Hi Magnus
On 2021-03-27 20:28:54 +0100, Magnus Holmgren wrote:
> Hi,
>
> Nettle has a fairly significant bug in ECDSA signature verification:
>
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985652
>
> We'd like to address this by uploading the upstream release fix 3.7.2.
>
> You can review the diff at:
>
> https://salsa.debian.org/ametzler/nettle/-/compare/9d122ba18817c0f3e2fa235e30565eb536a85e9c...3361d1e55eea83c8533cc67f18ae7da9fc235e63
>
> (I might adjust it slightly, mainly w.r.t. the symbols files.)
>
> Scroll down to NEWS fore an overview of changes.
>
> The fix for the bug in chacha counter update logic was already included
> in the 3.7-2.1 NMU by Andreas. The only new features added are
> pbkdf2_hmac_sha384 and pbkdf2_hmac_sha512 (same as pbkdf2_hmac_sha256
> but with other PRFs).
>
> The one change that doesn't seem to be mentioned in NEWS or ChangeLog is
> https://git.lysator.liu.se/nettle/nettle/-/commit/62dc4ce42fbebd7cad1f431dc6cd92bb66bf6242
>
> Andreas says:
> > I think 3.7.2 matches the freeze policy ("Only small, targeted fixes").
> > Cherry-pincking the patches would result in only slightly smaller diff,
> > and having a clean 3.7.2 instead of patched 3.7 has the big benefit of
> > later no-fuzz security and stable updates (if necessary).
>
> Nettle has good test coverage and Dr. Möller (a fellow Swede b.t.w.)
> monitors the Debian BTS and we have good communication. I think the risks
> are low. What do you think?
Assuming that the changes to debian/ are minimal, please go ahead.
Please also use a bug report next time (reportbug release.debian.org ->
unblock) to avoid unblock requests to get lost on the mailing list.
Cheers
--
Sebastian Ramacher
Attachment:
signature.asc
Description: PGP signature