Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#971393: mbedtls: New upstream version (2.24.0) with TLS 1.3 support
469 views
Skip to first unread message
Antoni Villalonga
Sep 29, 2020, 4:00:03 PM9/29/20
to
Source: mbedtls
Severity: normal
X-Debbugs-Cc: ant...@friki.cat
Dear Maintainer,
Please consider upgrading package to newer versions with TLS 1.3 support
enabled.
Regards,
Severity: normal
X-Debbugs-Cc: ant...@friki.cat
Dear Maintainer,
Please consider upgrading package to newer versions with TLS 1.3 support
enabled.
Regards,
Glenn Strauss
Oct 24, 2020, 1:50:03 AM10/24/20
to
mbedTLS 2.24.0 also addresses recent mbedTLS security advisories
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972806
Please upgrade to 2.24.0 in Debian testing. Thank you.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972806
Please upgrade to 2.24.0 in Debian testing. Thank you.
Glenn Strauss
Mar 1, 2021, 9:50:02 PM3/1/21
to
Please upgrade to 2.25.0 in Debian testing. Thank you.
mbedtls 2.25.0 was released almost 3 months ago.
mbedtls 2.24.0 was 6 months ago.
Since mbedtls 2.24.0, mbedtls supports TLSv1.3.
https://github.com/ARMmbed/mbedtls/releases
mbedtls 2.25.0 was released almost 3 months ago.
mbedtls 2.24.0 was 6 months ago.
Since mbedtls 2.24.0, mbedtls supports TLSv1.3.
https://github.com/ARMmbed/mbedtls/releases
Dennis Filder
Aug 15, 2021, 2:20:03 PM8/15/21
to
X-Debbugs-CC: ant...@friki.cat, gs-deb...@gluelogic.com
In [0,1] it was announced that 2021 will see a new LTS release (2.28)
for mbedtls:
Dave Rodgman <...> wrote on Thu Jul 29 13:05:10 UTC 2021:
> We expect to release an LTS later this year. It’s likely to be 2.27,
> and very likely will be supported for the usual LTS period of 3
> years.
>
> So if you are considering updating to a new LTS, you could use 2.26
> for prototyping in the short term until the LTS becomes
> available. The upcoming LTS will be API-compatible with 2.26.
Gilles Peskine <...> wrote on Thu Jul 29 13:24:58 UTC 2021:
> Off-by-one error! The current 2.x release is 2.27.0. Most
> development work is happening on 3.x but there will be at least one
> more 2.x release: 2.28.0. The last 2.x release will become an LTS.
Regards,
Dennis Filder.
0: https://lists.trustedfirmware.org/pipermail/mbed-tls/2021-July/000422.html
1: https://lists.trustedfirmware.org/pipermail/mbed-tls/2021-July/000423.html
In [0,1] it was announced that 2021 will see a new LTS release (2.28)
for mbedtls:
Dave Rodgman <...> wrote on Thu Jul 29 13:05:10 UTC 2021:
> We expect to release an LTS later this year. It’s likely to be 2.27,
> and very likely will be supported for the usual LTS period of 3
> years.
>
> So if you are considering updating to a new LTS, you could use 2.26
> for prototyping in the short term until the LTS becomes
> available. The upcoming LTS will be API-compatible with 2.26.
Gilles Peskine <...> wrote on Thu Jul 29 13:24:58 UTC 2021:
> Off-by-one error! The current 2.x release is 2.27.0. Most
> development work is happening on 3.x but there will be at least one
> more 2.x release: 2.28.0. The last 2.x release will become an LTS.
Regards,
Dennis Filder.
0: https://lists.trustedfirmware.org/pipermail/mbed-tls/2021-July/000422.html
1: https://lists.trustedfirmware.org/pipermail/mbed-tls/2021-July/000423.html
Andrea Pappacoda
Feb 18, 2022, 3:50:03 AM2/18/22
to
Unfortunately TLS 1.3 is still considered experimental in the latest
LTS release, 2.28.0 [1].
Even the latest feature release, 3.1.0, provides an unfinished
implementation [2], and I wouldn't feel comfortable in shipping it in
Debian.
Also, note that I plan to only ship LTS releases of MbedTLS, as they
better fit Debian's way of doing releases.
I guess we'll have to wait :/
1:
https://github.com/ARMmbed/mbedtls/blob/v2.28.0/docs/architecture/tls13-experimental.md
2:
https://github.com/ARMmbed/mbedtls/blob/v3.1.0/docs/architecture/tls13-support.md
--
OpenPGP key: 66DE F152 8299 0C21 99EF A801 A8A1 28A8 AB1C EE49
LTS release, 2.28.0 [1].
Even the latest feature release, 3.1.0, provides an unfinished
implementation [2], and I wouldn't feel comfortable in shipping it in
Debian.
Also, note that I plan to only ship LTS releases of MbedTLS, as they
better fit Debian's way of doing releases.
I guess we'll have to wait :/
1:
https://github.com/ARMmbed/mbedtls/blob/v2.28.0/docs/architecture/tls13-experimental.md
2:
https://github.com/ARMmbed/mbedtls/blob/v3.1.0/docs/architecture/tls13-support.md
--
OpenPGP key: 66DE F152 8299 0C21 99EF A801 A8A1 28A8 AB1C EE49
Bastian Germann
Feb 21, 2022, 4:50:03 AM2/21/22
to
Control: retitle -1 mbedtls: Enable TLS 1.3
On Fri, 18 Feb 2022 09:29:06 +0100 Andrea Pappacoda <and...@pappacoda.it> wrote:
> Also, note that I plan to only ship LTS releases of MbedTLS, as they
> better fit Debian's way of doing releases.
That is very reasonable. The latest LTS has arrived in testing, so this issue can be retitled.
On Fri, 18 Feb 2022 09:29:06 +0100 Andrea Pappacoda <and...@pappacoda.it> wrote:
> Also, note that I plan to only ship LTS releases of MbedTLS, as they
> better fit Debian's way of doing releases.
0 new messages