Ubuntu
ruby3.1 package

Merge ~adrien/ubuntu/+source/ruby3.1:replace-expired-certificate into ubuntu/+source/ruby3.1:ubuntu/devel

  1. Git
  2. lp:~adrien/ubuntu/+source/ruby3.1
  3. replace-expired-certificate
  4. Merge into ubuntu/devel
Proposed by Adrien Nader
Status: Merged
Merged at revision: 729971ec5db5c602928188c67b7fd54e2ecbc73a
Proposed branch: ~adrien/ubuntu/+source/ruby3.1:replace-expired-certificate
Merge into: ubuntu/+source/ruby3.1:ubuntu/devel
Diff against target: 292 lines (+270/-0)
3 files modified
debian/changelog (+7/-0)
debian/patches/renew-test-certificates-844672256e8e843a7e3a52b7e3c9bb8ea4c328b4.patch (+260/-0)
debian/patches/series (+3/-0)
Reviewer Review Type Date Requested Status
Sergio Durigan Junior (community) Approve
git-ubuntu import Pending
Ubuntu Sponsors Pending
Review via email: mp+459521@code.launchpad.net

This proposal supersedes a proposal from 2024-01-19.

Description of the change

Update expired test certificates.

To post a comment you must log in.
Revision history for this message
Sergio Durigan Junior (sergiodj) wrote : Posted in a previous version of this proposal

Thanks for the MP.

I'm leaving a comment below asking for DEP-3 headers. I'd also like to clarify why you mentioned "merge" in the Description. Just trying to understand whether you had planned to do an actual merge :-).

Also: is there an upstream/Ubuntu bug regarding this?

Thanks!

review: Needs Information
Revision history for this message
Adrien Nader (adrien) wrote : Posted in a previous version of this proposal

Hi Sergio,

I've updated the merge requests. Sorry about the DEP-3 headers: I had put them in a previous "iteration" of the patch and subsequently lost them because there were several patches floating upstream in parallel. On the positive side, I noticed a specific merge of this change in the 3.1 branch upstream and was able to use the exact same commit hash now.

There is an upstream bug for this: Bug: https://bugs.ruby-lang.org/issues/20106
(I hadn't noticed it the previously)
But no ubuntu bug. I noticed this because of failing tests for migration (either of gnutls28 or of openssl, I don't remember).

As for the use of "merge", I can't see find where I used that. In any case, this is a patch from upstream, now present in 3.1, 3.2, and 3.3 branches but only released through the 3.2 branch. I'm reusing it without any change.

Revision history for this message
Adrien Nader (adrien) wrote : Posted in a previous version of this proposal

Forgot to mention there is a PPA at https://launchpad.net/~adrien-n/+archive/ubuntu/noble-ruby-update-test-certificate .

Admittedly, the package dates back to the original submission of this bug and the patch lacked DEP-3 headers but the updated package also built locally and since it's Friday evening, LP won't publish builds before the end of the week.

Revision history for this message
Simon Chopin (schopin) wrote : Posted in a previous version of this proposal

Not planning on sponsoring this, but regarding the lack of bug, it's a good idea in general to file LP bugs for a simple reason: they're a stable reference to get context when examining your system (e.g. d/changelog is present on the user's system whereas the git-ubuntu history isn't). In this case it would also have allowed you to tag the bug as `update-excuse` as it seems to be relevant for -proposed migrations.

Revision history for this message
Adrien Nader (adrien) wrote : Posted in a previous version of this proposal

I can create an LP bug and re-spin the patch but not before Monday.

(and I was expecting this to be quicker and with less migration impact)

Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

Thanks, Adrien.

Uploaded:

