[Bug 955675] Re: openssl s_client's '-ssl2' option no longer works in 12.04
Seth Arnold
955675 at bugs.launchpad.net
Wed Mar 2 21:41:54 UTC 2016
Moses, we've already released updates for the March 2016 roundup of
issues from OpenSSL http://www.ubuntu.com/usn/usn-2914-1/ . We do not
ship point updates from OpenSSL for security updates because they
sometimes break ABI or introduce other regressions (see e.g.
https://bugs.gentoo.org/show_bug.cgi?id=576128 ).
Note that since we've disabled SSLv2 for years DROWN did not apply to
our packages, but of course the other issues did.
If you wish to prepare a debdiff that removes the -ssl2 options from
manpages and so on we'd consider including it in future updates. It's
not a high priority for us so we're unlikely to get to it.
Thanks
** Bug watch added: Gentoo Bugzilla #576128
https://bugs.gentoo.org/show_bug.cgi?id=576128
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/955675
Title:
openssl s_client's '-ssl2' option no longer works in 12.04
Status in openssl package in Ubuntu:
Confirmed
Bug description:
the s_client(1) man page describes -tls1, -ssl3 and -ssl2. The latter
isn't recognised by openssl in 12.04:
aj at aj-Vostro-260:~$ openssl version
OpenSSL 1.0.0g 18 Jan 2012
aj at aj-Vostro-260:~$ openssl s_client -ssl2
unknown option -ssl2
usage: s_client args
<snipped>
aj at aj-Vostro-260:~$ openssl s_client -ssl3
connect: Connection refused
connect:errno=111
aj at aj-Vostro-260:~$ openssl s_client -tls1
connect: Connection refused
connect:errno=111
aj at aj-Vostro-260:~$
This option should still continue to work, please do not leave
disabled.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/955675/+subscriptions
More information about the foundations-bugs
mailing list