Your message dated Thu, 23 Feb 2023 09:31:32 +0100
with message-id <20230223083132.e2xbcgh6gytey...@zeha.at>
and subject line Re: please enable TLS 1.2 by default
has caused the Debian Bug report #728068,
regarding iceweasel: please enable TLS 1.2 by default
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
728068: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728068
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: iceweasel
Version: 25.0~b9-1
Severity: wishlist
By default, Iceweasel enables only TLS 1.0. TLS 1.2 provides important
security benefits, such as HMAC-SHA256 and GCM ciphersuites (with a new
enough version of NSS). Iceweasel has support for this, but it is
simply not enabled. I have set the option in about:config, have been
browsing with it for some time, and have seen zero problems. All other
modern web browsers enable this by default, and so should Iceweasel.
Please enable TLS 1.2 and the GCM ciphersuites by default. If you need
to clone a separate bug for the GCM ciphersuites, please do.
-- Package-specific info:
-- Addons package information
ii iceweasel 25.0~b9-1 amd64 Web browser based on Firefox
ii totem-mozilla 3.8.2-3 amd64 Totem Mozilla plugin
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.11-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages iceweasel depends on:
ii debianutils 4.4
ii fontconfig 2.11.0-1
ii libc6 2.17-93
ii libgdk-pixbuf2.0-0 2.28.2-1
ii libglib2.0-0 2.38.1-1
ii libgtk2.0-0 2.24.22-1
ii libnspr4 2:4.10.1-1
ii libnspr4-0d 2:4.10.1-1
ii libsqlite3-0 3.8.1-1
ii libstdc++6 4.8.2-1
ii procps 1:3.3.8-2
ii xulrunner-25.0 25.0~b9-1
iceweasel recommends no packages.
Versions of packages iceweasel suggests:
pn fonts-mathjax <none>
pn fonts-oflb-asana-math <none>
ii fonts-stix [otf-stix] 1.1.0-1
ii libgssapi-krb5-2 1.11.3+dfsg-3
pn mozplugger <none>
ii otf-stix 1.1.0-1
Versions of packages xulrunner-25.0 depends on:
ii libasound2 1.0.27.2-3
ii libatk1.0-0 2.10.0-2
ii libbz2-1.0 1.0.6-5
ii libc6 2.17-93
ii libcairo2 1.12.16-2
ii libdbus-1-3 1.6.16-1
ii libdbus-glib-1-2 0.100.2-1
ii libevent-2.0-5 2.0.21-stable-1
ii libfontconfig1 2.11.0-1
ii libfreetype6 2.4.9-1.1
ii libgcc1 1:4.8.2-1
ii libgdk-pixbuf2.0-0 2.28.2-1
ii libglib2.0-0 2.38.1-1
ii libgtk2.0-0 2.24.22-1
ii libhunspell-1.3-0 1.3.2-4
ii libmozjs25d 25.0~b9-1
ii libnspr4 2:4.10.1-1
ii libnss3 2:3.15.2-1
ii libpango-1.0-0 1.36.0-1
ii libpixman-1-0 0.30.2-1
ii libsqlite3-0 3.8.1-1
ii libstartup-notification0 0.12-3
ii libstdc++6 4.8.2-1
ii libvpx1 1.2.0-2
ii libx11-6 2:1.6.2-1
ii libxext6 2:1.3.2-1
ii libxrender1 1:0.9.8-1
ii libxt6 1:1.1.4-1
ii zlib1g 1:1.2.8.dfsg-1
Versions of packages xulrunner-25.0 suggests:
ii libcanberra0 0.30-2
ii libgnomeui-0 2.24.5-2
-- no debconf information
--
brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
> This appears to be fixed upstream for Firefox 27/28. See:
> https://bugzilla.mozilla.org/show_bug.cgi?id=861266
Thus no longer a problem in any supported debian release.
C.
--- End Message ---
