Package: libfilezilla
Version: 0.45.0-3
Severity: normal
Tags: patch
Hello,
In Ubuntu, the attached patch was applied to achieve the following:
Basically the TLS1.0 and TLS1.1 are considered now insecure, and are blocked in
Ubuntu.
I think Debian will eventually follow, making the package FTBFS during tests.
* Merge from Debian unstable. Remaining changes:
- Disable tls1.0 and tls1.1 tests, deprecated
Thanks for considering the patch.
*** /tmp/tmpqjb1gyi1/libfilezilla_0.45.0-3ubuntu1.debdiff
diff -Nru libfilezilla-0.45.0/debian/patches/disable-ssl-tests.patch
libfilezilla-0.45.0/debian/patches/disable-ssl-tests.patch
--- libfilezilla-0.45.0/debian/patches/disable-ssl-tests.patch 1970-01-01
01:00:00.000000000 +0100
+++ libfilezilla-0.45.0/debian/patches/disable-ssl-tests.patch 2023-11-07
10:24:01.000000000 +0100
@@ -0,0 +1,17 @@
+Description:
+ * Disable tls1.0 and tls1.1 tests, deprecated
+Author: Gianfranco Costamagna <locutusofb...@debian.org>
+Last-Update: 2023-11-07
+
+--- libfilezilla-0.45.0.orig/tests/socket.cpp
++++ libfilezilla-0.45.0/tests/socket.cpp
+@@ -430,7 +430,7 @@ void socket_test::test_tls_resumption()
+ // Test all posssible combinations of TLS <= 1.2 and either side
supporting tickets
+ for (size_t i = 0; i < 4; ++i) {
+ do_test_tls_resumption(fz::tls_ver::v1_2, i & 0x1, i & 0x2);
+- do_test_tls_resumption(fz::tls_ver::v1_1, i & 0x1, i & 0x2);
+- do_test_tls_resumption(fz::tls_ver::v1_0, i & 0x1, i & 0x2);
++ //do_test_tls_resumption(fz::tls_ver::v1_1, i & 0x1, i & 0x2);
++ //do_test_tls_resumption(fz::tls_ver::v1_0, i & 0x1, i & 0x2);
+ }
+ }
diff -Nru libfilezilla-0.45.0/debian/patches/series
libfilezilla-0.45.0/debian/patches/series
--- libfilezilla-0.45.0/debian/patches/series 2021-05-05 00:04:10.000000000
+0200
+++ libfilezilla-0.45.0/debian/patches/series 2023-11-09 04:19:21.000000000
+0100
@@ -0,0 +1 @@
+disable-ssl-tests.patch
