Bug ID | 1208393 |
---|---|
Summary | OpenSSL 3.0.8 breaks PKITS test 4.1.5 (which requires DSA parameter inheritance) |
Classification | openSUSE |
Product | openSUSE Tumbleweed |
Version | Current |
Hardware | Other |
OS | Other |
Status | NEW |
Severity | Normal |
Priority | P5 - None |
Component | Security |
Assignee | security-team@suse.de |
Reporter | otto.hollmann@suse.com |
QA Contact | qa-bugs@suse.de |
Found By | --- |
Blocker | --- |
Indeed, just decoding the certificate fails: > openssl x509 -noout -text -in ValidDSAParameterInheritanceTest5EE.crt The output includes > Subject Public Key Info: > Public Key Algorithm: dsaEncryption > Unable to load Public Key >40477373937F0000:error:03000072:digital envelope routines:X509_PUBKEY_get0:decode error:../crypto/x509/x_pubkey.c:458: >40477373937F0000:error:03000072:digital envelope routines:X509_PUBKEY_get0:decode error:../crypto/x509/x_pubkey.c:458: > X509v3 extensions: Upstream issues: https://github.com/openssl/openssl/issues/20233 https://github.com/openssl/openssl/issues/20309 Also it causing build failure of qca:qt5 package and thus blocking release of OpenSSL 3.0.8 with 8 CVE fixes.