Bug#1012033: marked as done (bullseye-pu: package gnutls28/3.7.1-5+deb11u1)

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Subject: Bug#1012033: marked as done (bullseye-pu: package gnutls28/3.7.1-5+deb11u1)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Sat, 09 Jul 2022 10:52:49 +0000
Message-id: <[🔎] handler.1012033.D1012033.165736378627452.ackdone@bugs.debian.org>
Reply-to: 1012033@bugs.debian.org
References: <2280fe8c78e64b02a6c1d04c6dde5a32e342ba81.camel@adam-barratt.org.uk> <YpMGq5hyLraDU8Gn@argenau.bebt.de>

Your message dated Sat, 09 Jul 2022 11:47:43 +0100
with message-id <2280fe8c78e64b02a6c1d04c6dde5a32e342ba81.camel@adam-barratt.org.uk>
and subject line Closing requests for updates included in 11.4
has caused the Debian Bug report #1012033,
regarding bullseye-pu: package gnutls28/3.7.1-5+deb11u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1012033: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012033
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: bullseye-pu: package gnutls28/3.7.1-5+deb11u1
From: Andreas Metzler <ametzler@bebt.de>
Date: Sun, 29 May 2022 07:37:47 +0200
Message-id: <YpMGq5hyLraDU8Gn@argenau.bebt.de>

Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian.org@packages.debian.org
Usertags: pu
X-Debbugs-Cc: Dmitry Baryshkov <dbaryshkov@gmail.com>, gnutls28@packages.debian.org

Hello,

as requested in #1011246 I would like fix miscalculation of SHA384 in
the SSA accelarated implementation.

It is a one-line change and was part of the 3.7.3 release.

cu Andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

diff -Nru gnutls28-3.7.1/debian/changelog gnutls28-3.7.1/debian/changelog
--- gnutls28-3.7.1/debian/changelog	2021-05-29 12:14:30.000000000 +0200
+++ gnutls28-3.7.1/debian/changelog	2022-05-22 13:04:01.000000000 +0200
@@ -1,3 +1,10 @@
+gnutls28 (3.7.1-5+deb11u1) bullseye; urgency=medium
+
+  * 56_40-fix-SSSE3-SHA384-to-work-more-than-once.patch: Backport SSSE3 SHA384
+    miscalculation fix from 3.7.3.  Closes: #1011246
+
+ -- Andreas Metzler <ametzler@debian.org>  Sun, 22 May 2022 13:04:01 +0200
+
 gnutls28 (3.7.1-5) unstable; urgency=medium
 
   * Another fix from 3.7.2:
diff -Nru gnutls28-3.7.1/debian/patches/56_40-fix-SSSE3-SHA384-to-work-more-than-once.patch gnutls28-3.7.1/debian/patches/56_40-fix-SSSE3-SHA384-to-work-more-than-once.patch
--- gnutls28-3.7.1/debian/patches/56_40-fix-SSSE3-SHA384-to-work-more-than-once.patch	1970-01-01 01:00:00.000000000 +0100
+++ gnutls28-3.7.1/debian/patches/56_40-fix-SSSE3-SHA384-to-work-more-than-once.patch	2022-05-22 13:04:01.000000000 +0200
@@ -0,0 +1,34 @@
+From acdfeb4b3f0c64ad20f28513618e9903bfb81426 Mon Sep 17 00:00:00 2001
+From: Miroslav Lichvar <mlichvar@redhat.com>
+Date: Wed, 1 Sep 2021 15:48:27 +0200
+Subject: [PATCH] fix SSSE3 SHA384 to work more than once
+
+The output function called sha512_digest() instead of sha384_digest(),
+which caused the hash context to be reinitialized for SHA512 instead of
+SHA384 and all following digests using the hash handle were wrong.
+
+Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com>
+---
+ lib/accelerated/x86/sha-x86-ssse3.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/accelerated/x86/sha-x86-ssse3.c b/lib/accelerated/x86/sha-x86-ssse3.c
+index 8ea4e54aee..1d442e97e7 100644
+--- a/lib/accelerated/x86/sha-x86-ssse3.c
++++ b/lib/accelerated/x86/sha-x86-ssse3.c
+@@ -258,11 +258,11 @@ static int _ctx_init(gnutls_digest_algorithm_t algo,
+ 		ctx->length = SHA256_DIGEST_SIZE;
+ 		break;
+ 	case GNUTLS_DIG_SHA384:
+ 		sha384_init(&ctx->ctx.sha384);
+ 		ctx->update = (update_func) x86_sha512_update;
+-		ctx->digest = (digest_func) sha512_digest;
++		ctx->digest = (digest_func) sha384_digest;
+ 		ctx->init = (init_func) sha384_init;
+ 		ctx->ctx_ptr = &ctx->ctx.sha384;
+ 		ctx->length = SHA384_DIGEST_SIZE;
+ 		break;
+ 	case GNUTLS_DIG_SHA512:
+-- 
+2.35.1
+
diff -Nru gnutls28-3.7.1/debian/patches/series gnutls28-3.7.1/debian/patches/series
--- gnutls28-3.7.1/debian/patches/series	2021-05-29 11:37:38.000000000 +0200
+++ gnutls28-3.7.1/debian/patches/series	2022-05-22 13:04:01.000000000 +0200
@@ -18,3 +18,4 @@
 56_28-handshake-fix-timing-of-sending-early-data.patch
 56_30-x509-verify-treat-SHA-1-signed-CA-in-the-trusted-set.patch
 56_33-serv-stop-setting-AI_ADDRCONFIG-on-getaddrinfo.patch
+56_40-fix-SSSE3-SHA384-to-work-more-than-once.patch

