GNU bug report logs - #49035
cURL 7.77.0 uses invalid TLS priority string, prevents access to bitbucket.org

Previous Next

Package: guix;

Reported by: Ludovic Courtès <ludovic.courtes <at> inria.fr>

Date: Tue, 15 Jun 2021 09:18:02 UTC

Severity: important

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

Message #23 received at 49035-done <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: 49035-done <at> debbugs.gnu.org
Cc: Emmanuel Agullo <emmanuel.agullo <at> inria.fr>
Subject: Re: bug#49035: Git 2.32.0 fails with ‘gnutls_handshake’ error
Date: Fri, 18 Jun 2021 17:43:58 +0200

Ludovic Courtès <ludo <at> gnu.org> skribis:

> Ludovic Courtès <ludo <at> gnu.org> skribis:
>
>> So these two cURL versions use different TLS priority strings; here’s
>> the one that cURL 7.77 uses (bad) vs. the one that 7.74 uses (good):
>
> Also reported at <https://github.com/curl/curl/issues/7277>.

The issue turned out to be that cURL’s priority string specifies
protocol versions in the wrong order, favoring old versions over new
ones (see the issue above).

Fixed in caf4a7a2770ef4d05a6e18f40d602e51da749ddc!

Thanks,
Ludo’.

This bug report was last modified 3 years and 337 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #49035 cURL 7.77.0 uses invalid TLS priority string, prevents access to bitbucket.org

GNU bug report logs - #49035
cURL 7.77.0 uses invalid TLS priority string, prevents access to bitbucket.org