Your message dated Sat, 22 Jul 2017 13:17:18 +0100 with message-id <1500725838.14212.3.camel@adam-barratt.org.uk> and subject line Closing bugs for 9.1 p-u fixes has caused the Debian Bug report #867659, regarding stretch-pu: package gnutls28/3.5.8-5+deb9u2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 867659: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867659 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: stretch-pu: package gnutls28/3.5.8-5+deb9u2
- From: Andreas Metzler <ametzler@bebt.de>
- Date: Sat, 8 Jul 2017 10:52:10 +0200
- Message-id: <[🔎] 20170708085210.yrxhbrpaefl662fo@argenau.bebt.de>
Package: release.debian.org Severity: normal Tags: stretch User: release.debian.org@packages.debian.org Usertags: pu Hello, I would like to fix #867581 in stable by pulling the patch from 3.5.13. The issue is about broken AES-GCM in-place encryption and decryption on aarch64. cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure'diff -Nru gnutls28-3.5.8/debian/changelog gnutls28-3.5.8/debian/changelog --- gnutls28-3.5.8/debian/changelog 2017-06-16 07:47:11.000000000 +0200 +++ gnutls28-3.5.8/debian/changelog 2017-07-08 10:29:05.000000000 +0200 @@ -1,3 +1,11 @@ +gnutls28 (3.5.8-5+deb9u2) stretch; urgency=medium + + * 37_aarch64-fix-AES-GCM-in-place-encryption-and-decrypti.patch from + upstream 3.5.x branch: Fix breakage if AES-GCM in-place encryption and + decryption on aarch64. Closes: #867581 + + -- Andreas Metzler <ametzler@debian.org> Sat, 08 Jul 2017 10:29:05 +0200 + gnutls28 (3.5.8-5+deb9u1) stretch-security; urgency=high * 36_CVE-2017-7507_*.patch: Pulled from 3.5.13, fix crash upon receiving diff -Nru gnutls28-3.5.8/debian/patches/37_aarch64-fix-AES-GCM-in-place-encryption-and-decrypti.patch gnutls28-3.5.8/debian/patches/37_aarch64-fix-AES-GCM-in-place-encryption-and-decrypti.patch --- gnutls28-3.5.8/debian/patches/37_aarch64-fix-AES-GCM-in-place-encryption-and-decrypti.patch 1970-01-01 01:00:00.000000000 +0100 +++ gnutls28-3.5.8/debian/patches/37_aarch64-fix-AES-GCM-in-place-encryption-and-decrypti.patch 2017-07-07 19:43:55.000000000 +0200 @@ -0,0 +1,57 @@ +From 864e8d4e3ba87f53df7bdef695661415ed60a018 Mon Sep 17 00:00:00 2001 +From: Nikos Mavrogiannopoulos <nmav@redhat.com> +Date: Mon, 22 May 2017 14:41:56 +0200 +Subject: [PATCH] aarch64: fix AES-GCM in-place encryption and decryption + +Resolves #204 + +Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> +--- + lib/accelerated/aarch64/aes-gcm-aarch64.c | 24 ++++++++++++++++++++++++ + 1 file changed, 24 insertions(+) + +diff --git a/lib/accelerated/aarch64/aes-gcm-aarch64.c b/lib/accelerated/aarch64/aes-gcm-aarch64.c +index c571d0294..8d2bc1dce 100644 +--- a/lib/accelerated/aarch64/aes-gcm-aarch64.c ++++ b/lib/accelerated/aarch64/aes-gcm-aarch64.c +@@ -153,6 +153,27 @@ gcm_ghash(struct aes_gcm_ctx *ctx, const uint8_t * src, size_t src_size) + } + + static void ++ctr32_encrypt_blocks_inplace(const unsigned char *in, unsigned char *out, ++ size_t blocks, const AES_KEY *key, ++ const unsigned char ivec[16]) ++{ ++ unsigned i; ++ uint8_t ctr[16]; ++ uint8_t tmp[16]; ++ ++ memcpy(ctr, ivec, 