Bug#864083: unblock: libgcrypt20/1.7.6-2
Control: tags -1 confirmed d-i
Andreas Metzler:
> Package: release.debian.org
> Severity: normal
> User: release.debian.org@packages.debian.org
> Usertags: unblock
>
> Please unblock package libgcrypt20, the upload features the following
> changes:
> * Refresh debian/upstream/signing-key.asc, key-expiry-dates bumped.
> * Pull two fixes from gcrypt 1.7.7 bugfix release:
> + 30_gcry177_01-ecc-Store-EdDSA-session-key-in-secure-memory.patch
> Fix possible timing attack on EdDSA session key.
> + 30_gcry177_02-secmem-Fix-SEGV-and-stat-calculation.patch
> Fix long standing bug in secure memory implementation which could lead
> to a segv on free.
>
> unblock libgcrypt20/1.7.6-2
>
> Thanks, cu Andreas
>
Ack from here, CC'ing KiBi for a d-i ack - assuming there is still time.
Worst case, we will have to defer it to 9.1.
Thanks,
~Niels
Reply to: