On Fri, Jan 09, 2015 at 12:24:03AM +0900, Hiroyuki YAMAMORI wrote: > Package: openssl > Version: 1.0.1j-1 > Severity: normal > > Dear Maintainer, > > To avoid security weakness, when 1024-bit RSA root CAs removed, > verify error occurs in some sites with cross root CA. > > I've seen following, > https://bugzilla.mozilla.org/show_bug.cgi?id=986005#c4 > > And fixed patch is following, > http://rt.openssl.org/Ticket/Display.html?id=3637&user=guest&pass=guest > [PATCH] x509: skip certs if in alternative cert chain
That patch will not be accepted. But upstream is working on a different patch. Kurt -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org