Detections
Analytics

Debian DLA-2484-1 : python-certbot - switch to ACMEv2 API

high Nessus Plugin ID 143597

Language:

Synopsis

The remote Debian host is missing a security update.

Description

Let's Encrypt's ACMEv1 API is deprecated and in the process of being shut down. Beginning with brownouts in January 2021, and ending with a total shutdown in June 2021, the Let's Encrypt APIs will become unavailable. To prevent users having disruptions to their certificate renewals, this update backports the switch over to the ACMEv2 API.

For Debian 9 stretch, this problem has been fixed in version 0.28.0-1~deb9u3.

We recommend that you upgrade your python-certbot packages.

For the detailed security status of python-certbot please refer to its security tracker page at:
https://security-tracker.debian.org/tracker/python-certbot

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Upgrade the affected packages.

See Also

https://lists.debian.org/debian-lts-announce/2020/12/msg00010.html

https://packages.debian.org/source/stretch/python-certbot

http://www.nessus.org/u?4385dfd9

Plugin Details

Severity: High

ID: 143597

File Name: debian_DLA-2484.nasl

Version: 1.1

Type: local

Agent: unix

Published: 12/9/2020

Updated: 12/9/2020

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:certbot, p-cpe:/a:debian:debian_linux:letsencrypt, p-cpe:/a:debian:debian_linux:python-certbot-doc, p-cpe:/a:debian:debian_linux:python3-certbot, cpe:/o:debian:debian_linux:9.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Patch Publication Date: 12/8/2020

Vulnerability Publication Date: 12/8/2020