunately) use these old protocols.

One case is offlineimap and there is a thread on the OLIM mailing list
discussing this catastrophic situation.

Here is the relevant part of the changelog entry:

[ Kurt Roeckx ]
  * Disable TLS 1.0 and 1.1, leaving 1.2 as the only supported SSL/TLS
    version. This will likely break things, but the hope is that by
    the release of Buster everything will speak at least TLS 1.2. This will be
    reconsidered before the Buster release.


-- Kurt Roeckx <kurt@???> Mon, 07 Aug 2017 01:08:45 +0200

Devuan needs to avoid importing this problem.

ael