savannah-hackers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[sr #110546] git clone https://git.savannah.gnu.org/... fails with error

From: Bob Proulx
Subject: [sr #110546] git clone https://git.savannah.gnu.org/... fails with error "server certificate verification failed"
Date: Sun, 3 Oct 2021 20:11:06 -0400 (EDT)
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:88.0) Gecko/20100101 Firefox/88.0 
Update of sr #110546 (project administration):

                  Status:                    None => Done                   
             Assigned to:                    None => rwp                    
             Open/Closed:                    Open => Closed                 

    _______________________________________________________

Follow-up Comment #9:

That is an impressive tabulation of systems! However you included fixes for
only three.  And for at least several of those that I spot-check the fix is
simply to install security patch updates as per standard best practice.  I
imagine that most of those would be fixed simply by installing the latest
official security patches for each system.  For one example I am routinely
using Debian 9 and Debian 10 systems and cannot reproduce the problem on
maintained systems.

And then for example I just now as a test installed an ISO of
ubuntu-16.04.4-desktop-i386.iso from 2018 which I had available and by 2018 it
had already been patched for this issue.  And having been patched I could not
reproduce the problem.

Being curious I then downloaded and installed a pristine Ubuntu 16.04-server
(no point releases, the original release) from 2016 and did reproduce the
problem at that vintage.  Without exhaustively going through the releases this
says that the issue was fixed before 2018.

I am as much of a fan of having a large matrix of systems and versions as
anyone.  But any system that interacts with the hostile Internet will find
that the hostile Internet is always changing.  Whether we like it or not we
find it impossible to freeze those parts that communicate and interact.  Not
because the local end has changed but because the remote end of the
communicating pair has changed.  Sometimes whether we like it or not we simply
must upgrade the local part of our client in order to communicate.

As to the other two pages you asked to have hints placed for documentation for
the /tls page I obsoleted it entirely since it was truly so old it was
harmfully misinformed.  I redirected that page to the other one.  The other
one was originally just a few lines.  I expanded it with a first pass
description of everything I know about things now and various hints.

https://savannah.gnu.org/maintenance/SavannahTLSInfo/


    _______________________________________________________

Reply to this item at:

  <https://savannah.nongnu.org/support/?110546>

_______________________________________________
  Message sent via Savannah
  https://savannah.nongnu.org/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]