$ dput ruby3.1_3.1.2-7ubuntu4_source.changes
Trying to upload package to ubuntu
Checking signature on .changes
gpg: /home/sergio/work/ruby3.1/ruby3.1_3.1.2-7ubuntu4_source.changes: Valid signature from 106DA1C8C3CBBF14
Checking signature on .dsc
gpg: /home/sergio/work/ruby3.1/ruby3.1_3.1.2-7ubuntu4.dsc: Valid signature from 106DA1C8C3CBBF14
Uploading to ubuntu (via ftp to upload.ubuntu.com):
  Uploading ruby3.1_3.1.2-7ubuntu4.dsc: done.
  Uploading ruby3.1_3.1.2-7ubuntu4.debian.tar.xz: done.
  Uploading ruby3.1_3.1.2-7ubuntu4_source.buildinfo: done.
  Uploading ruby3.1_3.1.2-7ubuntu4_source.changes: done.
Successfully uploaded packages.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/debian/changelog b/debian/changelog
index 75aabc4..bcf5b32 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
1ruby3.1 (3.1.2-7ubuntu4) noble; urgency=medium
2
3 * Replace expired certificate in tests with upstream patch (LP: #2051380)
4 - renew-test-certificates-d3933fc753187a055a4904af82f5f3794c88c416.patch
5
6 -- Adrien Nader <adrien.nader@canonical.com> Fri, 26 Jan 2024 18:00:42 +0100
7
1ruby3.1 (3.1.2-7ubuntu3) mantic; urgency=medium8ruby3.1 (3.1.2-7ubuntu3) mantic; urgency=medium
29
3 * Mark strlcat strlcpy as optional, since they are now part of glibc10 * Mark strlcat strlcpy as optional, since they are now part of glibc
diff --git a/debian/patches/renew-test-certificates-844672256e8e843a7e3a52b7e3c9bb8ea4c328b4.patch b/debian/patches/renew-test-certificates-844672256e8e843a7e3a52b7e3c9bb8ea4c328b4.patch
4new file mode 10064411new file mode 100644
index 0000000..ab74b12
--- /dev/null
+++ b/debian/patches/renew-test-certificates-844672256e8e843a7e3a52b7e3c9bb8ea4c328b4.patch
@@ -0,0 +1,260 @@
1From 844672256e8e843a7e3a52b7e3c9bb8ea4c328b4 Mon Sep 17 00:00:00 2001
2From: Sorah Fukumori <her@sorah.jp>
3Date: Mon, 1 Jan 2024 20:45:54 +0900
4Subject: [PATCH] [ruby/net-http] Renew test certificates
5
6The private key is replaced with a public known test key published at
7[RFC 9500].
8
9Also lifetime has been extended to 10 years from 4 years.
10
11[RFC 9500]: https://www.rfc-editor.org/rfc/rfc9500.html
12
13https://github.com/ruby/net-http/commit/4ab6c4a500
14Applied-Upstream: 3.1.5 (expected), 3.2.3, 3.3.1 (expected)
15Bug: https://bugs.ruby-lang.org/issues/20106
16Origin: upstream, https://github.com/ruby/ruby/pull/9420/commits/844672256e8e843a7e3a52b7e3c9bb8ea4c328b4
17Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/ruby3.1/+bug/2051380
