group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1836823] Re: python-acme will break on November 1st

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Brad Warren <bradmwarren@xxxxxxxxx>
Date: Wed, 17 Jul 2019 19:06:47 -0000
Reply-to: Bug 1836823 <1836823@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: python-acme (Ubuntu)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1836823

Title:
  python-acme will break on November 1st

Status in python-acme package in Ubuntu:
  Fix Released
Status in python-acme source package in Xenial:
  Triaged
Status in python-acme source package in Bionic:
  Triaged
Status in python-acme source package in Cosmic:
  Triaged
Status in python-acme source package in Disco:
  Triaged

Bug description:
  This bug affects the python-acme package in all released versions of
  Ubuntu.

  The python-acme package will no longer work with Let’s Encrypt’s
  “ACMEv2” endpoint which is their RFC 8555 compliant endpoint starting
  November 1st. See https://community.letsencrypt.org/t/acme-v2
  -scheduled-deprecation-of-unauthenticated-resource-gets/74380 for more
  details about this change.

  After November 1st of this year, the python-acme packages will be
  unusable with Let's Encrypt's endpoint which will break any software
  using the library for this purpose. The primary concern here is that
  users of the library will no longer be able to obtain new
  certificates. Certificates which are currently being automatically
  renewed will suddenly become unable to do so which will likely result
  in broken TLS configurations for many users.

  As one of the upstream maintainers of this library, I think the safest
  way to start to resolve this problem would be to backport the python-
  acme 0.31.0-2 package from Debian Buster to Disco. The python-acme
  package in Disco is version 0.31.0-1 and the only code differences
  should be some minor patches that were applied to the package in
  Buster to avoid this problem before it was released. I think taking
  this package would result in the smallest diff while sticking to a
  well tested package.

  Alternatively, if taking a package from Debian at this point is
  awkward, I can either provide info on the changes that were backported
  to create 0.31.0-2 in Debian so we could do something similar to the
  package in Disco or we could backport python-acme 0.34.0+.

  After the package in Disco is updated to resolve this, I think we
  should backport the updated package to every non-EOL'd release of
  Ubuntu back to Xenial.

  There are no breaking API changes between python-acme 0.31.0-2 and the
  version of python-acme in any Ubuntu release and no dependencies need
  to be updated.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python-acme/+bug/1836823/+subscriptions