16); ++ ++ for (i=0;i<blocks;i++) { ++ aes_v8_encrypt(ctr, tmp, key); ++ memxor3(out, tmp, in, 16); ++ ++ out += 16; ++ in += 16; ++ INCREMENT(16, ctr); ++ } ++} ++ ++static void + ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out, + size_t blocks, const AES_KEY *key, + const unsigned char ivec[16]) +@@ -160,6 +181,9 @@ ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out, + unsigned i; + uint8_t ctr[16]; + ++ if (in == out) ++ return ctr32_encrypt_blocks_inplace(in, out, blocks, key, ivec); ++ + memcpy(ctr, ivec, 16); + + for (i=0;i<blocks;i++) { +-- +2.13.2 + diff -Nru gnutls28-3.5.8/debian/patches/series gnutls28-3.5.8/debian/patches/series --- gnutls28-3.5.8/debian/patches/series 2017-06-16 07:47:04.000000000 +0200 +++ gnutls28-3.5.8/debian/patches/series 2017-07-07 19:43:58.000000000 +0200 @@ -12,3 +12,4 @@ 36_CVE-2017-7507_1-ext-status_request-ensure-response-IDs-are-properly-.patch 36_CVE-2017-7507_2-ext-status_request-Removed-the-parsing-of-responder-.patch 36_CVE-2017-7507_3-gnutls_ocsp_status_request_enable_client-documented-.patch +37_aarch64-fix-AES-GCM-in-place-encryption-and-decrypti.patchAttachment: signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
- To: 864292-done@bugs.debian.org, 864747-done@bugs.debian.org, 864757-done@bugs.debian.org, 864802-done@bugs.debian.org, 864973-done@bugs.debian.org, 865002-done@bugs.debian.org, 865057-done@bugs.debian.org, 865122-done@bugs.debian.org, 865212-done@bugs.debian.org, 865214-done@bugs.debian.org, 865225-done@bugs.debian.org, 865270-done@bugs.debian.org, 865355-done@bugs.debian.org, 865695-done@bugs.debian.org, 865997-done@bugs.debian.org, 866332-done@bugs.debian.org, 866351-done@bugs.debian.org, 866516-done@bugs.debian.org, 866679-done@bugs.debian.org, 866692-done@bugs.debian.org, 866759-done@bugs.debian.org, 867091-done@bugs.debian.org, 867118-done@bugs.debian.org, 867159-done@bugs.debian.org, 867190-done@bugs.debian.org, 867231-done@bugs.debian.org, 867248-done@bugs.debian.org, 867335-done@bugs.debian.org, 867479-done@bugs.debian.org, 867490-done@bugs.debian.org, 867567-done@bugs.debian.org, 867597-done@bugs.debian.org, 867624-done@bugs.debian.org, 867659-done@bugs.debian.org, 867716-done@bugs.debian.org, 867965-done@bugs.debian.org, 867966-done@bugs.debian.org, 867970-done@bugs.debian.org, 867989-done@bugs.debian.org, 868017-done@bugs.debian.org, 868029-done@bugs.debian.org, 868054-done@bugs.debian.org, 868102-done@bugs.debian.org, 868105-done@bugs.debian.org, 868128-done@bugs.debian.org, 868130-done@bugs.debian.org, 868214-done@bugs.debian.org, 868222-done@bugs.debian.org, 868228-done@bugs.debian.org, 868344-done@bugs.debian.org, 868361-done@bugs.debian.org, 868451-done@bugs.debian.org, 868459-done@bugs.debian.org, 868468-done@bugs.debian.org
- Subject: Closing bugs for 9.1 p-u fixes
- From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Date: Sat, 22 Jul 2017 13:17:18 +0100
- Message-id: <1500725838.14212.3.camel@adam-barratt.org.uk>
Version: 9.1 Hi, These bugs all relate to updates which were included in today's stretch point release. Regards, Adam
--- End Message ---