18---
19 test/net/fixtures/Makefile | 6 +--
20 test/net/fixtures/cacert.pem | 44 ++++++++--------
21 test/net/fixtures/server.crt | 99 +++++++-----------------------------
22 test/net/fixtures/server.key | 55 ++++++++++----------
23 4 files changed, 71 insertions(+), 133 deletions(-)
24
25diff --git a/test/net/fixtures/Makefile b/test/net/fixtures/Makefile
26index b2bc9c7368ee2e..88c232e3b6c16b 100644
27--- a/test/net/fixtures/Makefile
28+++ b/test/net/fixtures/Makefile
29@@ -5,11 +5,11 @@ regen_certs:
30 make server.crt
31
32 cacert.pem: server.key
33- openssl req -new -x509 -days 1825 -key server.key -out cacert.pem -text -subj "/C=JP/ST=Shimane/L=Matz-e city/O=Ruby Core Team/CN=Ruby Test CA/emailAddress=security@ruby-lang.org"
34+ openssl req -new -x509 -days 3650 -key server.key -out cacert.pem -subj "/C=JP/ST=Shimane/L=Matz-e city/O=Ruby Core Team/CN=Ruby Test CA/emailAddress=security@ruby-lang.org"
35
36 server.csr:
37- openssl req -new -key server.key -out server.csr -text -subj "/C=JP/ST=Shimane/O=Ruby Core Team/OU=Ruby Test/CN=localhost"
38+ openssl req -new -key server.key -out server.csr -subj "/C=JP/ST=Shimane/O=Ruby Core Team/OU=Ruby Test/CN=localhost"
39
40 server.crt: server.csr cacert.pem
41- openssl x509 -days 1825 -CA cacert.pem -CAkey server.key -set_serial 00 -in server.csr -req -text -out server.crt
42+ openssl x509 -days 3650 -CA cacert.pem -CAkey server.key -set_serial 00 -in server.csr -req -out server.crt
43 rm server.csr
44diff --git a/test/net/fixtures/cacert.pem b/test/net/fixtures/cacert.pem
45index f623bd62ed3758..24c83f1c652253 100644
46--- a/test/net/fixtures/cacert.pem
47+++ b/test/net/fixtures/cacert.pem
48@@ -1,24 +1,24 @@
49 -----BEGIN CERTIFICATE-----
50-MIID7TCCAtWgAwIBAgIJAIltvxrFAuSnMA0GCSqGSIb3DQEBCwUAMIGMMQswCQYD
51-VQQGEwJKUDEQMA4GA1UECAwHU2hpbWFuZTEUMBIGA1UEBwwLTWF0ei1lIGNpdHkx
52-FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0Ex
53-JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwHhcNMTkwMTAy
54-MDI1ODI4WhcNMjQwMTAxMDI1ODI4WjCBjDELMAkGA1UEBhMCSlAxEDAOBgNVBAgM
55-B1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQKDA5SdWJ5IENv
56-cmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZIhvcNAQkBFhZz
57-ZWN1cml0eUBydWJ5LWxhbmcub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
58-CgKCAQEAznlbjRVhz1NlutHVrhcGnK8W0qug2ujKXv1njSC4U6nJF6py7I9EeehV
59-SaKePyv+I9z3K1LnfUHOtUbdwdKC77yN66A6q2aqzu5q09/NSykcZGOIF0GuItYI
