Debian Long Term Support / LTS Security Information / 2020 / Security Information -- DLA-2484-1 python-certbot

Debian Security Advisory

DLA-2484-1 python-certbot -- LTS security update

Date Reported:

09 Dec 2020

Affected Packages:

python-certbot

Vulnerable:

Yes

Security database references:

In the Debian bugtracking system: Bug 969126.

More information:

Let's Encrypt's ACMEv1 API is deprecated and in the process of being shut down. Beginning with brownouts in January 2021, and ending with a total shutdown in June 2021, the Let's Encrypt APIs will become unavailable. To prevent users having disruptions to their certificate renewals, this update backports the switch over to the ACMEv2 API.

For Debian 9 stretch, this problem has been fixed in version 0.28.0-1~deb9u3.

We recommend that you upgrade your python-certbot packages.

For the detailed security status of python-certbot please refer to its security tracker page at: https://security-tracker.debian.org/tracker/python-certbot

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS