Your message dated Sun, 04 Jun 2017 21:29:00 +0000 with message-id <4d0a6a78-53d6-1b69-ffd0-e749a42f4f48@thykier.net> and subject line Re: Bug#864083: unblock: libgcrypt20/1.7.6-2 has caused the Debian Bug report #864083, regarding unblock: libgcrypt20/1.7.6-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 864083: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864083 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: unblock: libgcrypt20/1.7.6-2
- From: Andreas Metzler <ametzler@bebt.de>
- Date: Sun, 4 Jun 2017 10:30:44 +0200
- Message-id: <[🔎] 20170604083044.qxfcagcaguyljqxi@argenau.bebt.de>
Package: release.debian.org Severity: normal User: release.debian.org@packages.debian.org Usertags: unblock Please unblock package libgcrypt20, the upload features the following changes: * Refresh debian/upstream/signing-key.asc, key-expiry-dates bumped. * Pull two fixes from gcrypt 1.7.7 bugfix release: + 30_gcry177_01-ecc-Store-EdDSA-session-key-in-secure-memory.patch Fix possible timing attack on EdDSA session key. + 30_gcry177_02-secmem-Fix-SEGV-and-stat-calculation.patch Fix long standing bug in secure memory implementation which could lead to a segv on free. unblock libgcrypt20/1.7.6-2 Thanks, cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure'diff -Nru libgcrypt20-1.7.6/debian/changelog libgcrypt20-1.7.6/debian/changelog --- libgcrypt20-1.7.6/debian/changelog 2017-01-26 11:58:32.000000000 +0100 +++ libgcrypt20-1.7.6/debian/changelog 2017-06-03 10:58:36.000000000 +0200 @@ -1,3 +1,15 @@ +libgcrypt20 (1.7.6-2) unstable; urgency=high + + * Refresh debian/upstream/signing-key.asc, key-expiry-dates bumped. + * Pull two fixes from gcrypt 1.7.7 bugfix release: + + 30_gcry177_01-ecc-Store-EdDSA-session-key-in-secure-memory.patch + Fix possible timing attack on EdDSA session key. + + 30_gcry177_02-secmem-Fix-SEGV-and-stat-calculation.patch + Fix long standing bug in secure memory implementation which could lead + to a segv on free. + + -- Andreas Metzler <ametzler@debian.org> Sat, 03 Jun 2017 10:58:36 +0200 + libgcrypt20 (1.7.6-1) unstable; urgency=medium * New upstream version, includes diff -Nru libgcrypt20-1.7.6/debian/patches/30_gcry177_01-ecc-Store-EdDSA-session-key-in-secure-memory.patch libgcrypt20-1.7.6/debian/patches/30_gcry177_01-ecc-Store-EdDSA-session-key-in-secure-memory.patch --- libgcrypt20-1.7.6/debian/patches/30_gcry177_01-ecc-Store-EdDSA-session-key-in-secure-memory.patch 1970-01-01 01:00:00.000000000 +0100 +++ libgcrypt20-1.7.6/debian/patches/30_gcry177_01-ecc-Store-EdDSA-session-key-in-secure-memory.patch 2017-06-03 10:53:37.000000000 +0200 @@ -0,0 +1,35 @@ +From f9494b3f258e01b6af8bd3941ce436bcc00afc56 Mon Sep 17 00:00:00 