Your message dated Sat, 26 Apr 2014 23:33:54 -0400
with message-id
<CANTw=mm8f54v3ijhhejj1ryj_wucroqnutqwhj-xya1ueb5...@mail.gmail.com>
and subject line Re: Bug#745646: closed by Michael Gilbert
<mgilb...@debian.org> (Re: Bug#745646: chromium: certificate revocation is not
checked)
has caused the Debian Bug report #745646,
regarding chromium: CRLSet (for certificate revocation checking) silently
remains outdated
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
745646: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=745646
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: chromium
Version: 34.0.1847.116-2
Severity: grave
Tags: security
Justification: user security hole
Certificate revocation is not checked: chromium gives no errors on
https://www.cloudflarechallenge.com/
contrary to Iceweasel. See attached snapshot.
It seems to be a Debian specific bug.
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1,
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.11-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages chromium depends on:
ii chromium-inspector 34.0.1847.116-2
ii gconf-service 3.2.6-2
ii libasound2 1.0.27.2-3
ii libatk1.0-0 2.12.0-1
ii libc6 2.18-4
ii libcairo2 1.12.16-2
ii libcap2 1:2.22-1.2
ii libcups2 1.7.2-1
ii libdbus-1-3 1.8.0-3
ii libexpat1 2.1.0-4
ii libfontconfig1 2.11.0-5
ii libfreetype6 2.5.2-1
ii libgcc1 1:4.9-20140411-2
ii libgconf-2-4 3.2.6-2
ii libgcrypt11 1.5.3-4
ii libgdk-pixbuf2.0-0 2.30.6-1
ii libglib2.0-0 2.40.0-2
ii libgnome-keyring0 3.8.0-2
ii libgtk2.0-0 2.24.23-1
ii libjpeg8 8d-2
ii libnspr4 2:4.10.4-1
ii libnss3 2:3.16-1
ii libpango-1.0-0 1.36.3-1
ii libpangocairo-1.0-0 1.36.3-1
ii libspeechd2 0.8-6
ii libspeex1 1.2~rc1.1-1
ii libstdc++6 4.9-20140411-2
ii libudev1 204-8
ii libx11-6 2:1.6.2-1
ii libxcomposite1 1:0.4.4-1
ii libxdamage1 1:1.1.4-1
ii libxext6 2:1.3.2-1
ii libxfixes3 1:5.0.1-1
ii libxi6 2:1.7.2-1
ii libxml2 2.9.1+dfsg1-3
ii libxrender1 1:0.9.8-1
ii libxslt1.1 1.1.28-2
ii libxss1 1:1.2.2-1
ii libxtst6 2:1.2.2-1
ii xdg-utils 1.1.0~rc1+git20111210-7
chromium recommends no packages.
Versions of packages chromium suggests:
pn chromium-l10n <none>
pn mozplugger <none>
-- no debconf information
--- End Message ---
--- Begin Message ---
On Sat, Apr 26, 2014 at 10:31 PM, Vincent Lefevre wrote:
>> You may be in the path of something maybe intentionally or maybe
>> unintentionally denying your machines access to Google's updated
>> CRLSet.
>
> You're wrong: if I request an update manually, it works. So, why would
> it be different than an automatic update???
I haven't examined this in detail, but consider that Google probably
doesn't want all chrome users hitting their servers at the same time.
Given more time, your machines would have likely gotten through and
fetched the update without intervention.
Feel free to reopen if that actually isn't the case.
Best wishes,
Mike
--- End Message ---
