Your message dated Mon, 05 Oct 2009 00:46:16 +0200
with message-id <1254696376.3388.6.ca...@julia.gcs.org.hu>
and subject line neon27 v0.29.0 insecure algorithm error
has caused the Debian Bug report #548773,
regarding [libneon27-gnutls] authentication to subversion via https fails with
"Insecure Algorithm" error
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
548773: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=548773
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libneon27-gnutls
Version: 0.29.0-1
Severity: serious
--- Please enter the report below this line. ---
Since 0.29.0-1 I've got the following problem when trying to do anything
with svn (update, commit, checkout, whatever):
$ svn up
svn: OPTIONS von »https://myuri/...«: Certificate verification error:
signed using insecure algorithm (https://myuri)
Downgraded libneon27 and libneon27-gnutls to 0.28.6-1 solved the problem.
I tagged this as serious because users depending on svn and not knowing the
origin of this problem may really have a problem.
--- System information. ---
Architecture: i386
Kernel: Linux 2.6.31-1.slh.1-sidux-686
Debian Release: squeeze/sid
500 unstable www.debian-multimedia.org
500 unstable ftp.spline.de
500 unstable ftp.ch.debian.org
--- Package information. ---
Depends (Version) | Installed
=======================================-+-===================
libc6 (>= 2.3) | 2.9-26
libcomerr2 (>= 1.01) | 1.41.9-1
libgcrypt11 (>= 1.4.2) | 1.4.4-4
libgnutls26 (>= 2.7.14-0) | 2.8.4-1
libgpg-error0 (>= 1.6-1) | 1.6-1
libgssapi-krb5-2 (>= 1.7dfsg~beta1) | 1.7dfsg~beta3-1
libk5crypto3 (>= 1.6.dfsg.2) | 1.7dfsg~beta3-1
libkrb5-3 (>= 1.6.dfsg.2) | 1.7dfsg~beta3-1
libtasn1-3 (>= 1.6-0) | 2.3-1
libxml2 (>= 2.6.27) | 2.7.5.dfsg-1
zlib1g (>= 1:1.1.4) | 1:1.2.3.3.dfsg-15
Recommends (Version) | Installed
==============================-+-===========
ca-certificates | 20090814
Package's Suggests field is empty.
--- End Message ---
--- Begin Message ---
Hi Simon,
It's an user error. Please read the details of this error message[1]. It
comes from GNU TLS, quoting the description:
"GNUTLS_CERT_INSECURE_ALGORITHM:
The certificate was signed using an insecure algorithm such as
MD2 or MD5. These algorithms have been broken and should not be
trusted."
Please recreate your certificate with a trusted algorithm and it will be
fine with neon.
Regards,
Laszlo/GCS
[1]
http://www.gnu.org/software/gnutls/manual/html_node/Verifying-X_002e509-certificate-paths.html
--- End Message ---
