gnutls plans for focal LTS?
Dimitri John Ledkov
dimitri.ledkov at canonical.com
Fri Oct 1 19:48:34 UTC 2021
On Fri, Oct 1, 2021 at 7:02 PM John Cummings <john at rootabega.net> wrote:
>
> Hello, does anyone know what the plans are for gnutls in Ubuntu 20.04.03 LTS (focal fossa)? It is currently at 3.6.13, and I don't see an update in focal-backports. The recent expiration of a root certificate used in older Let's Encrypt cert paths has triggered a problem in this version, which is fixed in 3.6.14. I see that this fix was backported to gnutls 3.5 in bionic:
> https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1928648
>
> Are there (normally?) plans to add 3.6.14 to focal/focal-backports, or to backport this fix into a 3.6.13 update like was done for bionic?
>
> Thank you!
>
Note that thanks to the ca-certificates package update in focal
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1944481
/ https://ubuntu.com/security/notices/USN-5089-1 gnutls operates
correctly with letsencrypt servers with either short or long chains in
all releases of Ubuntu, including Focal's version of the package.
You are correct that focal's version of gnutls is affected and this
may trip up again, whenever the next CA expires. I've added a target
focal series on the gnutls bug report, but not it is not time critical
to fix it at the moment.
Regards,
Dimitri.
More information about the Ubuntu-devel-discuss
mailing list