Package:
release.debian.org
User:
release.debian.org@packages.debian.org
Usertags: unblock
X-Debbugs-Cc:
samueloph@debian.org
Severity: normal
Please unblock package aeskeyfind
[ Reason ]
The recent introduction of integration tests, thanks to Jan Gru <
j4n6ru@gmail.com> uncovered two critical issues with aeskeyfind:
1. A somewhat recent regression caused by compiler's change and aeskeyfind's code with undefined behavior
2. Failure to retrieve AES keys on a non-corrupted memory dump for archs arm64, armhf and ppc64el (integration tests only pass for amd64 and i386).
Problem 1 is fixed by a patch provided by Adrian Bunk <
bunk@debian.org> and problem 2 is mitigated by disabling the other archs (restricting it to amd64 and i386).
More details at the bugreport:
https://bugs.debian.org/989179
[ Impact ]
aeskeyfind will fail to fulfill its only purpose of finding AES keys on memory dumps.
[ Tests ]
The new integration tests allowed us to identify the issues in the first place.
[ Risks ]
Since aeskeyfind is also used to recover AES keys out of corrupted memory dumps, it **could** be possible that our fix for the non-corrupted scenario broke the detection for corrupted dumps. I'm very confident that this cannot be the case because of the way aeskeyfind looks for keys; without the fix it was still possible to retrieve the key by making use of the threshold (-t 50) parameter (which tweaks the heuristics of the algorithm).
The fix allows us to use the default threshold value (-t 10) which means the algorithm gets the key with more confidence.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock aeskeyfind/1:1.0-11