Bug#507633: marked as done (libgnutls26: GnuTLS does not know VeriSign any more)

Debian Bug Tracking System Sat, 06 Dec 2008 04:08:55 -0800

Your message dated Sat, 06 Dec 2008 11:32:05 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#507633: fixed in gnutls26 2.4.2-4
has caused the Debian Bug report #507633,
regarding libgnutls26: GnuTLS does not know VeriSign any more
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)


-- 
507633: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507633
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems

--- Begin Message ---

Package: libgnutls26
Version: 2.4.2-3
Severity: important


Hi,

Since I updated libgnutls26 from 2.4.2-1 to 2.4.2-3 kMyMoney2 does not connect 
to my bank 
any more.
When I run gnutls-cli --insecure -p 443 hbci-pintan-rp.s-hbci.de -d 4711 
--print-cert it 
says

- Peer's certificate issuer is unknown
- Peer's certificate is NOT trusted
- Version: TLS1.0
- Key Exchange: RSA
- Cipher: AES-256-CBC
- MAC: SHA1
- Compression: NULL
- Handshake was completed

For the three certificates which I get, the Issuer's DN are:

# Issuer's DN: O=VeriSign Trust Network,OU=VeriSign\, Inc.,OU=VeriSign 
International Server 
CA - Class 3,OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign
# Issuer's DN: C=US,O=VeriSign\, Inc.,OU=Class 3 Public Primary Certification 
Authority
# Issuer's DN: C=US,O=VeriSign\, Inc.,OU=Class 3 Public Primary Certification 
Authority

If you need more information, please tell me

Michael

-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libgnutls26 depends on:
ii  libc6                  2.7-16            GNU C Library: Shared libraries
ii  libgcrypt11            1.4.1-1           LGPL Crypto library - runtime libr
ii  libgpg-error0          1.4-2             library for common error values an
ii  libtasn1-3             1.4-1             Manage ASN.1 structures (runtime)
ii  zlib1g                 1:1.2.3.3.dfsg-12 compression library - runtime

libgnutls26 recommends no packages.

Versions of packages libgnutls26 suggests:
pn  gnutls-bin                    <none>     (no description available)

-- debconf-show failed

--- End Message ---

--- Begin Message ---

Source: gnutls26
Source-Version: 2.4.2-4

We believe that the bug you reported is fixed in the latest version of
gnutls26, which is due to be installed in the Debian FTP archive:

