Merge lp:~ubuntu-branches/ubuntu/precise/openssl/precise-201312110155 into lp:ubuntu/precise/openssl
Status: | Needs review |
---|---|
Proposed branch: | lp:~ubuntu-branches/ubuntu/precise/openssl/precise-201312110155 |
Merge into: | lp:ubuntu/precise/openssl |
Diff against target: |
71 lines (+31/-11) (has conflicts) 3 files modified
debian/changelog (+29/-9) debian/patches/tls12_workarounds.patch (+1/-1) ssl/s23_clnt.c (+1/-1) Text conflict in debian/changelog |
To merge this branch: | bzr merge lp:~ubuntu-branches/ubuntu/precise/openssl/precise-201312110155 |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Ubuntu branches | Pending | ||
Review via email: mp+198499@code.launchpad.net |
Description of the change
The package importer has detected a possible inconsistency between the package history in the archive and the history in bzr. As the archive is authoritative the importer has made lp:ubuntu/precise/openssl reflect what is in the archive and the old bzr branch has been pushed to lp:~ubuntu-branches/ubuntu/precise/openssl/precise-201312110155. This merge proposal was created so that an Ubuntu developer can review the situations and perform a merge/upload if necessary. There are three typical cases where this can happen.
1. Where someone pushes a change to bzr and someone else uploads the package without that change. This is the reason that this check is done by the importer. If this appears to be the case then a merge/upload should be done if the changes that were in bzr are still desirable.
2. The importer incorrectly detected the above situation when someone made a change in bzr and then uploaded it.
3. The importer incorrectly detected the above situation when someone just uploaded a package and didn't touch bzr.
If this case doesn't appear to be the first situation then set the status of the merge proposal to "Rejected" and help avoid the problem in future by filing a bug at https:/
(this is an automatically generated message)
Unmerged revisions
- 80. By Colin Watson
-
releasing version 1.0.1-4ubuntu4
- 79. By Colin Watson
-
merge 1.0.1-4ubuntu3
- 78. By Colin Watson
-
Check TLS1_get_
client_ version rather than TLS1_get_version for client
hello cipher list truncation, in a further attempt to get things working
again for everyone (LP: #986147). - 77. By Colin Watson
-
releasing version 1.0.1-4ubuntu2
- 76. By Colin Watson
-
* Backport more upstream patches to work around TLS 1.2 failures
(LP #965371):
- Do not use record version number > TLS 1.0 in initial client hello:
some (but not all) hanging servers will now work.
- Truncate the number of ciphers sent in the client hello to 50. Most
broken servers should now work.
- Don't allow TLS 1.2 SHA-256 ciphersuites in TLS 1.0, 1.1 connections.
* Don't re-enable TLS 1.2 client support by default yet, since more of the
sites listed in the above bug and its duplicates still fail if I do that
versus leaving it disabled.