Source: python-certbot Version: 2.11.0-1.1 Severity: serious Justification: Remote API not packaged in Debian will change shortly after release, rendering this package totally unusable, and possibily impact the security of unrelated software due to TLS. X-Debbugs-Cc: hlieber...@debian.org Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9 -10 -11 -12 -13 -14 -15 -16 -17 -18 -19 Control: reassign -2 src:python-josepy Control: reassign -3 src:python-acme Control: reassign -4 src:python-certbot-apache Control: reassign -5 src:python-certbot-nginx Control: reassign -6 src:python-certbot-dns-cloudflare Control: reassign -7 src:python-certbot-dns-desec Control: reassign -8 src:python-certbot-dns-digitalocean Control: reassign -9 src:python-certbot-dns-dnsimple Control: reassign -10 src:python-certbot-dns-gandi Control: reassign -11 src:python-certbot-dns-gehirn Control: reassign -12 src:python-certbot-dns-google Control: reassign -13 src:python-certbot-dns-infomaniak Control: reassign -14 src:python-certbot-dns-linode Control: reassign -15 src:python-certbot-dns-ovh Control: reassign -16 src:python-certbot-dns-rfc2136 Control: reassign -17 src:python-certbot-dns-route53 Control: reassign -18 src:python-certbot-dns-sakuracloud Control: reassign -19 src:python-certbot-dns-standalone Control: block -6 by -1 -2 -3 -4 -5 Control: block -7 by -1 -2 -3 -4 -5 Control: block -8 by -1 -2 -3 -4 -5 Control: block -9 by -1 -2 -3 -4 -5 Control: block -10 by -1 -2 -3 -4 -5 Control: block -11 by -1 -2 -3 -4 -5 Control: block -12 by -1 -2 -3 -4 -5 Control: block -13 by -1 -2 -3 -4 -5 Control: block -14 by -1 -2 -3 -4 -5 Control: block -15 by -1 -2 -3 -4 -5 Control: block -16 by -1 -2 -3 -4 -5 Control: block -17 by -1 -2 -3 -4 -5 Control: block -18 by -1 -2 -3 -4 -5 Control: block -19 by -1 -2 -3 -4 -5 Control: retitle -6 Package will become uninstallable after required certbot update Control: retitle -7 Package will become uninstallable after required certbot update Control: retitle -8 Package will become uninstallable after required certbot update Control: retitle -9 Package will become uninstallable after required certbot update Control: retitle -10 Package will become uninstallable after required certbot update Control: retitle -11 Package will become uninstallable after required certbot update Control: retitle -12 Package will become uninstallable after required certbot update Control: retitle -13 Package will become uninstallable after required certbot update Control: retitle -14 Package will become uninstallable after required certbot update Control: retitle -15 Package will become uninstallable after required certbot update Control: retitle -16 Package will become uninstallable after required certbot update Control: retitle -17 Package will become uninstallable after required certbot update Control: retitle -18 Package will become uninstallable after required certbot update Control: retitle -19 Package will become uninstallable after required certbot update
Hello maintainer, First, my apologies that this bug series and subsequent upload comes so late into freeze. Between work and some unexpected travel recently, I have been derelict in keeping focus on the changing freeze timeline. Thankfully, the autopkgtest for certbot and its major plugins is quite robust, including actual certificate issuance (against the pebble test server). The upcoming changes to the Let's Encrypt API are very invasive and a discussion with upstream has been very clear that they do not intend to backport fixes for the upcoming API changes into the certbot 2.x series (see: https://github.com/certbot/certbot/wiki/Architectural-Decision-Records-2025#-update-to-certbots-version-policy-and-end-of-life-support-on-previous-major-versions and https://github.com/certbot/certbot/security/policy). I, therefore, have no choice but to update the certbot package to the 4.x series to give the version in trixie the longest lifetime possible. As of the opening of this series of bugs, uploads have been prepared for certbot itself, as well as its two major plugins (apache and nginx) and their dependencies (acme and josepy). I intend to also upload new versions of all other plugins which have been updated to the 4.x series today. Sincerely, -- Harlan Lieberman-Berg ~hlieberman