gnutls-bin_2.4.2-4_i386.deb
  to pool/main/g/gnutls26/gnutls-bin_2.4.2-4_i386.deb
gnutls-doc_2.4.2-4_all.deb
  to pool/main/g/gnutls26/gnutls-doc_2.4.2-4_all.deb
gnutls26_2.4.2-4.diff.gz
  to pool/main/g/gnutls26/gnutls26_2.4.2-4.diff.gz
gnutls26_2.4.2-4.dsc
  to pool/main/g/gnutls26/gnutls26_2.4.2-4.dsc
guile-gnutls_2.4.2-4_i386.deb
  to pool/main/g/gnutls26/guile-gnutls_2.4.2-4_i386.deb
libgnutls-dev_2.4.2-4_i386.deb
  to pool/main/g/gnutls26/libgnutls-dev_2.4.2-4_i386.deb
libgnutls26-dbg_2.4.2-4_i386.deb
  to pool/main/g/gnutls26/libgnutls26-dbg_2.4.2-4_i386.deb
libgnutls26_2.4.2-4_i386.deb
  to pool/main/g/gnutls26/libgnutls26_2.4.2-4_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Metzler <[EMAIL PROTECTED]> (supplier of updated gnutls26 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 06 Dec 2008 12:09:33 +0100
Source: gnutls26
Binary: libgnutls-dev libgnutls26 libgnutls26-dbg gnutls-bin gnutls-doc 
guile-gnutls
Architecture: source all i386
Version: 2.4.2-4
Distribution: unstable
Urgency: medium
Maintainer: Debian GnuTLS Maintainers <[EMAIL PROTECTED]>
Changed-By: Andreas Metzler <[EMAIL PROTECTED]>
Description: 
 gnutls-bin - the GNU TLS library - commandline utilities
 gnutls-doc - the GNU TLS library - documentation and examples
 guile-gnutls - the GNU TLS library - GNU Guile bindings
 libgnutls-dev - the GNU TLS library - development files
 libgnutls26 - the GNU TLS library - runtime library
 libgnutls26-dbg - GNU TLS library - debugger symbols
Closes: 507633
Changes: 
 gnutls26 (2.4.2-4) unstable; urgency=medium
 .
   * Add Simon Josefsson to uploaders.
   * Another fix for the verification fix. Some correct certificate chains were
     not recognized as verified. Closes: #507633
Checksums-Sha1: 
 14c08dcbaa2e3d6a673273acbd01fe5c96cd3e1d 1584 gnutls26_2.4.2-4.dsc
 97b4567ca880cfa9e63ab75a9e95f1085d8293cc 16372 gnutls26_2.4.2-4.diff.gz
 bf241a395b20b5e18920141c90a2a1992c8d5f27 2761510 gnutls-doc_2.4.2-4_all.deb
 71e04e9a5279ee61e3587436dd9bf8eb5396b2dc 537026 libgnutls-dev_2.4.2-4_i386.deb
 7b5aac6b0e3232924006d67726b84f9f3370d46a 456046 libgnutls26_2.4.2-4_i386.deb
 eaef6d27badbf8d289746339376e276195d0ce22 1090430 
libgnutls26-dbg_2.4.2-4_i386.deb
 2f397cf53759693738da0d5615969676fba36fc8 268946 gnutls-bin_2.4.2-4_i386.deb
 35bf79acc368ee61b22b38e99cf96ecec5c8d3ee 210600 guile-gnutls_2.4.2-4_i386.deb
Checksums-Sha256: 
 e41d8a62c366fe5273452db892478acb6568bbd9ea3e8a1a06deae33487834c0 1584 
gnutls26_2.4.2-4.dsc
 2890a30c5bd748e9533bbc5a67730725454b70b1ba2826e09074390884ff7bdd 16372 
gnutls26_2.4.2-4.diff.gz
 03e218f678515634332910a652704782c1e51eaf6522e26cd7ed82bccf7ee295 2761510 
gnutls-doc_2.4.2-4_all.deb
 8cde2086bb2a5fbe4fb19aa4c10aaaff19bbe3d5831b4db3c2df89176c46f160 537026 
libgnutls-dev_2.4.2-4_i386.deb
 5d177f12f7369fa5110e20f7db69e8a794e52d82011d501572561ddcecca6046 456046 
libgnutls26_2.4.2-4_i386.deb
 ff872ecafab70917f4e52482375fc4e69349158bdfe89e7158f7945a989faddd 1090430 
libgnutls26-dbg_2.4.2-4_i386.deb
 7e9415699cfa7a75b2de1bd5af7ca461fc3c0856c78868e9050c990d5def58ac 268946 
gnutls-bin_2.4.2-4_i386.deb
 bf335f05a78bc27f083e6938a64979caa11d1790ba4b35e3f799541087ff7771 210600 
guile-gnutls_2.4.2-4_i386.deb
Files: 
 1a66222c5a81957c6dff73c70b04f94b 1584 devel optional gnutls26_2.4.2-4.dsc
 2aa040f6cc41cb7622f8d0cb0770a168 16372 devel optional gnutls26_2.4.2-4.diff.gz
 1fed291b68c6990e8acadc875dd9d083 2761510 doc optional 
gnutls-doc_2.4.2-4_all.deb
 b5b50ca9ae42ed8c8a09d2a3f9105636 537026 libdevel optional 
libgnutls-dev_2.4.2-4_i386.deb
 d976dacacdc354c7bb2f6dff85ef38cc 456046 libs important 
libgnutls26_2.4.2-4_i386.deb
 3b06cb22b289ef87a37cd36fe94e85e9 1090430 devel extra 
libgnutls26-dbg_2.4.2-4_i386.deb
 8d25abeb3ded8cdd2adf4a1dcc83b38e 268946 net optional 
gnutls-bin_2.4.2-4_i386.deb
 69ecb2fdadb98cf36088d20a2a07f629 210600 libs optional 
guile-gnutls_2.4.2-4_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkk6X+gACgkQHTOcZYuNdmPvZQCghtOHmWKQx4zYLo982M2a6j5G
yiwAn1X9sfzswh7MxzQsVevI7M6D8oTX
=0/nH
-----END PGP SIGNATURE-----

--- End Message ---

Bug#507633: marked as done (libgnutls26: GnuTLS does not know VeriSign any more)

Reply via email to