Bug#989701: marked as done (buster-pu: package clevis/11-2+deb10u2)

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Subject: Bug#989701: marked as done (buster-pu: package clevis/11-2+deb10u2)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Sat, 19 Jun 2021 10:01:39 +0000
Message-id: <[🔎] handler.989701.D989701.162409664614953.ackdone@bugs.debian.org>
Reply-to: 989701@bugs.debian.org
References: <5c65c3ad2ac9b1b1f78bf73b1cf073041e619b51.camel@adam-barratt.org.uk> <[🔎] 1623353193@msgid.manchmal.in-ulm.de>

Your message dated Sat, 19 Jun 2021 10:56:39 +0100
with message-id <5c65c3ad2ac9b1b1f78bf73b1cf073041e619b51.camel@adam-barratt.org.uk>
and subject line Closing p-u requests for fixes included in 10.10 point release
has caused the Debian Bug report #989701,
regarding buster-pu: package clevis/11-2+deb10u2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
989701: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989701
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: buster-pu: package clevis/11-2+deb10u2
From: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
Date: Thu, 10 Jun 2021 21:28:52 +0200
Message-id: <[🔎] 1623353193@msgid.manchmal.in-ulm.de>

Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian.org@packages.debian.org
Usertags: pu

Hello stable release team,

for the upcoming stable point release, I've just uploaded src:clevis
("automated encryption framework") as version 11-2+deb10u2. There is
one change related to the TPM integration:

* Fix handling of TPM chips that support sha256 only

Type: upstream bug
Debian bug: https://bugs.debian.org/989648
Fixed in in stable and testing: 12-1 (February 2020)

Problem: Possibly due to a typo, the clevis-encrypt-tpm2 backend cannot
handle TPM chips that support sha256 only.

Regards,

    Christoph

diff -Nru clevis-11/debian/changelog clevis-11/debian/changelog
--- clevis-11/debian/changelog	2021-01-25 20:03:26.000000000 +0100
+++ clevis-11/debian/changelog	2021-06-09 15:59:00.000000000 +0200
@@ -1,3 +1,10 @@
+clevis (11-2+deb10u2) buster; urgency=medium
+
+  * Cherry-pick "Bugfix: set pcr_bank from pcr_bank not pcr_hash
+    field". Closes: #989648
+
+ -- Christoph Biedl <debian.axhn@manchmal.in-ulm.de>  Wed, 09 Jun 2021 19:58:50 +0200
+
 clevis (11-2+deb10u1) buster; urgency=medium
 
   * Cherry-pick two comments to fix initramfs creation: Closes: #969361
diff -Nru clevis-11/debian/patches/cherry-pick/1551971881.v11-5-g67fc67c.bugfix-set-pcr-bank-from-pcr-bank-not-pcr-hash-field.patch clevis-11/debian/patches/cherry-pick/1551971881.v11-5-g67fc67c.bugfix-set-pcr-bank-from-pcr-bank-not-pcr-hash-field.patch
--- clevis-11/debian/patches/cherry-pick/1551971881.v11-5-g67fc67c.bugfix-set-pcr-bank-from-pcr-bank-not-pcr-hash-field.patch	1970-01-01 01:00:00.000000000 +0100
+++ clevis-11/debian/patches/cherry-pick/1551971881.v11-5-g67fc67c.bugfix-set-pcr-bank-from-pcr-bank-not-pcr-hash-field.patch	2021-06-09 15:55:44.000000000 +0200
@@ -0,0 +1,16 @@
+Subject: Bugfix: set pcr_bank from pcr_bank not pcr_hash field
+Origin: v11-5-g67fc67c <https://github.com/latchset/clevis/commit/v11-5-g67fc67c>
+Upstream-Author: Markus Linnala <markus.linnala@gmail.com>
+Date: Thu Mar 7 17:18:01 2019 +0200
+
+--- a/src/pins/tpm2/clevis-encrypt-tpm2
++++ b/src/pins/tpm2/clevis-encrypt-tpm2
+@@ -88,7 +88,7 @@
+ 
+ key=`jose fmt -j- -Og key -u- <<< "$cfg"` || key="ecc"
+ 
+-pcr_bank=`jose fmt -j- -Og pcr_hash -u- <<< "$cfg"` || pcr_bank="sha1"
++pcr_bank=`jose fmt -j- -Og pcr_bank -u- <<< "$cfg"` || pcr_bank="sha1"
+ 
+ pcr_ids=`jose fmt -j- -Og pcr_ids -u- <<< "$cfg"` || true
+ 
diff -Nru clevis-11/debian/patches/series clevis-11/debian/patches/series
--- clevis-11/debian/patches/series	2021-01-25 20:03:26.000000000 +0100
+++ clevis-11/debian/patches/series	2021-06-09 15:55:55.000000000 +0200
@@ -2,6 +2,7 @@
 # cherry-picked commits. Keep in upstream's chronological order
 cherry-pick/1541598788.v11-1-g1e344db.delete-remaining-references-to-the-removed-http-pin.patch
 cherry-pick/1541599937.v11-2-g3465859.install-cryptsetup-and-tpm2-pcrlist-in-the-initramfs.patch
+cherry-pick/1551971881.v11-5-g67fc67c.bugfix-set-pcr-bank-from-pcr-bank-not-pcr-hash-field.patch
 
