This bug was fixed in the package openssl - 3.0.0-1ubuntu1
---------------
openssl (3.0.0-1ubuntu1) jammy; urgency=medium
* Manual merge of version 3.0.0-1 from Debian experimental, remaining
changes:
- Replace duplicate files in the doc directory with symlinks.
- debian/libssl1.1.postinst:
+ Display a system restart required notification on libssl1.1
upgrade on servers, unless needrestart is available.
+ Use a different priority for libssl1.1/restart-services depending
on whether a desktop, or server dist-upgrade is being performed.
+ Skip services restart & reboot notification if needrestart is in-use.
+ Bump version check to to 1.1.1.
+ Import libraries/restart-without-asking template as used by above.
- Revert "Enable system default config to enforce TLS1.2 as a
minimum" & "Increase default security level from 1 to 2".
- Reword the NEWS entry, as applicable on Ubuntu.
- Set OPENSSL_TLS_SECURITY_LEVEL=2 as compiled-in minimum security
level. Change meaning of SECURITY_LEVEL=2 to prohibit TLS versions
below 1.2 and update documentation. Previous default of 1, can be set
by calling SSL_CTX_set_security_level(), SSL_set_security_level() or
using ':@SECLEVEL=1' CipherString value in openssl.cfg.
- Add support for building with noudeb build profile.
* d/p/Don-t-create-an-ECX-key-with-short-keys.patch:
Backported from upstream to fix a regression with short keys (LP: #1946213)
* d/p/Add-null-digest-implementation-to-the-default-provid.patch:
Backported from upstream to fix a compatibility issue with 1.1.1l
* Manually call dh_installdirs to fix build failure
* Drop some Ubuntu patches merged upstream
+ The s390x series (00xx) has been applied upstream
+ The lp-1927161 Intel CET series has been applied upstream
+ CVE-2021-3449 has been fixed upstream
+ CVE-2021-3450 doesn't apply to 3.0 branch
* Refresh and adapt the remaining patches
openssl (3.0.0-1) experimental; urgency=medium
* Import 3.0.0.
* Add avr32, patch by Vineet Gupta (Closes: #989442).
openssl (3.0.0~~beta2-1) experimental; urgency=medium
* Import 3.0.0-beta2.
openssl (3.0.0~~beta1-1) experimental; urgency=medium
* Import 3.0.0-beta1.
* Use HARNESS_VERBOSE again (otherwise the test suite might killed since no
progress is visible).
openssl (3.0.0~~alpha16-1) experimental; urgency=medium
* Import 3.0.0-alpha16.
* Use VERBOSE_FAILURE to log only failures in the build log.
openssl (3.0.0~~alpha15-1) experimental; urgency=medium
* Import 3.0.0-alpha15.
openssl (3.0.0~~alpha13-2) experimental; urgency=medium
* Add a proposed patch from upstream to skip negativ errno number in the
testsuite to pass the testsute on hurd.
* Always link against libatomic.
openssl (3.0.0~~alpha13-1) experimental; urgency=medium
* Import 3.0.0-alpha13.
* Move configuration.h to architecture specific include folder. Patch from
Antonio Terceiro (Closes: #985555).
* Enable LFS. Thanks to Dan Nicholson for debugging (Closes: #923479).
* drop `lsof', the testsuite is not using it anymore.
* Enable ktls.
openssl (3.0.0~~alpha4-1) experimental; urgency=medium
* Import 3.0.0-alpha4.
* Add `lsof' which is needed by the test suite.
* Add ossl-modules to libcrypto's udeb.
openssl (3.0.0~~alpha3-1) experimental; urgency=medium
* Import 3.0.0-alpha3
* Install the .so files only in the -dev package (Closes: #962548).
openssl (3.0.0~~alpha1-1) experimental; urgency=medium
* Import 3.0.0-alpha1 (Closes: #934836).
-- Simon Chopin <simon.cho...@canonical.com> Mon, 20 Sep 2021 18:09:50
+0200
** Changed in: openssl (Ubuntu)
Status: Invalid => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3449
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3450
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1946213
Title:
strongswan: Fail to build against OpenSSL 3.0
Status in OpenSSL:
Fix Released
Status in strongSwan:
New
Status in openssl package in Ubuntu:
Fix Released
Status in strongswan package in Ubuntu:
Fix Released
Bug description:
Hello,
As part of a rebuild against OpenSSL3, this package failed to build on one or
several architectures. You can find the details of the rebuild at
https://people.canonical.com/~schopin/rebuilds/openssl-3.0.0-impish.html
or for the amd64 failed build, directly at
https://launchpad.net/~schopin/+archive/ubuntu/openssl-3.0.0/+build/22099394/+files/buildlog_ubuntu-
impish-amd64.strongswan_5.9.1-1ubuntu3.0~ssl3ppa1.1_BUILDING.txt.gz
We're planning to transition to OpenSSL 3.0 for the 22.04 release, and
consider
this issue as blocking for this transition.
You can find general migration informations at
https://www.openssl.org/docs/manmaster/man7/migration_guide.html
For your tests, you can build against libssl-dev as found in the PPA
schopin/openssl-3.0.0
The issue looks fixed upstream on master:
https://github.com/strongswan/strongswan/commit/72e5b3b7022ad14b245565a5aadcd097106af168
To manage notifications about this bug go to:
https://bugs.launchpad.net/openssl/+bug/1946213/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