60-3nvW3IqBddff2ffsyR+9pBjfb5AIPP08WowF9q4s1eGULwZc4w2B8PFhtxYANd7d
61-BvGLXFlcufv9tDtzyRi4t7eqxCRJkZQIZNZ6DHHIJrNxejOILfHLarI12yk8VK6L
62-2LG4WgGqyeePiRyd1o1MbuiAFYqAwpXNUbRKg5NaZGwBHZk8UZ+uFKt1QMBURO5R
63-WFy1c349jbWszTqFyL4Lnbg9HhAowQIDAQABo1AwTjAdBgNVHQ4EFgQU9tEiKdU9
64-I9derQyc5nWPnc34nVMwHwYDVR0jBBgwFoAU9tEiKdU9I9derQyc5nWPnc34nVMw
65-DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAxj7F/u3C3fgq24N7hGRA
66-of7ClFQxGmo/IGT0AISzW3HiVYiFaikKhbO1NwD9aBpD8Zwe62sCqMh8jGV/b0+q
67-aOORnWYNy2R6r9FkASAglmdF6xn3bhgGD5ls4pCvcG9FynGnGc24g6MrjFNrBYUS
68-2iIZsg36i0IJswo/Dy6HLphCms2BMCD3DeWtfjePUiTmQHJo6HsQIKP/u4N4Fvee
69-uMBInei2M4VU74fLXbmKl1F9AEX7JDP3BKSZG19Ch5pnUo4uXM1uNTGsi07P4Y0s
70-K44+SKBC0bYEFbDK0eQWMrX3kIhkPxyIWhxdq9/NqPYjShuSEAhA6CSpmRg0pqc+
71-mA==
72+MIID+zCCAuOgAwIBAgIUGMvHl3EhtKPKcgc3NQSAYfFuC+8wDQYJKoZIhvcNAQEL
73+BQAwgYwxCzAJBgNVBAYTAkpQMRAwDgYDVQQIDAdTaGltYW5lMRQwEgYDVQQHDAtN
74+YXR6LWUgY2l0eTEXMBUGA1UECgwOUnVieSBDb3JlIFRlYW0xFTATBgNVBAMMDFJ1
75+YnkgVGVzdCBDQTElMCMGCSqGSIb3DQEJARYWc2VjdXJpdHlAcnVieS1sYW5nLm9y
76+ZzAeFw0yNDAxMDExMTQ3MjNaFw0zMzEyMjkxMTQ3MjNaMIGMMQswCQYDVQQGEwJK
77+UDEQMA4GA1UECAwHU2hpbWFuZTEUMBIGA1UEBwwLTWF0ei1lIGNpdHkxFzAVBgNV
78+BAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0ExJTAjBgkq
79+hkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwggEiMA0GCSqGSIb3DQEB
80+AQUAA4IBDwAwggEKAoIBAQCw+egZQ6eumJKq3hfKfED4dE/tL4FI5sjqont9ABVI
81++1GSqyi1bFBgsRjM0THllIdMbKmJtWwnKW8J+5OgNN8y6Xxv8JmM/Y5vQt2lis0f
82+qXmG8UTz0VTWdlAXXmhUs6lSADvAaIe4RVrCsZ97L3ZQTryY7JRVcbB4khUN3Gp0
83+yg+801SXzoFTTa+UGIRLE66jH51aa5VXu99hnv1OiH8tQrjdi8mH6uG/icq4XuIe
84+NWMF32wHqIOOPvQcWV3M5D2vxJEj702Ku6k9OQXkAo17qRSEonWW4HtLbtmS8He1
85+JNPc/n3dVUm+fM6NoDXPoLP7j55G9zKyqGtGAWXAj1MTAgMBAAGjUzBRMB0GA1Ud
86+DgQWBBSJGVleDvFp9cu9R+E0/OKYzGkwkTAfBgNVHSMEGDAWgBSJGVleDvFp9cu9
87+R+E0/OKYzGkwkTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBl
88+8GLB8skAWlkSw/FwbUmEV3zyqu+p7PNP5YIYoZs0D74e7yVulGQ6PKMZH5hrZmHo
89+orFSQU+VUUirG8nDGj7Rzce8WeWBxsaDGC8CE2dq6nC6LuUwtbdMnBrH0LRWAz48
90+jGFF3jHtVz8VsGfoZTZCjukWqNXvU6hETT9GsfU+PZqbqcTVRPH52+XgYayKdIbD
91+r97RM4X3+aXBHcUW0b76eyyi65RR/Xtvn8ioZt2AdX7T2tZzJyXJN3Hupp77s6Ui
92+AZR35SToHCZeTZD12YBvLBdaTPLZN7O/Q/aAO9ZiJaZ7SbFOjz813B2hxXab4Fob
93+2uJX6eMWTVxYK5D4M9lm
94 -----END CERTIFICATE-----
95diff --git a/test/net/fixtures/server.crt b/test/net/fixtures/server.crt
96index 5ca78a6d146a00..5d2923795dabca 100644
97--- a/test/net/fixtures/server.crt
98+++ b/test/net/fixtures/server.crt
