To provide a little more information as an upstream maintainer of Certbot, the lack of an upgrade here will affect a lot of Debian Jessie users.
Let’s Encrypt started sending out multiple emails telling affected users they needed to upgrade their client or they will become unable to renew their certificates 3 weeks ago. Looking at server side data from the past week on how many Jessie users continue to rely on these soon to be broken packages, I estimate it is 20,000 users maintaining 37,000 certificates for 64,000 domains. Is there really nothing that can be done here? Is it possible to make an exception to Debian’s normal policy to prevent TLS configurations from breaking on tens of thousands of websites?
