The affected releases have SHA-1 disabled. The upstream fix was to
reenable it for compatibility. I don't know if that is a good decision
though, because SHA-1 has been deprecated by browsers and CAs. Firefox
returns an error when I try to connect to
https://ftp.f3l.de/aurbs/x86_64/aurbs.db which is the subject of the
upstream bug report.

"Your connection is not secure

The owner of ftp.f3l.de has configured their website improperly. To
protect your information from being stolen, Firefox has not connected to
this website.

ftp.f3l.de uses an invalid security certificate.

The certificate is not trusted because it was signed using a signature
algorithm that was disabled because that algorithm is not secure.

Error code: SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED"

** Information type changed from Public to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1553778

Title:
  aria2 is unable to connect to some HTTPS sites

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/aria2/+bug/1553778/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to