Your message dated Thu, 19 Jan 2023 21:48:24 +0100 with message-id <y8msmb0vliph6...@breakpoint.cc> and subject line Re: Bug#915612: [Pkg-openssl-devel] Bug#915612: openssl: "genrsa" changed command line interface in stretch-security update has caused the Debian Bug report #915612, regarding openssl: "genrsa" changed command line interface in stretch-security update to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 915612: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915612 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: openssl Version: 1.1.0j-1~deb9u1 Severity: normal Hi, After this update to stretch-security: Accepted openssl 1.1.0j-1~deb9u1 (source) into stable->embargoed, stable the subcommand genrsa changed interface from its previous version, and does not accept -config or -batch options anymore: Extra arguments given. genrsa: Use -help for summary. I worked around the issue in other ways, and I know that "genpkey" is supposed to supercede "genrsa", but this problem might affect scripts that the users cannot easily change, and it's OK-ish for major versions but would be nice to not affect systems with stable-security updates. For reference, command that used to work: openssl genrsa -out "${KEY_FILE}" 4096 -config "${CONFIG_FILE}" -batch As a workaround with "genrsa": OPENSSL_CONF="${CONFIG_FILE}" openssl genrsa -out "${KEY_FILE}" 4096Cheers. -- Manuel Montecelo <mmontec...@sipwise.com>
--- End Message ---
--- Begin Message ---On 2018-12-06 10:56:35 [+0100], Manuel Montecelo wrote: > But since this change affected us and had to make changes after a > stable-security release, that in general shouldn't break things working > previously, I wanted to submit a bug to have a chance to fix things if there's > anything to fix... Or otherwise, at least document the problem, so if it bites > other people also using the wrong syntax they at least have some info about > what's wrong and what to change in their systems, rather than be unable to > upgrade to the latest version of openssl or spending more time investigating > the > problem on their own :) > > Thanks for the quick replies and investigation! closing. Sebastian
--- End Message ---
