** Changed in: python-certbot-nginx (Ubuntu Xenial)
Status: Invalid => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1640978
Title:
[SRU] Backport letsencrypt from bionic
To manage
python-certbot-nginx (nor any python-letsencrypt-nginx) was never
released on 16.04 so cannot regress. Michael didn't include it in his
SRU work, so it didn't make this update and isn't expected to do so in
the future either.
** Changed in: python-certbot-nginx (Ubuntu Xenial)
Status: In Pr
This bug was fixed in the package python-certbot -
0.23.0-1~ubuntu16.04.1
---
python-certbot (0.23.0-1~ubuntu16.04.1) xenial; urgency=medium
[ Robie Basak ]
* This update is part of the set of major updates moving Let's
Encrypt/Certbot to version 0.23 in 16.04 in order to allo
This bug was fixed in the package python-certbot-apache -
0.23.0-1~ubuntu16.04.1
---
python-certbot-apache (0.23.0-1~ubuntu16.04.1) xenial; urgency=medium
[ Robie Basak ]
* This update is part of the set of major updates moving Let's
Encrypt/Certbot to version 0.23 in 16.04 in
This bug was fixed in the package python-letsencrypt-apache -
0.7.0-0ubuntu0.16.04.1
---
python-letsencrypt-apache (0.7.0-0ubuntu0.16.04.1) xenial; urgency=medium
[ Robie Basak ]
* This update is part of the set of major updates moving Let's
Encrypt/Certbot to version 0.23 in
This bug was fixed in the package python-acme -
0.22.2-1ubuntu0.1~16.04.1
---
python-acme (0.22.2-1ubuntu0.1~16.04.1) xenial; urgency=medium
[ Robie Basak ]
* This update is part of the set of major updates moving Let's
Encrypt/Certbot to version 0.23 in 16.04 in order to allo
This bug was fixed in the package python-letsencrypt -
0.7.0-0ubuntu0.16.04.1
---
python-letsencrypt (0.7.0-0ubuntu0.16.04.1) xenial; urgency=medium
[ Robie Basak ]
* This update is part of the set of major updates moving Let's
Encrypt/Certbot to version 0.23 in 16.04 in order
This bug was fixed in the package python-josepy - 1.1.0-1~ubuntu16.04.1
---
python-josepy (1.1.0-1~ubuntu16.04.1) xenial; urgency=medium
[ Robie Basak ]
* This update is part of the set of major updates moving Let's
Encrypt/Certbot to version 0.23 in 16.04 in order to allow it
** Tags removed: verification-needed verification-needed-xenial
** Tags added: verification-done verification-done-xenial
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1640978
Title:
[SRU] Backport
Successfully upgraded:
ii letsencrypt 0.4.1-1
ii python-acme 0.4.1-1
ii python-letsencrypt 0.4.1-1
ii python-letsencrypt-apache 0.4.1-1
to:
ii certbot 0.23.0-1~ubuntu16.04.1
ii letsencrypt 0.23.0-1~ubuntu16.04.1
ii python-acme 0.22.2-1ubuntu0.1~16.04.1
un python-acme-doc
ii python-cert
Successfully updated:
letsencrypt (0.4.1-1 => 0.23.0-1~ubuntu16.04.1)
python-acme (0.4.1-1 => 0.22.2-1ubuntu0.1~16.04.1)
python-letsencrypt (0.4.1-1 => 0.7.0-0ubuntu0.16.04.1)
python-letsencrypt-apache (0.4.1-1 => 0.7.0-0ubuntu0.16.04.1)
(though I actually had to apt-get install le
The Let's Encrypt packages in Ubuntu 16.04 will stop working on 13 March
2019. Updates to fix this problem are now ready for testing. Please help
us test!
Certbot (formerly called Let's Encrypt) will stop working properly on 13
March 2019 when TLS-SNI-01 validation is turned off by the primary Let
I successfully ran the integration tests described at
https://wiki.ubuntu.com/StableReleaseUpdates/Certbot.
The packages that were used for testing were:
certbot 0.23.0-1~ubuntu16.04.1
letsencrypt 0.23.0-1~ubuntu16.04.1
python-acme 0.22.2-1ubuntu0.1~16.04.1
python-certbot 0.23.0-1~ubuntu
** Changed in: python-josepy (Ubuntu)
Importance: Undecided => High
** Changed in: python-josepy (Ubuntu Xenial)
Importance: Undecided => High
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/16409
Since the dependency tree is a few packages deep, this set of proposed
updates will take some time to become available for testing in xenial-
proposed. I will coax things through manually as dependencies are built
and published, and comment again with a call for testing when ready.
--
You receive
Hello Peter, or anyone else affected,
Accepted python-acme into xenial-proposed. The package will build now
and be available at https://launchpad.net/ubuntu/+source/python-
acme/0.22.2-1ubuntu0.1~16.04.1 in a few hours, and then in the -proposed
repository.
Please help us by testing this new pack
Hello Peter, or anyone else affected,
Accepted python-josepy into xenial-proposed. The package will build now
and be available at https://launchpad.net/ubuntu/+source/python-
josepy/1.1.0-1~ubuntu16.04.1 in a few hours, and then in the -proposed
repository.
Please help us by testing this new pack
** Description changed:
- This bug contains a list of known major and other issues fixed between
- upstream letsencrypt 0.4.1 and the latest version, certbot 0.9.3 (the
- project has also been renamed to avoid confusion between the python
- client software and the Let's Encrypt CA service).
-
[
FTR, I spotted a couple of things that turned out to be non-issues:
1) The letsencrypt binary has become a symlink and moved to the certbot
binary package. This needs a Breaks/Replaces, which does exist but
doesn't cover the version of letsencrypt currently in xenial-proposed.
However this isn't a
** Description changed:
This bug contains a list of known major and other issues fixed between
upstream letsencrypt 0.4.1 and the latest version, certbot 0.9.3 (the
project has also been renamed to avoid confusion between the python
client software and the Let's Encrypt CA service).
[
Thank you for the review! I've addressed review comments inline. With
Christian sitting next to me we've been through my fixes and he's happy
with them.
I've updated git branches and updated the PPA for python-certbot ~ppa7
only, as that's the only one that contains a functional change from
review
Thank you for the review! I'll look in detail later, but in case it
speeds up an iteration, note that I've started from the perspective that
this is a backport from Bionic - so the cleanups are on the principle of
reducing the diff against Bionic. Where I saw a diff hunk that didn't
seem necessary,
TL;DR
- LGTM a few questions for clarification, but no nacks
I took logs for everything non trivial that I did (wonder about) on review.
+ = LGTM
? = ok, but I'd have a question
x = nack, this should be different
python-acme:
? rebase for 0.22.2-1ubuntu0.1
- The bug #1777205 should get a
Test script passes on the new packages in the PPA.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1640978
Title:
[SRU] Backport letsencrypt from bionic
To manage notifications about this bug go to:
I've fixed that, updated the git repositories under ~certbot, and re-
uploaded to the PPA. I've included some other fixes as well. Full
changes are available to view in the git repositories.
Christian, please could you review all changes in the range
review/2019-02-08..lp1640978 for the packages p
On Wed, Feb 13, 2019 at 05:26:38PM -, Brad Warren wrote:
> I tried manually installing packages from the PPA and running
> https://wiki.ubuntu.com/StableReleaseUpdates/Certbot/TestScript but the
> script failed because the Certbot systemd timer wasn't found.
Thanks. I'll follow up.
I also fou
I tried manually installing packages from the PPA and running
https://wiki.ubuntu.com/StableReleaseUpdates/Certbot/TestScript but the
script failed because the Certbot systemd timer wasn't found.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
I've pulled Michael's current work into git trees available at:
https://code.launchpad.net/~certbot/+git (each has a branch called
lp1640978). Please maintain these branches as fast-forwarding only.
I have updated python-acme, python-certbot, python-letsencrypt and
python-letsencrypt-apache based
> I assume that the patch from 0.22.2-1ubuntu0.1 needs to be included.
Yes, I think this patch should be included. The packages in 18.04
included support Let's Encrypt's newer endpoint, however, this feature
is broken without this patch.
Thanks for catching this. The updated tests now test agains
Thanks Brad!
As Michael seems to be unavailable at the moment I'll try to fix my
review comments up myself. I've asked my colleague Christian to peer-
review my work from this point to fulfil Ubuntu SRU review requirements.
What I don't know the answer to is some of my questions from my reviews
a
I updated and added additional checks to the test script at
https://wiki.ubuntu.com/StableReleaseUpdates/Certbot/TestScript
including tests for all four of the areas Robie flagged in his most
recent post.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subs
Test plan:
Could we agree a specific test plan for this SRU please, in addition to
the usual testing agreed in
https://wiki.ubuntu.com/StableReleaseUpdates/Certbot? Specifically there
are a few things that are special about this one. I'd like to make sure
that somebody makes sure that all the gotc
python-certbot backport review:
The changes you've described look good in general, but I have some
specific questions for pieces for which I couldn't find any explanation:
python-certbot no longer Recommends certbot, but python3-certbot did. Is
this intentional?