 # local modifications
 debian.use-socat.patch

Attachment: signature.asc
Description: PGP signature

--- End Message ---

--- Begin Message ---

To: 934206-done@bugs.debian.org, 982996-done@bugs.debian.org, 983110-done@bugs.debian.org, 984604-done@bugs.debian.org, 985791-done@bugs.debian.org, 985792-done@bugs.debian.org, 985943-done@bugs.debian.org, 986001-done@bugs.debian.org, 986014-done@bugs.debian.org, 986112-done@bugs.debian.org, 986224-done@bugs.debian.org, 986673-done@bugs.debian.org, 987038-done@bugs.debian.org, 987042-done@bugs.debian.org, 987048-done@bugs.debian.org, 987164-done@bugs.debian.org, 987210-done@bugs.debian.org, 987246-done@bugs.debian.org, 987489-done@bugs.debian.org, 987494-done@bugs.debian.org, 987529-done@bugs.debian.org, 987531-done@bugs.debian.org, 987548-done@bugs.debian.org, 987719-done@bugs.debian.org, 987725-done@bugs.debian.org, 987726-done@bugs.debian.org, 987731-done@bugs.debian.org, 987859-done@bugs.debian.org, 987958-done@bugs.debian.org, 988255-done@bugs.debian.org, 988314-done@bugs.debian.org, 988365-done@bugs.debian.org, 988453-done@bugs.debian.org, 988454-done@bugs.debian.org, 988455-done@bugs.debian.org, 988482-done@bugs.debian.org, 988492-done@bugs.debian.org, 988508-done@bugs.debian.org, 988936-done@bugs.debian.org, 988962-done@bugs.debian.org, 988974-done@bugs.debian.org, 988977-done@bugs.debian.org, 989023-done@bugs.debian.org, 989024-done@bugs.debian.org, 989129-done@bugs.debian.org, 989132-done@bugs.debian.org, 989420-done@bugs.debian.org, 989422-done@bugs.debian.org, 989509-done@bugs.debian.org, 989623-done@bugs.debian.org, 989668-done@bugs.debian.org, 989701-done@bugs.debian.org, 989702-done@bugs.debian.org, 989768-done@bugs.debian.org, 989772-done@bugs.debian.org

Subject: Closing p-u requests for fixes included in 10.10 point release

From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Date: Sat, 19 Jun 2021 10:56:39 +0100

Message-id: <5c65c3ad2ac9b1b1f78bf73b1cf073041e619b51.camel@adam-barratt.org.uk>
Package: release.debian.org
Version: 10.10

Hi,

Each of the updates referenced in these bugs was included in the 10.10
point release today.

Regards,

Adam
--- End Message ---

Reply to:

References:
- Bug#989701: buster-pu: package clevis/11-2+deb10u2
  - From: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>

Prev by Date: Bug#989668: marked as done (buster-pu: package isync/1.3.0-2.2~deb10u1)
Next by Date: Bug#989702: marked as done (buster-pu: package eterm/0.9.6-5+deb10u1)
Previous by thread: Processed: clevis 11-2+deb10u2 flagged for acceptance
Next by thread: Bug#989702: buster-pu: package eterm/0.9.6-5+deb10u1
Index(es):
- Date
- Thread