99@@ -1,82 +1,21 @@
100-Certificate:
101- Data:
102- Version: 3 (0x2)
103- Serial Number: 2 (0x2)
104- Signature Algorithm: sha256WithRSAEncryption
105- Issuer: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org
106- Validity
107- Not Before: Jan 2 03:27:13 2019 GMT
108- Not After : Jan 1 03:27:13 2024 GMT
109- Subject: C=JP, ST=Shimane, O=Ruby Core Team, OU=Ruby Test, CN=localhost
110- Subject Public Key Info:
111- Public Key Algorithm: rsaEncryption
112- Public-Key: (2048 bit)
113- Modulus:
114- 00:e8:da:9c:01:2e:2b:10:ec:49:cd:5e:07:13:07:
115- 9c:70:9e:c6:74:bc:13:c2:e1:6f:c6:82:fd:e3:48:
116- e0:2c:a5:68:c7:9e:42:de:60:54:65:e6:6a:14:57:
117- 7a:30:d0:cc:b5:b6:d9:c3:d2:df:c9:25:97:54:67:
118- cf:f6:be:5e:cb:8b:ee:03:c5:e1:e2:f9:e7:f7:d1:
119- 0c:47:f0:b8:da:33:5a:ad:41:ad:e7:b5:a2:7b:b7:
120- bf:30:da:60:f8:e3:54:a2:bc:3a:fd:1b:74:d9:dc:
121- 74:42:e9:29:be:df:ac:b4:4f:eb:32:f4:06:f1:e1:
122- 8c:4b:a8:8b:fb:29:e7:b1:bf:1d:01:ee:73:0f:f9:
123- 40:dc:d5:15:79:d9:c6:73:d0:c0:dd:cb:e4:da:19:
124- 47:80:c6:14:04:72:fd:9a:7c:8f:11:82:76:49:04:
125- 79:cc:f2:5c:31:22:95:13:3e:5d:40:a6:4d:e0:a3:
126- 02:26:7d:52:3b:bb:ed:65:a1:0f:ed:6b:b0:3c:d4:
127- de:61:15:5e:d3:dd:68:09:9f:4a:57:a5:c2:a9:6d:
128- 86:92:c5:f4:a4:d4:b7:13:3b:52:63:24:05:e2:cc:
129- e3:8a:3c:d4:35:34:2b:10:bb:58:72:e7:e1:8d:1d:
130- 74:8c:61:16:20:3d:d0:1c:4e:8f:6e:fd:fe:64:10:
131- 4f:41
132- Exponent: 65537 (0x10001)
133- X509v3 extensions:
134- X509v3 Basic Constraints:
135- CA:FALSE
136- Netscape Comment:
137- OpenSSL Generated Certificate
138- X509v3 Subject Key Identifier:
139- ED:28:C2:7E:AB:4B:C8:E8:FE:55:6D:66:95:31:1C:2D:60:F9:02:36
140- X509v3 Authority Key Identifier:
141- keyid:F6:D1:22:29:D5:3D:23:D7:5E:AD:0C:9C:E6:75:8F:9D:CD:F8:9D:53
142-
143- Signature Algorithm: sha256WithRSAEncryption
144- 1d:b8:c5:8b:72:41:20:65:ad:27:6f:15:63:06:26:12:8d:9c:
145- ad:ca:f4:db:97:b4:90:cb:ff:35:94:bb:2a:a7:a1:ab:1e:35:
146- 2d:a5:3f:c9:24:b0:1a:58:89:75:3e:81:0a:2c:4f:98:f9:51:
147- fb:c0:a3:09:d0:0a:9b:e7:a2:b7:c3:60:40:c8:f4:6d:b2:6a:
148- 56:12:17:4c:00:24:31:df:9c:60:ae:b1:68:54:a9:e6:b5:4a:
149- 04:e6:92:05:86:d9:5a:dc:96:30:a5:58:de:14:99:0f:e5:15:
150- 89:3e:9b:eb:80:e3:bd:83:c3:ea:33:35:4b:3e:2f:d3:0d:64:
151- 93:67:7f:8d:f5:3f:0c:27:bc:37:5a:cc:d6:47:16:af:5a:62:
152- d2:da:51:f8:74:06:6b:24:ad:28:68:08:98:37:7d:ed:0e:ab:
153- 1e:82:61:05:d0:ba:75:a0:ab:21:b0:9a:fd:2b:54:86:1d:0d:
154- 1f:c2:d4:77:1f:72:26:5e:ad:8a:9f:09:36:6d:44:be:74:c2:
155- 5a:3e:ff:5c:9d:75:d6:38:7b:c5:39:f9:44:6e:a1:d1:8e:ff:
156- 63:db:c4:bb:c6:91:92:ca:5c:60:9b:1d:eb:0a:de:08:ee:bf:
157- da:76:03:65:62:29:8b:f8:7f:c7:86:73:1e:f6:1f:2d:89:69:
158- fd:be:bd:6e
159 -----BEGIN CERTIFICATE-----
160-MIID4zCCAsugAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCSlAx
161-EDAOBgNVBAgMB1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQK
162-DA5SdWJ5IENvcmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZI
163-hvcNAQkBFhZzZWN1cml0eUBydWJ5LWxhbmcub3JnMB4XDTE5MDEwMjAzMjcxM1oX
164-DTI0MDEwMTAzMjcxM1owYDELMAkGA1UEBhMCSlAxEDAOBgNVBAgMB1NoaW1hbmUx
165-FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRIwEAYDVQQLDAlSdWJ5IFRlc3QxEjAQ
166-BgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
167-AOjanAEuKxDsSc1eBxMHnHCexnS8E8Lhb8aC/eNI4CylaMeeQt5gVGXmahRXejDQ
168-zLW22cPS38kll1Rnz/a+XsuL7gPF4eL55/fRDEfwuNozWq1Bree1onu3vzDaYPjj
169-VKK8Ov0bdNncdELpKb7frLRP6zL0BvHhjEuoi/sp57G/HQHucw/5QNzVFXnZxnPQ
170-wN3L5NoZR4DGFARy/Zp8jxGCdkkEeczyXDEilRM+XUCmTeCjAiZ9Uju77WWhD+1r
171-sDzU3mEVXtPdaAmfSlelwqlthpLF9KTUtxM7UmMkBeLM44o81DU0KxC7WHLn4Y0d
172-dIxhFiA90BxOj279/mQQT0ECAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhC
173-AQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFO0o
174-wn6rS8jo/lVtZpUxHC1g+QI2MB8GA1UdIwQYMBaAFPbRIinVPSPXXq0MnOZ1j53N
175-+J1TMA0GCSqGSIb3DQEBCwUAA4IBAQAduMWLckEgZa0nbxVjBiYSjZytyvTbl7SQ
176-y/81lLsqp6GrHjUtpT/JJLAaWIl1PoEKLE+Y+VH7wKMJ0Aqb56K3w2BAyPRtsmpW
177-EhdMACQx35xgrrFoVKnmtUoE5pIFhtla3JYwpVjeFJkP5RWJPpvrgOO9g8PqMzVL
178-Pi/TDWSTZ3+N9T8MJ7w3WszWRxavWmLS2lH4dAZrJK0oaAiYN33tDqsegmEF0Lp1
179-oKshsJr9K1SGHQ0fwtR3H3ImXq2Knwk2bUS+dMJaPv9cnXXWOHvFOflEbqHRjv9j
180-28S7xpGSylxgmx3rCt4I7r/adgNlYimL+H/HhnMe9h8tiWn9vr1u
181+MIIDYTCCAkkCAQAwDQYJKoZIhvcNAQELBQAwgYwxCzAJBgNVBAYTAkpQMRAwDgYD
182+VQQIDAdTaGltYW5lMRQwEgYDVQQHDAtNYXR6LWUgY2l0eTEXMBUGA1UECgwOUnVi
183+eSBDb3JlIFRlYW0xFTATBgNVBAMMDFJ1YnkgVGVzdCBDQTElMCMGCSqGSIb3DQEJ
184+ARYWc2VjdXJpdHlAcnVieS1sYW5nLm9yZzAeFw0yNDAxMDExMTQ3MjNaFw0zMzEy
185+MjkxMTQ3MjNaMGAxCzAJBgNVBAYTAkpQMRAwDgYDVQQIDAdTaGltYW5lMRcwFQYD
186+VQQKDA5SdWJ5IENvcmUgVGVhbTESMBAGA1UECwwJUnVieSBUZXN0MRIwEAYDVQQD
187+DAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw+egZ
188+Q6eumJKq3hfKfED4dE/tL4FI5sjqont9ABVI+1GSqyi1bFBgsRjM0THllIdMbKmJ
189+tWwnKW8J+5OgNN8y6Xxv8JmM/Y5vQt2lis0fqXmG8UTz0VTWdlAXXmhUs6lSADvA
190+aIe4RVrCsZ97L3ZQTryY7JRVcbB4khUN3Gp0yg+801SXzoFTTa+UGIRLE66jH51a