In debian/rules, what's the reaso
python-letsencrypt backport review:
I think debian/README.source is now redundant and incorrect and should
be removed?
I see that pkg-info.mk was included from Debian previously. Is this
still necessary?
debian/rules arranges debian/letsencrypt/usr/bin/* but no longer ships a
binary package call
** Description changed:
This bug contains a list of known major and other issues fixed between
upstream letsencrypt 0.4.1 and the latest version, certbot 0.9.3 (the
project has also been renamed to avoid confusion between the python
client software and the Let's Encrypt CA service).
[
I'm reviewing this now.
Michael, did you miss the fix from Bionic uploaded in 0.22.2-1ubuntu0.1?
* Add ready status type to be compatible with the new Let's Encrypt ACMEv2
endpoint (LP: #1777205).
>From the perspective of current Bionic it looks like this is getting
dropped in the backport
This is on python-acme, sorry.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1640978
Title:
[SRU] Backport letsencrypt from bionic
To manage notifications about this bug go to:
https://bugs.launchp
** Changed in: python-acme (Ubuntu)
Importance: Undecided => High
** Changed in: python-certbot (Ubuntu)
Importance: Undecided => High
** Changed in: python-certbot-apache (Ubuntu)
Importance: Undecided => High
** Changed in: python-certbot-nginx (Ubuntu)
Importance: Undecided => Hig
when will new package arrive on the repositories ?
This update is important since the TLS-SNI-01 validation option is soon
turned off by LE.
TLS-SNI-01 validation is reaching end-of-life. It will stop working
temporarily on February 13th, 2019, and permanently on March 13th, 2019.
--
You receiv
This is the backported patch to python-acme, as stated before, this is a
direct backport from upstream to handle compat issues, and extends the
unittests to cover the new backworks compatibility area.
mcasadevall@lighthouse:~/src/le/sru/python-acme-0.22.2/debian/patches$ cat
fix-jose-import
Desc
After testing and further work, a revised python-acme debdiff is
attached. This includes one additional backport that allows josepy to be
imported through the acme package; this change has already been
integrated upstream, and is required to allow packages that assume
acme.jose still existed as par
Breakdown of python-certbot changes; this is a NEW package going into
trusty backported from bionic following the letsencrypt->certbot name
change. A revised debdiff is attached to this bug.
diff -Nru python-certbot-0.23.0/debian/compat
python-certbot-0.23.0/debian/compat
--- python-certbot-0.23.
Breakdown of changes for python ACME; I caught a mistake in the previous
debdiff so reuploading a revised one with this comment:
diff -Nru python-acme-0.22.2/debian/compat python-acme-0.22.2/debian/compat
--- python-acme-0.22.2/debian/compat2018-03-17 15:24:35.0 +
+++ python-acme-
Breakdown of josepy for SRU:
josepy was split from python-acme, and is a NEW package going into
Trusty. This is a straight backport of the bionic packaging.
--- python-josepy-1.1.0/debian/compat 2018-04-15 20:45:24.0 +
+++ python-josepy-1.1.0/debian/compat 2018-11-23 19:55:13.
** Patch added: "python-certbot.debdiff"
https://bugs.launchpad.net/ubuntu/xenial/+source/python-acme/+bug/1640978/+attachment/5220644/+files/python-certbot.debdiff
** Changed in: python-letsencrypt-apache (Ubuntu Xenial)
Assignee: (unassigned) => Michael Casadevall (mcasadevall)
** Chan
** Patch added: "python-certbot-apache.debdiff"
https://bugs.launchpad.net/ubuntu/xenial/+source/python-acme/+bug/1640978/+attachment/5220646/+files/python-certbot-apache.debdiff
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
http
These patches handle straight backports; and are debdiffs from the
bionic versions currently being shipped. For the letsencrypt shims,
these should be handled as NEW packages and not as a debdiff as they
won't exist in bionic and only exist for compat reasons. We're resolving
some final issues but
** Patch added: "python-josepy.debdiff"
https://bugs.launchpad.net/ubuntu/xenial/+source/python-acme/+bug/1640978/+attachment/5220645/+files/python-josepy.debdiff
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchp
48 matches
Mail list logo