2001 +From: Jo Van Bulck <jo.vanbulck@cs.kuleuven.be> +Date: Thu, 19 Jan 2017 17:00:15 +0100 +Subject: [PATCH 1/2] ecc: Store EdDSA session key in secure memory. + +* cipher/ecc-eddsa.c (_gcry_ecc_eddsa_sign): use mpi_snew to allocate +session key. +-- + +An attacker who learns the EdDSA session key from side-channel +observation during the signing process, can easily revover the long- +term secret key. Storing the session key in secure memory ensures that +constant time point operations are used in the MPI library. + +Signed-off-by: Jo Van Bulck <jo.vanbulck@cs.kuleuven.be> +--- + cipher/ecc-eddsa.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/cipher/ecc-eddsa.c b/cipher/ecc-eddsa.c +index f91f8489..813e030d 100644 +--- a/cipher/ecc-eddsa.c ++++ b/cipher/ecc-eddsa.c +@@ -603,7 +603,7 @@ _gcry_ecc_eddsa_sign (gcry_mpi_t input, ECC_secret_key *skey, + a = mpi_snew (0); + x = mpi_new (0); + y = mpi_new (0); +- r = mpi_new (0); ++ r = mpi_snew (0); + ctx = _gcry_mpi_ec_p_internal_new (skey->E.model, skey->E.dialect, 0, + skey->E.p, skey->E.a, skey->E.b); + b = (ctx->nbits+7)/8; +-- +2.11.0 + diff -Nru libgcrypt20-1.7.6/debian/patches/30_gcry177_02-secmem-Fix-SEGV-and-stat-calculation.patch libgcrypt20-1.7.6/debian/patches/30_gcry177_02-secmem-Fix-SEGV-and-stat-calculation.patch --- libgcrypt20-1.7.6/debian/patches/30_gcry177_02-secmem-Fix-SEGV-and-stat-calculation.patch 1970-01-01 01:00:00.000000000 +0100 +++ libgcrypt20-1.7.6/debian/patches/30_gcry177_02-secmem-Fix-SEGV-and-stat-calculation.patch 2017-06-03 10:53:37.000000000 +0200 @@ -0,0 +1,69 @@ +From 91456759b887e153c4d4ce19538d478df260cab2 Mon Sep 17 00:00:00 2001 +From: NIIBE Yutaka <gniibe@fsij.org> +Date: Fri, 2 Jun 2017 10:34:42 +0900 +Subject: [PATCH 2/2] secmem: Fix SEGV and stat calculation. + +* src/secmem (init_pool): Care about the header size. +(_gcry_secmem_malloc_internal): Likewise. +(_gcry_secmem_malloc_internal): Use mb->size for stats. + +-- + +GnuPG-bug-id: 3027 +Signed-off-by: NIIBE Yutaka <gniibe@fsij.org> +--- + src/secmem.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/src/secmem.c b/src/secmem.c +index 46bbf82e..b2a9667d 100644 +--- a/src/secmem.c ++++ b/src/secmem.c +@@ -454,7 +454,7 @@ init_pool (pooldesc_t *pool, size_t n) + + /* Initialize first memory block. */ + mb = (memblock_t *) pool->mem; +- mb->size = pool->size; ++ mb->size = pool->size - BLOCK_HEAD_SIZE; + mb->flags = 0; + } + +@@ -610,7 +610,7 @@ _gcry_secmem_malloc_internal (size_t size, int xhint) + mb = mb_get_new (pool, (memblock_t *) pool->mem, size); + if (mb) + { +- stats_update (pool, size, 0); ++ stats_update (pool, mb->size, 0); + return &mb->aligned.c; + } + +@@ -624,7 +624,7 @@ _gcry_secmem_malloc_internal (size_t size, int xhint) + mb = mb_get_new (pool, (memblock_t *) pool->mem, size); + if (mb) + { +- stats_update (pool, size, 0); ++ stats_update (pool, mb->size, 0); + return &mb->aligned.c; + } + } +@@ -641,7 +641,7 @@ _gcry_secmem_malloc_internal (size_t size, int xhint) + return NULL; /* Not enough memory available for a new pool. */ + /* Initialize first memory block. */ + mb = (memblock_t *) pool->mem; +- mb->size = pool->size; ++ mb->size = pool->size - BLOCK_HEAD_SIZE; + mb->flags = 0; + + pool->okay = 1; +@@ -660,7 +660,7 @@ _gcry_secmem_malloc_internal (size_t size, int xhint) + mb = mb_get_new (pool, (memblock_t *) pool->mem, size); + if (mb) + { +- stats_update (pool, size, 0); ++ stats_update (pool, mb->size, 0); + return &mb->aligned.c; + } + } +-- +2.11.0 + diff -Nru libgcrypt20-1.7.6/debian/patches/series libgcrypt20-1.7.6/debian/patches/series --- libgcrypt20-1.7.6/debian/patches/series 2017-01-26 11:58:32.000000000 +0100 +++ libgcrypt20-1.7.6/debian/patches/series 2017-06-03 10:55:34.000000000 +0200 @@ -1,3 +1,5 @@ 12_lessdeps_libgcrypt-config.diff 15_multiarchpath_in_-L.diff 25_norevisionfromgit.diff +30_gcry177_01-ecc-Store-EdDSA-session-key-in-secure-memory.patch +30_gcry177_02-secmem-Fix-SEGV-and-stat-calculation.patch diff -Nru libgcrypt20-1.7.6/debian/upstream/signing-key.asc libgcrypt20-1.7.6/debian/upstream/signing-key.asc --- libgcrypt20-1.7.6/debian/upstream/signing-key.asc 2016-02-12 10:25:57.000000000 +0100 +++ libgcrypt20-1.7.6/debian/upstream/signing-key.asc 2017-01-26 16:24:47.000000000 +0100 @@ -1,5 +1,4 @@ -----BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v1 mQENBE0ti4EBCACqGtKlX9jI/enhlBdy2cyQP6Q7JoyxtaG6/ckAKWHYrqFTQk3I Ue8TuDrGT742XFncG9PoMBfJDUNltIPgKFn8E9tYQqAOlpSA25bOb30cA2ADkrjg @@ -13,151 +12,53 @@ 5zCwu7SHz9cX3d4UUwzcP6qQP4BQEH9/xlpQS9eTK9b2RMyggqwd/J8mxjvoWzL8 Klf/wl6jXHn/yP92xG9/YA86lNOL1N3/PhlZzLuJ6bdD9WzsEp/+kh3UDfjkIrOc WkqwupB+d01R4bHPu9tvXy8Xut8Sok2zku2xVkEOsV2TXHbwuHO2AGC5pWDX6wgC -E4F5XeCB/0ovao2/bk22w1TxzP6PMxo6sLkmaF6D0frhM2bl4C/uSsqInAQQAQIA -BgUCTS2NBAAKCRBTtiDQHODGMEZPBACLmrMjpwmyVvI6X5N4NlWctXQWY+4ODx2i -O9CtUM/F96YiPFlmgwsJUzyXLwALYk+shh83TjQLfjexohzS1O07DCZUy7Lsb9R7 -HbYJ1Yf/QcEykbiAW465CZb1BAOMR2HUODBTaABaidfnhmUzJtayz7Y0KKRHAx+V -VS6kfnsFq4hWBBARCAAGBQJNLcU3AAoJEPKthaweQrNnKwQA33d93wdeFxn8pdw7 -ZuHHxFHywnGF1jWjMvmZpoIA33PIcnHhgNl3D04UOzetd6IvnB8zuFwvKNbaKA6I -XgQQEQgABgUCTVgtuAAKCRBJkIlVOxgOgZdEAQCKIWMFdCUZiG7HQBf7vEkTQ4Bi -0aGcyV3EzHU/pflxtAD/fSio5Sr95BmaQTRyhojvCnww2U8VR/nx1DmJeOjHh8GJ -ARwEEgECAAYFAk06eucACgkQlOkt+SqqXDtJuQf5AZ5NzPvQm2UNusOabwrXephy -X/tD3jlzcP2uyBIHFc3sbC5zVELVedoZA+MYQGrkZwbat1CKCKcZfTFCzRRKjOaH -ppKsmdk+DNXhpZKRyk4N2ZOPQMpa/rjikLOj3bhwybG9FCFWGZeXJx3/ZvcUKCY+ -lC9y4ju9Y76f8DLu/poUGQUPpeUVWy2A1MvGvSyumkJTCzrlHX4WR+FzeSCPAd1b -MWVWquqvrM5EXk9ikk2DmsmfaUF/g+AHuF+av6EhwgyCvH/yLd4Cam01iVeGJu6X -jFwQd4/pnTgP8cURY47f5wIc+TP+Ckg8ul6bcRIrHtOuovKSAFNzLGphc5kAFokC -HAQQAQIABgUCTfHc+QAKCRDGkbUX+A1GqzAPD/9KBxOCXD2ehuBDgAggfwVuV/Gz -LZURqfplCvkxk4cSawdqOKebTDZL6b0P87VM4QJGUiooV6zMB7r+FvOgra7raRen -QyzjL3tzuL7y+sdIQcpb9XytOFSws3UUD+yluQyznCoHtbJ/xdJDOznDlmwIA3RH -12H0GzpaGJ1UHc4C0vpNh6NrlV1mzgYNs4bFA1fF++16o9j9RFMN+ZX1Qx/LHDH7 -XaD+KJJk5Zq139UCIsls8Qf+Pd8B8XBCXlNxziKWPGDBJZNBD5Uaqd2qhMCouR5L -nfEE6G8pIf/aHWDv7bmm+RQITmdRoDF1PU6JBY7vZRxdsnsZLeOxuHFm57gSxjSE -X4JrnHZy/nJLihG1IcKoNGTnPhh10IizxniQJtXDToImWl5Qm5h5QWLYZC65Zdy/ -F6lDpOiHIyIJu8DVmJALRQ/abUCzmxbm0ITMZ3u/w4tR+q2MjZjsVC5joazVtLz1 -iyhreJWR3lyIMJfsGa+GXs0+EEDWka0ZocfCJsc2+XUcS3GPSQ/iSSWCYY/GepQS -sNZ014X2Quf3Txw76Gqq8yjPvah0k0WLVRM8JVeWNd5GzcwZ/IzHXSAezEyCPfes -vN3aPHSLE3HryiYNBoSrYVRz+xBI3xqSC4+DECmDselLziSh1LTEanXe+wi1vgKo -DSOziK3GguXEuXm3eohGBBARAgAGBQJN8rEMAAoJEOVQtZ9Y38YIgtQAnijU/ynB -wpDH/UfKyuKMJqImonaJAJ9uBDnMI3DsxufNxHxeZMRKFwRV94hGBBARAgAGBQJP -TdODAAoJEIvYLm8wuUtcO4AAoJuX6fXMdhuLEK8DewH2So1rlDLsAJ9nEpyIYi+G -8YcJ986RyJcKaZ9aIIkBIgQSAQgADAUCTyhjKwWDDuLHWAAKCRCt8y7f4/HY9+04 -CACx4BKh36+PCwzJ522JiFRX6NSi3zJfdeXLKU9oXv+j7cjF5OKz/1MzVdyTRVmK -SlUSbtrzgDc3ompfePdqao0sl6x9Ay4oM8cil5IaPnI6yIbd63w3Vr1B+OZyTXoY -kiYCWpQ4H3WxEL9Hu4Z6MH/cV//D3J4zH5ZgJvrbaLiYRs5WcSBVrNPHWh4z7oS9 -PXygndrxdyq5pvWUwXHwVtmu+c8glfltopZg/wqdJLlK8WIO3aFBqQdq9UZlK7Dp -fAhMMxPzfLnVbQWZL3QJTjJwt/+Lr+/jVaFmXqxYifwqJYb5rmmuj3XplKGDHRWt -+5SgEbALyAPAPCkT62F08KyDiQGcBBABAgAGBQJQTI7tAAoJEHe/Jx794nWcRe0L -/2cMF2r1ahP1gHF8oEKPIlMZDLMKNbqEA4txwfXHJIvfrDOg5yTNQIXsHOF23r9D -QrvPWKSfmuLihSpXgsVPrCdnicXSDGp91MoKIykPiC2esSkMLwJ5Dv4NYJro14nH -qZCN4KK0Hte2f6Mnv8iQrywBGt9fcjDJx1FEDeTyaLy3NPFWiCNsuXmP7qv2yfod -WagD8+7H5gihhEStD+iqrNgdMuDQrM2N0HVB+QJu+IpUXPTNABzT8CgZqCZF3e3n -h302GFZXAW06EvMQOnx27kcqaTijUtxdt4kTBduJwuk2t/6k1GzYu4Je0f9nAlxc -5tU0CSFkA5tX5PUtxDOifykfauosHT8J1vX/RGMzTdHVA4SKKmOHBUregUGX8MVf -R/dwQ1tSSDBMS2AB47HjazdQqYeEXFTH+d3AcE3ykFZpcFqYmEgJGvOj6y9u4ejM -wR7VfxmE02ByljkhMY8q4SXOgMxsmVMb+HOgoZqqSxzL4+Kn/Mt2knYixB4N+9/w -MYkBnAQRAQoABgUCTquvVwAKCRCg8hPxRutYH7xzC/490lhwnOcXKPjta3ERc06y -WtiA2FPgcNhl8vzuYTa9zTCrl/8j4WqedMxA5r4oKgVXqQxbiQPDeTZaISYfXCbV -bNWag4CQChtXsvXFRw37eJjterXNB9SYGA4+BjmuIB0SuUbN4FpvN0HLiRKpnuTO -I8+ECxhjCkvyR3dg5EQAFBfx9ZrKwoZO6JgLkT9HGqibP3hu/21K2O28j0yaZi21 -loxRxRCZKbM9RLglteuuRBeu9VUK9alQ4kiuA9lGdzoyjRBvEyFDNAoEf72ieIC+ -Hkntien+1EvuOYehO182YFTbcJlI6wNnxgotXwmMvJRq7HgZ0NNO8F3D3/FKPlCB -a4zEnPJwIbMmlqf8ERYOgWv2nCa2ssprewW4zkvSavuTo23ygo2ef8QWWIVaT0Sk -tyyq6uah6vJ0nuJainu6s8vN62mM9uJrE23AgGVYQUFXIiy7QpbmE5Kwd0Y+U9XW -00vQsvLEwudX2VC0CO2VoIdYs41f7LYR/tk5co+jsh2JAhwEEAECAAYFAk33ItsA -CgkQUn55uqO1OZgGeA//WJMFJmskIrNyXM8bJbsR78UHGiJ8mSsnmvwIZmG8brND -cOTqbBnK4JLr1RJ2WDNDxLp+OSJhnV6JTxPlwaHk7wAxJUZB8edf0Ojk+ZGeAY7m -pkJXffza4vWXDIza1gfDBbS1uWxAfxN5eTmDrqRIGYFiRakuVUP9Bq7bCG2E33u3 -Z1NifiNQxDIHLI/WbeLWTovYN9ekX28/2pKYQYjubrTR2/VNC1JhTar7OgX1EIbL -6VXVrRd4fpbHq/bGV2ytk1T0zYNLZP7S9nsHwpaCZGPYMIkx/1UV8YPcGnEdc9DD -di4bSXIuAgsXwsNv0guaAs5W76BIMh1lYlXURulQGkbs9z+INg0iD0RqLaPSNTPW -m+mANnuZWBbZaRiXiu2D693WeYU8kpQxMjVSDSb7zqHFQoWGHbfTnX07ju0Ulbqr -0k62G+TkHQGpKrZSKTvA2XutflUsiaCrVMFLuGQe8Qp8eVvYM28Nc0GrUtMiljVg -4dYjkMauHi8et8hIF9e3INaVncgAdvv2Q7fdhKA9OPs0WD+5nU+BZU1cWUdEBdVH -DiH0pm44nckLGqy3xTQqDxk2ZG/+YJkJ6wzm9Al0Vi4HAiG9Z1egUvN8edcTe/WF -bbUCeyR5CGJZDQx2YdcLyDNyMHSyLT7FczY81DAQKzhrf1EJu1eTBY7fMRIMQ/qI -XgQQEQgABgUCUb9LFgAKCRD3Y4wdjKQWMTAOAQC7G3PHbdX9/en6pUKrdjx85AKz -oAv/0wI1jOsWJOk2bAD9GEKSkOMlUlOwKzqth9exz2QGcUtIWkhPpXeCxCfiKvuI -nAQQAQIABgUCUMLuLAAKCRABgmNkt/ypALRgBACHWnzL9ItAeOqsgPbF2cso/1mT -GlEO7Iu6wYA3rpILW/1hqasYh0Xsr1tR3LfUhTDOyjGBMWeFkR/72QqfnGq5NTmY -SrPMncxgGYbVpOIB6fhHjohyeeYeUkkjHce4KdhIlqo+nSEog2JqJq03wTuVmWE3 -7VyoW+lRFE6UtiGsBIkBHAQQAQIABgUCUQSlDQAKCRB3FndEyejkKKMnB/0cnJ39 -+OqIZpgPfkiqcARPSpgigWxHL3DonCiWf9VwMVxzlpKWQqeKaNQvKWGDzPUNA74q -twQnuaa4aYasPZL7vUrmhyC7AggTyDm/WQL05EgGE7T0Rs0sg9HYJ8rjilzqzPmc -SjnCdbg7u8qeQwQnKqlF+Q24Y4efFYgMSKnioYwKUshD7Bxv4qJ3eZ4WB++SCKDu -/xjKTtcrjmvqZIKN515uDMpn6UnzTyf6NnNtghzi7tWhnM7QlPtTyZXSKtBqR3hd -oVZ1VOsz0BWUjwJx+ujG5TReuKLFKMdKjvdzGr6Uwl5iXPHhRDbiqYMAU1DTLXLw -Aq4tgESzfrzM9ICMiQEcBBABAgAGBQJSfQkVAAoJEDvMZXJgk9I8msUIAMIX2Tt3 -ERR2eSTYA7UYjNZijvlR4Omz1521hRvaL31gmclBP/GWKfiR1tODVCvX473BR45E -VLZ8CsmqdVFz9eT9oHjchzxdVwAvsW3aPahI8oradf8ZuTCP2p+oSq5NW9T7p9AL -MWO7HZ1Ig2BvmkPRuelauGJuqLn8j8ag+lJLw/MOmmRDAY0HVt7pVCy4VVilDBSf -PNhTx5dEUXCDvUS5RsBMg1jt50VuswbVI6ALaxzKFWoN+LQoOU0xACCQ1v/EkP3L -jz4eoaIcknSRjhzPUmWIFJcYg/BrizrBLvzGpWQIk2mh9bfsZNrle3/0BoeZrFVT -dv5YFTDQnPu/0MWJAhwEEAECAAYFAlF1FogACgkQDD2WtgRvBwoT3hAAruCCJac7 -dgk7q/VZR1jo3e6xIWqFDSFli0TZa7uOK4swB6BDJUyTQTj6O4uKqdVjbALsdP1j -q+BQrAlyJkfZm0wonjIPNwFt2esggiD5TiynqSVtz/YrGwZnVA5UsWGfSyq9Vq5Z -R3z+r9ch156ZRYb+kMPc7lVK08C308JD34ulvMqV7vrqB099spnrpFVevXv9WinA -wEI6s0hzmtO1nvSj7P/+70EqLmhQbeJbOQWHtUarBtTOLzrhEoz5z3/1FfEa0N9x -OMrZ2YXgcnoSyHUZ0vWFis/RraLLTlSx4lGu5qpPzYFgExi6Ji3/pDa0CZ+1StkP -cjxDu2/E7QEDnsiEB9q86Gt8aSgKoSeIhAip9vZfM+/FutA8pBMaoCan6alS5th3 -33REU9ktKKMxv1Qrzdfasj4SBJ2W94bC8vcWg7DEsq7U0F6J+5qUL4PWPPe4oEvB -bj6BGtjnDaEUgii45Oda7Q+2D6Y/AMGzTQE4tf4ktQ2i7ToY1fER44mOJiUh+G0s -wh72/NK7agsSURWn5QQKJZSYpryD3FrFZy+S7MbFf0ubvik5PVWtnkxWvGwyIFX0 -6MHz0QMFV2hhGfi6fUbWNtft8TzMdEqiQ4dCJaTnhuosBAeIWGAFaUaeropeNGiy -EzyNWJ6mgFwudPAw3QT+q7uHwafO5cXHrPC5AQ0ETS2LgQEIAKHwucgbaRj0V7Ht -0FnM6RmbqwZ7IFV2lR+YN1gkZaWRRCaJoPEZFKhhPEBX1bDVwr/iTPaPPEtpi7oQ -oHk65yeLrhtOmXXpNVkV/5WQjAJIrWn+JQ3z/ZejxHULhzKsGg5FC6pRYcEyzRXH -tv4BO9kBIKNVirZjEkQG4BnIrQgl6e2YFa47GNMqcQH7nJdwG1cGQOZOIDQQM41g -BzwoSrStMA6DjHkukFegKfcSbSLArBtYNAwTwmW7RqOMEJwlo0+NYx2Yn75x66bY -wdlsP0FLOgez/O/IxoPRxXr0l4e+uj6dFHqvBi04dx6JsPmXEyeAyLiCWSh7Rwq8 -uIhBUBUAEQEAAYkBJQQYAQIADwUCTS2LgQIbIAUJEN2fAgAKCRAkmznSTyXjtrsS -CACRNgfGkD0OqOiwYo1/+KyWnrQLusVvSYOw8hN66geU3BO8iQ0Koy+m0QKY1kWj -aHwewpg8ZebY4E2sHbNIC9Spyiyz29sAJ2invf4/4MepTgpxNiw4+XmykCkN1AfV -hvMTQXMzRbO5ZwRtPpjsMr1j5vX1s6U3/RxSAItpAkCu1GGTTOH0r12Ochc/um+Q -GAyO6WUj/IiZ1MX7toXW0SCo8DSl8z5Q7KmJWF6TQLK1Lku4bIVG1Huwo1/0WHc2 -vCad5BxHjgoy8TsKLTmvYQZWtnjWvQGV2UOABYWcacutZXQQ2PPCIY7LlpuS/45C -XWbT5Y+mxY3y7dbz4aF+8uyCiJwEEAECAAYFAk0tjQQACgkQU7Yg0BzgxjBGTwQA -i5qzI6cJslbyOl+TeDZVnLV0FmPuDg8dojvQrVDPxfemIjxZZoMLCVM8ly8AC2JP -rIYfN040C343saIc0tTtOwwmVMuy7G/Uex22CdWH/0HBMpG4gFuOuQmW9QQDjEdh -1DgwU2gAWonX54ZlMybWss+2NCikRwMflVUupH57BauZAQ0EVFA7IwEIAOYQcDfR -dzqin/vZlwl1AyuJW+cDI3bYvesRtOIAJ+8FqOzp+nOZ7a4mULkXUeRh3HcO91wu -ghXoR3qP3klWIlqgTQQHxPVM25BEvnGPuMA86lWnKoSsXe9F5h0IMiu6aURvzMJC -9VMgKwhhgCjejFf9n8zuiBkMN457Ubnt/9jxhpxmorDQCpb7bR1mfdbsuCmOXwTN -fbkAoGXceL/P6z9PskKrFk8CVCr8pseRiHzWgib4Bfr/mj68LKcQTH/Y6R16g154 -eC6PAvxrEDA+hgpVX0I7L781Byh9nqC+KDX5LvlGuQbgB2IvrgLs6lfU3aRfTwqU -DMj37rmXJTDy3TMAEQEAAbQyTklJQkUgWXV0YWthIChHbnVQRyBSZWxlYXNlIEtl -eSkgPGduaWliZUBmc2lqLm9yZz6JATwEEwEIACYFAlRQOyMCGwMFCQPCZwAFCwcI -CQMEFQgJCgUWAgMBAAIeAQIXgAAKCRAgcbCKM70/BnX/CADQspqXXAVlrwU9Sidz -YbPAT1iGRmIkHwoD9rtPr/9xbg3jr8azCKpknE3VF0qzUH6unsQwxTduGhey0sFw -hi96WOqHiU8FYKxNPb786nACaCfOOB1MdymcIxMQ51mS0PlIqtOPa1VpZcCVYr9S -wQRqcDdy/Oh/Ljifuub4Shrs/VgYIcv74iGyLroSVt6GKVNP/HFyQddSOLVcO+hq -AQQ0QeTmPhnaaFa2OcZyW+6IGRLhd7N7M0xb988DKllfhuRRE1sZ3yO2RvcSq35u -/5lChID5SS/wA9oDOPyVFLD4JiMPGmgzSO2aI+uT678OjjoI5UD8hfbZpg1PZjYq -hYlXiQEcBBABCAAGBQJUUDxQAAoJEAC0Xr1Mp7q+0HgH/0Z54Wo4kSqyxsGWfAja -PXu+/r5PciOyKZifhe2EnIZagMXwiyPqxDF18uhG2HRo7nbN6zhYhZ5OrSc8m+oZ -MQEIe+KqERHTcfujj6sPk9rdVf3HAGbER3DfT9e6qONuEqVGUyD26FxDsdy4qSjJ -/Bcui34kwkpBrFrhghTClluCykP0FWFxBgN8UEgR6TWDDKIKyaeUQFy+5Fhexln6 -yR1flNIRqyPiBpUpMUvGaNb6M5yoDLSV7vvVqLNT/9BwH7FLIcCoxCYzvlHDMyA2 -vtW6+d0cGbRa1LLH9c6eTLAohujVhXPAxcKG5JvyfPJIhxV8WfvFglRdjXqtcOC5 -SDqIVgQQEQgABgUCVFN3igAKCRDyrYWsHkKzZ8cHAN9TXXN4HwG0Cdy7ANgLT8yy -YePY7e0zIzESOZooAOCkBGh3yiYEsOh2YGK2YwmFRvZ2cQ59MCpor/GFiQEcBBAB -CAAGBQJUU4IdAAoJECSbOdJPJeO2giEH/RkT+mkjYZyoPFLA8qRGSSgwPyhd0qQ/ -GNQXaOA/5tx4cqLPUXvxzH95mW0Hhq/w66M7UjCofYLRpWvjpbd5LIhymabDoX2y -MtxN/Jkl9Ymu+htvtZBIq9bDR4cWA0ZHpn4EDeiGPCxoJm3POQfaBcj4QzuppmjM -zD55KRnipMT0Hj+GQxlmkE7SgbL09DNKUAMZ+3LK5O2hJS96l+z4S9hJ11DuyRda -rTN4+46GeDYymmXr3QD5pPLDJ61s+9V6qOIBsjs0Hl/xPDt2TQV5t700e9vDOCJK -0w+YgqtNy2G+AgKUGRm+aQEVYA/Fg90d8vMCWkMbEm1HfVzTM0UEfry5AQ0EVFA7 -IwEIAL3gJa4wcuY/UHugXFTQWMq/cPpFOktIuoL+epFZ4pV2VJ11Hguc7+v1qFGw -aB6QARXJ4PThIoAPuDc5YyFa8SwrppiCbNzRwskIlFOwtb5fuRFajfcpQAoikpg7 -xUXyIStZ6NqO+jlSA3fLVX9qeqUFTjkNqUuT+a7olc6vq3u7zf4ixxOsVBORbXvA -7GhzqL3MM5TUWhZkXI1T6HGk8Iad1+dLbmrNoSlvWrPFigenK20KQZfhHeyJfqAC -REsg+GxgrixmKEFmFMGAd0BVhJiQKsqFE1ahJvdelSF1PmXzy4+jPDFeu5ebOTpY -K/pl0In7SsZKHAmNTWPqD4WSyT0AEQEAAYkBJQQYAQgADwUCVFA7IwIbDAUJA8Jn -AAAKCRAgcbCKM70/BuCrB/sF90+ACTEyu3QEl4sm7Ui2cJDhxnytu5LmDADGtjzR -BcOgmq7BFazUBdoG7RVb70q9Z2nS6FBvRbLt+/jStG0L5Pye4T/WNp/ZvIwh9DA9 -Wnc4Mf47dZl7DUq+tBmq4MqKaAfFGyhYfm+rZWOiEjyhC5A03wBh7LFijvh4Hz7d -Z9St3DgxiIlwp3bQyOhllLXoqVv32qYtVl8T923/7DBlgUHtylvm++8TW+ipL7Jw -PZG3SKtGDq6XDs5ehSsnbmx+Su/2i0OiYOX1X/+nIllKn4iLArivTGeTyyNceBeT -NR0jJLQAHXsDDX4baxtQrJf9J06DM3sPyoR3cLufndPC -=cOKL +E4F5XeCB/0ovao2/bk22w1TxzP6PMxo6sLkmaF6D0frhM2bl4C/uSsq5AQ0ETS2L +gQEIAKHwucgbaRj0V7Ht0FnM6RmbqwZ7IFV2lR+YN1gkZaWRRCaJoPEZFKhhPEBX +1bDVwr/iTPaPPEtpi7oQoHk65yeLrhtOmXXpNVkV/5WQjAJIrWn+JQ3z/ZejxHUL +hzKsGg5FC6pRYcEyzRXHtv4BO9kBIKNVirZjEkQG4BnIrQgl6e2YFa47GNMqcQH7 +nJdwG1cGQOZOIDQQM41gBzwoSrStMA6DjHkukFegKfcSbSLArBtYNAwTwmW7RqOM +EJwlo0+NYx2Yn75x66bYwdlsP0FLOgez/O/IxoPRxXr0l4e+uj6dFHqvBi04dx6J +sPmXEyeAyLiCWSh7Rwq8uIhBUBUAEQEAAYkBJQQYAQIADwUCTS2LgQIbIAUJEN2f +AgAKCRAkmznSTyXjtrsSCACRNgfGkD0OqOiwYo1/+KyWnrQLusVvSYOw8hN66geU +3BO8iQ0Koy+m0QKY1kWjaHwewpg8ZebY4E2sHbNIC9Spyiyz29sAJ2invf4/4Mep +TgpxNiw4+XmykCkN1AfVhvMTQXMzRbO5ZwRtPpjsMr1j5vX1s6U3/RxSAItpAkCu +1GGTTOH0r12Ochc/um+QGAyO6WUj/IiZ1MX7toXW0SCo8DSl8z5Q7KmJWF6TQLK1 +Lku4bIVG1Huwo1/0WHc2vCad5BxHjgoy8TsKLTmvYQZWtnjWvQGV2UOABYWcacut +ZXQQ2PPCIY7LlpuS/45CXWbT5Y+mxY3y7dbz4aF+8uyCiJwEEAECAAYFAk0tjQQA +CgkQU7Yg0BzgxjBGTwQAi5qzI6cJslbyOl+TeDZVnLV0FmPuDg8dojvQrVDPxfem +IjxZZoMLCVM8ly8AC2JPrIYfN040C343saIc0tTtOwwmVMuy7G/Uex22CdWH/0HB +MpG4gFuOuQmW9QQDjEdh1DgwU2gAWonX54ZlMybWss+2NCikRwMflVUupH57BauZ +AQ0EVFA7IwEIAOYQcDfRdzqin/vZlwl1AyuJW+cDI3bYvesRtOIAJ+8FqOzp+nOZ +7a4mULkXUeRh3HcO91wughXoR3qP3klWIlqgTQQHxPVM25BEvnGPuMA86lWnKoSs +Xe9F5h0IMiu6aURvzMJC9VMgKwhhgCjejFf9n8zuiBkMN457Ubnt/9jxhpxmorDQ +Cpb7bR1mfdbsuCmOXwTNfbkAoGXceL/P6z9PskKrFk8CVCr8pseRiHzWgib4Bfr/ +mj68LKcQTH/Y6R16g154eC6PAvxrEDA+hgpVX0I7L781Byh9nqC+KDX5LvlGuQbg +B2IvrgLs6lfU3aRfTwqUDMj37rmXJTDy3TMAEQEAAbQyTklJQkUgWXV0YWthIChH +bnVQRyBSZWxlYXNlIEtleSkgPGduaWliZUBmc2lqLm9yZz6JATwEEwEIACYCGwMF +CwcICQMEFQgJCgUWAgMBAAIeAQIXgAUCWA8UWQUJC0uQNgAKCRAgcbCKM70/Brxv +CADASJRs/b6GHEklwHUDrr89oDNpDo7zB8zelZUvVT9OiI5089g53oxWcC5sScPH +vJmY1KNI8NtrqNR0REIQ653t0tSGszzHk1AlDc6VhTMVzXOkgMq8PWqVmvIKLhlF +ib9xzsFbPBBQNhPVHbQydrhuzGP/nguSv2njgMrnWRG70vK4GcqUxawbQXDSlFmY +c+xUZ+tx8RJmCxN6eiNfWQ163NVk2sxdqM9fM8punLlEa+sGkW3UnplE7IaS5ygg +WV8yfNm1wYFzZ33ZnN4LUtuGZjN2Xyv62M7RA5Ik5LNkdYMA8H+UbQ6Wn+Sw9rnx +EnWy7k/vG5QJbHG4GCwXMA6ruQENBFRQOyMBCAC94CWuMHLmP1B7oFxU0FjKv3D6 +RTpLSLqC/nqRWeKVdlSddR4LnO/r9ahRsGgekAEVyeD04SKAD7g3OWMhWvEsK6aY +gmzc0cLJCJRTsLW+X7kRWo33KUAKIpKYO8VF8iErWejajvo5UgN3y1V/anqlBU45 +DalLk/mu6JXOr6t7u83+IscTrFQTkW17wOxoc6i9zDOU1FoWZFyNU+hxpPCGndfn +S25qzaEpb1qzxYoHpyttCkGX4R3siX6gAkRLIPhsYK4sZihBZhTBgHdAVYSYkCrK +hRNWoSb3XpUhdT5l88uPozwxXruXmzk6WCv6ZdCJ+0rGShwJjU1j6g+Fksk9ABEB +AAGJASUEGAEIAA8FAlRQOyMCGwwFCQPCZwAACgkQIHGwijO9Pwbgqwf7BfdPgAkx +Mrt0BJeLJu1ItnCQ4cZ8rbuS5gwAxrY80QXDoJquwRWs1AXaBu0VW+9KvWdp0uhQ +b0Wy7fv40rRtC+T8nuE/1jaf2byMIfQwPVp3ODH+O3WZew1KvrQZquDKimgHxRso +WH5vq2VjohI8oQuQNN8AYeyxYo74eB8+3WfUrdw4MYiJcKd20MjoZZS16Klb99qm +LVZfE/dt/+wwZYFB7cpb5vvvE1voqS+ycD2Rt0irRg6ulw7OXoUrJ25sfkrv9otD +omDl9V//pyJZSp+IiwK4r0xnk8sjXHgXkzUdIyS0AB17Aw1+G2sbUKyX/SdOgzN7 +D8qEd3C7n53TwokBJQQYAQgADwIbDAUCWA8URgUJC0uQIwAKCRAgcbCKM70/BgoN +B/0ddDVFvid4L+z/+9F/CqkSxhOoYuB387x3/QGseiMTV3qLKJ1kgZfjRKCarU49 +RkT0a1bmXZa7CPJyGsjJJHw2dDyH1w3RqBiMt+n7ewkUZhEawvYnsSYlU9R3r6Ad +yrYvn7OGbd73xppLEyVLlAZwT0jIO1015NQHJreSDqW1rNKj3O3MZXqfnzk/ZSJJ +CcvV+y+KTmJCQPyToNzKCaEGfF9ufLmM9pXs9NynHBjyTqMcgvxnXjgZgdlhu4cx +C7Affnu9GC+rR6l2H7snEma0O1LyCmdH9TaRWGiBLA9CcHTrO1w+9efBnOdgavD5 +ndrnvD55/YxnhuLyA60R3TOH +=dqO2 -----END PGP PUBLIC KEY BLOCK-----Attachment: signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
- To: Cyril Brulebois <kibi@debian.org>
- Cc: Andreas Metzler <ametzler@bebt.de>, 864083-done@bugs.debian.org
- Subject: Re: Bug#864083: unblock: libgcrypt20/1.7.6-2
- From: Niels Thykier <niels@thykier.net>
- Date: Sun, 04 Jun 2017 21:29:00 +0000
- Message-id: <4d0a6a78-53d6-1b69-ffd0-e749a42f4f48@thykier.net>
- In-reply-to: <[🔎] 20170604210756.GM6464@mraw.org>
- References: <[🔎] 20170604083044.qxfcagcaguyljqxi@argenau.bebt.de> <[🔎] 56417022-4afb-5ee0-4122-c55e16fad187@thykier.net> <[🔎] 20170604164403.GK6464@mraw.org> <[🔎] 20170604210756.GM6464@mraw.org>
Cyril Brulebois: > Cyril Brulebois <kibi@debian.org> (2017-06-04): >> I'm missing cryptsetup test cases right now, so I can't tell in a few >> minutes. I'll try to add one and/or run this manually on monday, but >> not making any promises. At some point, late requests will need to be >> punted for r1. Especially given the current amount and the timing >> getting tighter and tighter. > > I actually managed to get that on today's schedule: I had a playbook for > full images (but none for netboot-gtk yet), and after some tweaks I've > confirmed a basic encrypted LVM setup with default encryption settings > still works fine with an updated libgcrypt20-udeb. > > ACK. > > > KiBi. > Unblocked, thanks. ~Niels
--- End Message ---