191+a5VXu99hnv1OiH8tQrjdi8mH6uG/icq4XuIeNWMF32wHqIOOPvQcWV3M5D2vxJEj
192+702Ku6k9OQXkAo17qRSEonWW4HtLbtmS8He1JNPc/n3dVUm+fM6NoDXPoLP7j55G
193+9zKyqGtGAWXAj1MTAgMBAAEwDQYJKoZIhvcNAQELBQADggEBACtGNdj5TEtnJBYp
194+M+LhBeU3oNteldfycEm993gJp6ghWZFg23oX8fVmyEeJr/3Ca9bAgDqg0t9a0npN
195+oWKEY6wVKqcHgu3gSvThF5c9KhGbeDDmlTSVVNQmXWX0K2d4lS2cwZHH8mCm2mrY
196+PDqlEkSc7k4qSiqigdS8i80Yk+lDXWsm8CjsiC93qaRM7DnS0WPQR0c16S95oM6G
197+VklFKUSDAuFjw9aVWA/nahOucjn0w5fVW6lyIlkBslC1ChlaDgJmvhz+Ol3iMsE0
198+kAmFNu2KKPVrpMWaBID49QwQTDyhetNLaVVFM88iUdA9JDoVMEuP1mm39JqyzHTu
199+uBrdP4Q=
200 -----END CERTIFICATE-----
201diff --git a/test/net/fixtures/server.key b/test/net/fixtures/server.key
202index 7f2380e71e637b..6a83d5bcf4a521 100644
203--- a/test/net/fixtures/server.key
204+++ b/test/net/fixtures/server.key
205@@ -1,28 +1,27 @@
206------BEGIN PRIVATE KEY-----
207-MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDo2pwBLisQ7EnN
208-XgcTB5xwnsZ0vBPC4W/Ggv3jSOAspWjHnkLeYFRl5moUV3ow0My1ttnD0t/JJZdU
209-Z8/2vl7Li+4DxeHi+ef30QxH8LjaM1qtQa3ntaJ7t78w2mD441SivDr9G3TZ3HRC
210-6Sm+36y0T+sy9Abx4YxLqIv7Keexvx0B7nMP+UDc1RV52cZz0MDdy+TaGUeAxhQE
211-cv2afI8RgnZJBHnM8lwxIpUTPl1Apk3gowImfVI7u+1loQ/ta7A81N5hFV7T3WgJ
212-n0pXpcKpbYaSxfSk1LcTO1JjJAXizOOKPNQ1NCsQu1hy5+GNHXSMYRYgPdAcTo9u
213-/f5kEE9BAgMBAAECggEBAOHkwhc7DLh8IhTDNSW26oMu5OP2WU1jmiYAigDmf+OQ
214-DBgrZj+JQBci8qINQxL8XLukSZn5hvQCLc7Kbyu1/wyEEUFDxSGGwwzclodr9kho
215-LX2LDASPZrOSzD2+fPi2wTKmXKuS6Uc44OjQfZkYMNkz9r4Vkm8xGgOD3VipjIYX
216-QXlhhdqkXZcNABsihCV52GKkDFSVm8jv95YJc5xhoYCy/3a4/qPdF0aT2R7oYUej
217-hKrxVDskyooe8Zg/JTydZNV5GQEDmW01/K3r6XGT26oPi1AqMU1gtv/jkW56CRQQ
218-1got8smnqM+AV7Slf9R6DauIPdQJ2S8wsr/o8ISBsOECgYEA9YrqEP2gAYSGFXRt
219-liw0WI2Ant8BqXS6yvq1jLo/qWhLw/ph4Di73OQ2mpycVTpgfGr2wFPQR1XJ+0Fd
220-U+Ir/C3Q7FK4VIGHK7B0zNvZr5tEjlFfeRezo2JMVw5YWeSagIFcSwK+KqCTH9qc
221-pw/Eb8nB/4XNcpTZu7Fg0Wc+ooUCgYEA8sVaicn1Wxkpb45a4qfrA6wOr5xdJ4cC
222-A5qs7vjX2OdPIQOmoQhdI7bCWFXZzF33wA4YCws6j5wRaySLIJqdms8Gl9QnODy1
223-ZlA5gwKToBC/jqPmWAXSKb8EH7cHilaxU9OKnQ7CfwlGLHqjMtjrhR7KHlt3CVRs
224-oRmvsjZVXI0CgYAmPedslAO6mMhFSSfULrhMXmV82OCqYrrA6EEkVNGbcdnzAOkD
225-gfKIWabDd8bFY10po4Mguy0CHzNhBXIioWQWV5BlbhC1YKMLw+S9DzSdLAKGY9gJ
226-xQ4+UQ3wtRQ/k+IYR413RUsW2oFvgZ3KSyNeAb9MK6uuv84VdG/OzVSs/QKBgQDn
227-kap//l2EbObiWyaERunckdVcW0lcN+KK75J/TGwPoOwQsLvTpPe65kxRGGrtDsEQ
228-uCDk/+v3KkZPLgdrrTAih9FhJ+PVN8tMcb+6IM4SA4fFFr/UPJEwct0LJ3oQ0grJ
229-y+HPWFHb/Uurh7t99/4H98uR02sjQh1wOeEmm78mzQKBgQDm+LzGH0se6CXQ6cdZ
230-g1JRZeXkDEsrW3hfAsW62xJQmXcWxBoblP9OamMY+A06rM5og3JbDk5Zm6JsOaA8
