[Bug 1788262] Re: backport request of upstream commit c74bd70c3a97e30f0560bee9b7fa1bfc767ebf0b on xenial
Eric Desrochers
eric.desrochers at canonical.com
Tue Aug 21 18:28:04 UTC 2018
** Description changed:
- Please backport
- https://github.com/urllib3/urllib3/commit/c74bd70c3a97e30f0560bee9b7fa1bfc767ebf0b
- to urllib3 on xenial.
+ ** DRAFT in progress...**
+
+ [Impact]
+ The urllib3 library is not using the alternative name field on a TLS certificate to validate the certificate. The problem has been fixed, and we want to take advantage of the fix in Xenial.
+
+ "Initial error that was hit while using requests to query an endpoint by
+ ip with a self signed cert:
+
+ requests.exceptions.SSLError: hostname 'XX.XX.XX.XXX' doesn't match
+ either of 'XXXX', 'YYYY', 'ZZZZ'
+
+ [Test Case]
+ TBD
+
+ [Regression Potential]
+ TBD
+
+ [Other Info]
+
+ # Upstream commit :
+ https://github.com/urllib3/urllib3/commit/c74bd70c3a97e30f0560bee9b7fa1bfc767ebf0b
+
+ Xenial only is affected, Bionic & Cosmic already has the change:
+
+ # Upstream
+ git describe --contains c74bd70
+ 1.18^2~4
+
+ # Rmadison
+ python-urllib3 | 1.13.1-2 | xenial | source, all
+ python-urllib3 | 1.13.1-2ubuntu0.16.04.1 | xenial-updates | source, all
+ python-urllib3 | 1.22-1 | bionic | source, all
+ python-urllib3 | 1.22-1 | cosmic | source, all
+
+ [Original Description]
+ Please backport
+ https://github.com/urllib3/urllib3/commit/c74bd70c3a97e30f0560bee9b7fa1bfc767ebf0b
+ to urllib3 on xenial.
The urllib3 library is not using the alternative name field on a TLS
certificate to validate the certificate. The problem has been fixed, and
we want to take advantage of the fix in Xenial.
- Earliest version of urllib3 library that incorporates this change: 1.18
+ Earliest version of urllib3 library that incorporates this change: 1.18
Earliest version of requests library that bundles this: 2.12.0 (which is actually using urllib3 1.19)
** Description changed:
** DRAFT in progress...**
[Impact]
The urllib3 library is not using the alternative name field on a TLS certificate to validate the certificate. The problem has been fixed, and we want to take advantage of the fix in Xenial.
"Initial error that was hit while using requests to query an endpoint by
ip with a self signed cert:
requests.exceptions.SSLError: hostname 'XX.XX.XX.XXX' doesn't match
either of 'XXXX', 'YYYY', 'ZZZZ'
[Test Case]
TBD
[Regression Potential]
TBD
[Other Info]
# Upstream commit :
+ Add support for IP address SAN fields.
https://github.com/urllib3/urllib3/commit/c74bd70c3a97e30f0560bee9b7fa1bfc767ebf0b
Xenial only is affected, Bionic & Cosmic already has the change:
# Upstream
git describe --contains c74bd70
1.18^2~4
# Rmadison
- python-urllib3 | 1.13.1-2 | xenial | source, all
- python-urllib3 | 1.13.1-2ubuntu0.16.04.1 | xenial-updates | source, all
- python-urllib3 | 1.22-1 | bionic | source, all
- python-urllib3 | 1.22-1 | cosmic | source, all
+ python-urllib3 | 1.13.1-2 | xenial | source, all
+ python-urllib3 | 1.13.1-2ubuntu0.16.04.1 | xenial-updates | source, all
+ python-urllib3 | 1.22-1 | bionic | source, all
+ python-urllib3 | 1.22-1 | cosmic | source, all
[Original Description]
Please backport
https://github.com/urllib3/urllib3/commit/c74bd70c3a97e30f0560bee9b7fa1bfc767ebf0b
to urllib3 on xenial.
The urllib3 library is not using the alternative name field on a TLS
certificate to validate the certificate. The problem has been fixed, and
we want to take advantage of the fix in Xenial.
Earliest version of urllib3 library that incorporates this change: 1.18
Earliest version of requests library that bundles this: 2.12.0 (which is actually using urllib3 1.19)
** Description changed:
** DRAFT in progress...**
[Impact]
The urllib3 library is not using the alternative name field on a TLS certificate to validate the certificate. The problem has been fixed, and we want to take advantage of the fix in Xenial.
"Initial error that was hit while using requests to query an endpoint by
ip with a self signed cert:
requests.exceptions.SSLError: hostname 'XX.XX.XX.XXX' doesn't match
either of 'XXXX', 'YYYY', 'ZZZZ'
[Test Case]
TBD
[Regression Potential]
TBD
[Other Info]
# Upstream commit :
Add support for IP address SAN fields.
https://github.com/urllib3/urllib3/commit/c74bd70c3a97e30f0560bee9b7fa1bfc767ebf0b
Xenial only is affected, Bionic & Cosmic already has the change:
# Upstream
- git describe --contains c74bd70
- 1.18^2~4
+ git describe --contains c74bd70
+ 1.18^2~4
# Rmadison
python-urllib3 | 1.13.1-2 | xenial | source, all
python-urllib3 | 1.13.1-2ubuntu0.16.04.1 | xenial-updates | source, all
python-urllib3 | 1.22-1 | bionic | source, all
python-urllib3 | 1.22-1 | cosmic | source, all
[Original Description]
Please backport
https://github.com/urllib3/urllib3/commit/c74bd70c3a97e30f0560bee9b7fa1bfc767ebf0b
to urllib3 on xenial.
The urllib3 library is not using the alternative name field on a TLS
certificate to validate the certificate. The problem has been fixed, and
we want to take advantage of the fix in Xenial.
Earliest version of urllib3 library that incorporates this change: 1.18
Earliest version of requests library that bundles this: 2.12.0 (which is actually using urllib3 1.19)
** Changed in: python-urllib3 (Ubuntu Xenial)
Importance: Undecided => Medium
** Changed in: python-urllib3 (Ubuntu Xenial)
Status: New => Confirmed
** Description changed:
** DRAFT in progress...**
[Impact]
The urllib3 library is not using the alternative name field on a TLS certificate to validate the certificate. The problem has been fixed, and we want to take advantage of the fix in Xenial.
"Initial error that was hit while using requests to query an endpoint by
ip with a self signed cert:
requests.exceptions.SSLError: hostname 'XX.XX.XX.XXX' doesn't match
either of 'XXXX', 'YYYY', 'ZZZZ'
[Test Case]
TBD
[Regression Potential]
TBD
[Other Info]
+ # Upstream bug:
+ https://github.com/urllib3/urllib3/issues/258
+
# Upstream commit :
Add support for IP address SAN fields.
https://github.com/urllib3/urllib3/commit/c74bd70c3a97e30f0560bee9b7fa1bfc767ebf0b
Xenial only is affected, Bionic & Cosmic already has the change:
# Upstream
- git describe --contains c74bd70
- 1.18^2~4
+ git describe --contains c74bd70
+ 1.18^2~4
# Rmadison
python-urllib3 | 1.13.1-2 | xenial | source, all
python-urllib3 | 1.13.1-2ubuntu0.16.04.1 | xenial-updates | source, all
python-urllib3 | 1.22-1 | bionic | source, all
python-urllib3 | 1.22-1 | cosmic | source, all
[Original Description]
Please backport
https://github.com/urllib3/urllib3/commit/c74bd70c3a97e30f0560bee9b7fa1bfc767ebf0b
to urllib3 on xenial.
The urllib3 library is not using the alternative name field on a TLS
certificate to validate the certificate. The problem has been fixed, and
we want to take advantage of the fix in Xenial.
Earliest version of urllib3 library that incorporates this change: 1.18
Earliest version of requests library that bundles this: 2.12.0 (which is actually using urllib3 1.19)
** Summary changed:
- backport request of upstream commit c74bd70c3a97e30f0560bee9b7fa1bfc767ebf0b on xenial
+ Add support for IP address SAN fields.
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to python-urllib3 in Ubuntu.
https://bugs.launchpad.net/bugs/1788262
Title:
Add support for IP address SAN fields.
Status in python-urllib3 package in Ubuntu:
Fix Released
Status in python-urllib3 source package in Xenial:
Confirmed
Bug description:
** DRAFT in progress...**
[Impact]
The urllib3 library is not using the alternative name field on a TLS certificate to validate the certificate. The problem has been fixed, and we want to take advantage of the fix in Xenial.
"Initial error that was hit while using requests to query an endpoint
by ip with a self signed cert:
requests.exceptions.SSLError: hostname 'XX.XX.XX.XXX' doesn't match
either of 'XXXX', 'YYYY', 'ZZZZ'
[Test Case]
TBD
[Regression Potential]
TBD
[Other Info]
# Upstream bug:
https://github.com/urllib3/urllib3/issues/258
# Upstream commit :
Add support for IP address SAN fields.
https://github.com/urllib3/urllib3/commit/c74bd70c3a97e30f0560bee9b7fa1bfc767ebf0b
Xenial only is affected, Bionic & Cosmic already has the change:
# Upstream
git describe --contains c74bd70
1.18^2~4
# Rmadison
python-urllib3 | 1.13.1-2 | xenial | source, all
python-urllib3 | 1.13.1-2ubuntu0.16.04.1 | xenial-updates | source, all
python-urllib3 | 1.22-1 | bionic | source, all
python-urllib3 | 1.22-1 | cosmic | source, all
[Original Description]
Please backport
https://github.com/urllib3/urllib3/commit/c74bd70c3a97e30f0560bee9b7fa1bfc767ebf0b
to urllib3 on xenial.
The urllib3 library is not using the alternative name field on a TLS
certificate to validate the certificate. The problem has been fixed,
and we want to take advantage of the fix in Xenial.
Earliest version of urllib3 library that incorporates this change: 1.18
Earliest version of requests library that bundles this: 2.12.0 (which is actually using urllib3 1.19)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python-urllib3/+bug/1788262/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list