There isn't a plan completely laid out for backporting this. It can be done but as you can see here, it's a very minimal change and it barely passes the criteria for backporting. This means it absolutely must be staged so that it's picked up by a subsequent security update rather than being a standalone update (openssl is installed everywhere so changing the package affects everybody, it's high-impact).
With that said, it's also a change that sits in a weird spot: once you've understood the issue, then you probably don't need the warning anymore and search engines should help find it now. Can you explain your need a bit so I can better gauge the need? Did you encounter the issue or are you rather trying to make sure you don't? BTW, with plucky being released soon, you'll start seeing the effect of the change if the container you run is on plucky. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ca-certificates in Ubuntu. https://bugs.launchpad.net/bugs/2066990 Title: openssl fails with out of memory messages while trying to load the FIPS provider in a non-FIPS container on a FIPS host Status in ca-certificates package in Ubuntu: Invalid Status in openssl package in Ubuntu: Fix Released Bug description: I wanted to try the new Ubuntu 24.04 Noble Numbat based .NET docker image and updated the base docker image in our CI pipeline to mcr.microsoft.com/dotnet/sdk:8.0-noble. However, it results in an out- of-memory exception. Based on my investigation, the exception occurs specifically when the update-ca-certificates command is executed. I can also repro the issue with ubuntu:noble image which means it's not specific to .NET docker images. It works fine with Jammy, by the way. The problem likely lies with the Noble base image rather than the .NET image. I'm not sure what changes were made between Jammy and Noble, but it appears that updating certificates consumes a lot of memory in Noble. I adjusted some memory settings in our GitLab runner, but it didn't resolve the issue. I attached all Gitlab Runner shell logs for .NET 8 Jammy, .NET 8 Noble and Ubuntu Noble images. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/2066990/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
