Marc, if there's a way I can give you access to this server thats no problem if it would help. As I mentioned this is just a dev server for a website. Also I just tried update/upgrade again, no go.
ubuntu@t1:~$ sudo apt update Hit:1 http://us-west-2.ec2.archive.ubuntu.com/ubuntu jammy InRelease Get:2 http://us-west-2.ec2.archive.ubuntu.com/ubuntu jammy-updates InRelease [119 kB] Get:3 http://us-west-2.ec2.archive.ubuntu.com/ubuntu jammy-backports InRelease [108 kB] Get:4 http://security.ubuntu.com/ubuntu jammy-security InRelease [110 kB] Fetched 337 kB in 1s (427 kB/s) Reading package lists... Done Building dependency tree... Done Reading state information... Done All packages are up to date. ubuntu@t1:~$ sudo apt upgrade Reading package lists... Done Building dependency tree... Done Reading state information... Done Calculating upgrade... Done Get more security updates through Ubuntu Pro with 'esm-apps' enabled: gsasl-common libjs-jquery-ui php-twig libgsasl7 libmagickwand-6.q16-6 libmagickcore-6.q16-6 imagemagick-6-common Learn more about Ubuntu Pro on AWS at https://ubuntu.com/aws/pro # # An OpenSSL vulnerability has recently been fixed with USN-6188-1 & 6119-1: # CVE-2023-2650: possible DoS translating ASN.1 object identifiers. # Ensure you have updated the package to its latest version. # 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. ubuntu@t1:~$ sudo dpkg -l | grep curl ii curl 7.81.0-1ubuntu1.13 amd64 command line tool for transferring data with URL syntax ii libcurl3-gnutls:amd64 7.81.0-1ubuntu1.13 amd64 easy-to-use client-side URL transfer library (GnuTLS flavour) ii libcurl4:amd64 7.81.0-1ubuntu1.13 amd64 easy-to-use client-side URL transfer library (OpenSSL flavour) ii php7.3-curl 7.3.33-8+ubuntu20.04.1+deb.sury.org+1 amd64 CURL module for PHP ii php7.4-curl 1:7.4.33-1+ubuntu20.04.1+deb.sury.org+1 amd64 CURL module for PHP ii php8.0-curl 1:8.0.26-1+ubuntu20.04.1+deb.sury.org+1 amd64 CURL module for PHP ii php8.1-curl 8.1.2-1ubuntu2.13 amd64 CURL module for PHP ii php8.2-curl 8.2.0-3+ubuntu20.04.1+deb.sury.org+1 amd64 CURL module for PHP ubuntu@t1:~$ ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-2650 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to curl in Ubuntu. https://bugs.launchpad.net/bugs/2028170 Title: curl 7.81.0-1ubuntu1.11 fails verifying proper ssl cert w/ subj-alt- name Status in curl package in Ubuntu: Invalid Status in curl source package in Focal: Invalid Status in curl source package in Jammy: Fix Released Status in curl source package in Kinetic: Invalid Status in curl source package in Lunar: Invalid Status in curl source package in Mantic: Invalid Bug description: With the latest curl 7.81.0-1ubuntu1.11 on ubuntu 22.04, I'm getting the following: curl -v https://raw.githubusercontent.com * Trying 185.199.108.133:443... * Connected to raw.githubusercontent.com (185.199.108.133) port 443 (#0) [...] * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 * ALPN, server accepted to use h2 * Server certificate: * subject: C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=*.github.io * start date: Feb 21 00:00:00 2023 GMT * expire date: Mar 20 23:59:59 2024 GMT * subjectAltName does not match raw.githubusercontent.com * SSL: no alternative certificate subject name matches target host name 'raw.githubusercontent.com' curl: (60) SSL: no alternative certificate subject name matches target host name 'raw.githubusercontent.com' More details here: https://curl.se/docs/sslcerts.html curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the web page mentioned above. -- The alt name looks proper when looking at the cert w/ s_client: openssl s_client -connect raw.githubusercontent.com:443 </dev/null 2>/dev/null | openssl x509 -noout -text X509v3 Subject Alternative Name: DNS:*.github.io, DNS:github.io, DNS:*.github.com, DNS:github.com, DNS:www.github.com, DNS:*.githubusercontent.com, DNS:githubusercontent.com Previous versions of curl work as intended. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/curl/+bug/2028170/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