231-wS2gw4ilp46jors4eQey8ux7kB9LzdBoDBBElnsbjLO8oBNZlVcYXg+6BOl/CUi7
232-2whRF0FEjKA8ehrNhAq+VFfFNw==
233------END PRIVATE KEY-----
234+-----BEGIN RSA PRIVATE KEY-----
235+MIIEowIBAAKCAQEAsPnoGUOnrpiSqt4XynxA+HRP7S+BSObI6qJ7fQAVSPtRkqso
236+tWxQYLEYzNEx5ZSHTGypibVsJylvCfuToDTfMul8b/CZjP2Ob0LdpYrNH6l5hvFE
237+89FU1nZQF15oVLOpUgA7wGiHuEVawrGfey92UE68mOyUVXGweJIVDdxqdMoPvNNU
238+l86BU02vlBiESxOuox+dWmuVV7vfYZ79Toh/LUK43YvJh+rhv4nKuF7iHjVjBd9s
239+B6iDjj70HFldzOQ9r8SRI+9NirupPTkF5AKNe6kUhKJ1luB7S27ZkvB3tSTT3P59
240+3VVJvnzOjaA1z6Cz+4+eRvcysqhrRgFlwI9TEwIDAQABAoIBAEEYiyDP29vCzx/+
241+dS3LqnI5BjUuJhXUnc6AWX/PCgVAO+8A+gZRgvct7PtZb0sM6P9ZcLrweomlGezI
242+FrL0/6xQaa8bBr/ve/a8155OgcjFo6fZEw3Dz7ra5fbSiPmu4/b/kvrg+Br1l77J
243+aun6uUAs1f5B9wW+vbR7tzbT/mxaUeDiBzKpe15GwcvbJtdIVMa2YErtRjc1/5B2
244+BGVXyvlJv0SIlcIEMsHgnAFOp1ZgQ08aDzvilLq8XVMOahAhP1O2A3X8hKdXPyrx
245+IVWE9bS9ptTo+eF6eNl+d7htpKGEZHUxinoQpWEBTv+iOoHsVunkEJ3vjLP3lyI/
246+fY0NQ1ECgYEA3RBXAjgvIys2gfU3keImF8e/TprLge1I2vbWmV2j6rZCg5r/AS0u
247+pii5CvJ5/T5vfJPNgPBy8B/yRDs+6PJO1GmnlhOkG9JAIPkv0RBZvR0PMBtbp6nT
248+Y3yo1lwamBVBfY6rc0sLTzosZh2aGoLzrHNMQFMGaauORzBFpY5lU50CgYEAzPHl
249+u5DI6Xgep1vr8QvCUuEesCOgJg8Yh1UqVoY/SmQh6MYAv1I9bLGwrb3WW/7kqIoD
250+fj0aQV5buVZI2loMomtU9KY5SFIsPV+JuUpy7/+VE01ZQM5FdY8wiYCQiVZYju9X
251+Wz5LxMNoz+gT7pwlLCsC4N+R8aoBk404aF1gum8CgYAJ7VTq7Zj4TFV7Soa/T1eE
252+k9y8a+kdoYk3BASpCHJ29M5R2KEA7YV9wrBklHTz8VzSTFTbKHEQ5W5csAhoL5Fo
253+qoHzFFi3Qx7MHESQb9qHyolHEMNx6QdsHUn7rlEnaTTyrXh3ifQtD6C0yTmFXUIS
254+CW9wKApOrnyKJ9nI0HcuZQKBgQCMtoV6e9VGX4AEfpuHvAAnMYQFgeBiYTkBKltQ
255+XwozhH63uMMomUmtSG87Sz1TmrXadjAhy8gsG6I0pWaN7QgBuFnzQ/HOkwTm+qKw
256+AsrZt4zeXNwsH7QXHEJCFnCmqw9QzEoZTrNtHJHpNboBuVnYcoueZEJrP8OnUG3r
257+UjmopwKBgAqB2KYYMUqAOvYcBnEfLDmyZv9BTVNHbR2lKkMYqv5LlvDaBxVfilE0
258+2riO4p6BaAdvzXjKeRrGNEKoHNBpOSfYCOM16NjL8hIZB1CaV3WbT5oY+jp7Mzd5
259+7d56RZOE+ERK2uz/7JX9VSsM/LbH9pJibd4e8mikDS9ntciqOH/3
260+-----END RSA PRIVATE KEY-----
diff --git a/debian/patches/series b/debian/patches/series
index 7ba0ac0..7cb93d1 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -22,3 +22,6 @@ fix-wss-tests.patch
22fix-fiber-tests.patch22fix-fiber-tests.patch
23fix-generic-tests.patch23fix-generic-tests.patch
24CVE-2023-36617.patch24CVE-2023-36617.patch
25
26# Update outdated certificates used in testsuite
27renew-test-certificates-844672256e8e843a7e3a52b7e3c9bb8ea4c328b4.patch

Subscribers

People subscribed via source and target branches