Attachment: signature.asc
Description: PGP signature

--- End Message ---

--- Begin Message ---

To: 1000355-done@bugs.debian.org, 1003261-done@bugs.debian.org, 1003713-done@bugs.debian.org, 1004459-done@bugs.debian.org, 1004580-done@bugs.debian.org, 1005129-done@bugs.debian.org, 1005135-done@bugs.debian.org, 1005231-done@bugs.debian.org, 1005237-done@bugs.debian.org, 1005252-done@bugs.debian.org, 1005256-done@bugs.debian.org, 1006316-done@bugs.debian.org, 1006504-done@bugs.debian.org, 1007714-done@bugs.debian.org, 1007762-done@bugs.debian.org, 1008045-done@bugs.debian.org, 1008153-done@bugs.debian.org, 1008161-done@bugs.debian.org, 1008162-done@bugs.debian.org, 1008166-done@bugs.debian.org, 1008168-done@bugs.debian.org, 1008268-done@bugs.debian.org, 1008577-done@bugs.debian.org, 1009077-done@bugs.debian.org, 1009250-done@bugs.debian.org, 1009345-done@bugs.debian.org, 1009363-done@bugs.debian.org, 1009726-done@bugs.debian.org, 1010037-done@bugs.debian.org, 1010050-done@bugs.debian.org, 1010058-done@bugs.debian.org, 1010194-done@bugs.debian.org, 1010211-done@bugs.debian.org, 1010304-done@bugs.debian.org, 1010383-done@bugs.debian.org, 1010439-done@bugs.debian.org, 1010613-done@bugs.debian.org, 1010857-done@bugs.debian.org, 1010924-done@bugs.debian.org, 1010963-done@bugs.debian.org, 1011022-done@bugs.debian.org, 1011198-done@bugs.debian.org, 1011271-done@bugs.debian.org, 1011287-done@bugs.debian.org, 1011331-done@bugs.debian.org, 1011359-done@bugs.debian.org, 1011365-done@bugs.debian.org, 1011426-done@bugs.debian.org, 1011746-done@bugs.debian.org, 1011939-done@bugs.debian.org, 1011942-done@bugs.debian.org, 1012033-done@bugs.debian.org, 1012047-done@bugs.debian.org, 1012140-done@bugs.debian.org, 1012322-done@bugs.debian.org, 1012323-done@bugs.debian.org, 1012331-done@bugs.debian.org, 1012553-done@bugs.debian.org, 1012585-done@bugs.debian.org, 1012723-done@bugs.debian.org, 1013237-done@bugs.debian.org, 1013306-done@bugs.debian.org, 1013418-done@bugs.debian.org, 1013755-done@bugs.debian.org, 1013879-done@bugs.debian.org, 1013880-done@bugs.debian.org, 1013944-done@bugs.debian.org, 1014014-done@bugs.debian.org, 1014054-done@bugs.debian.org, 1014079-done@bugs.debian.org, 1014199-done@bugs.debian.org, 1014206-done@bugs.debian.org, 1014221-done@bugs.debian.org

Subject: Closing requests for updates included in 11.4

From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Date: Sat, 09 Jul 2022 11:47:43 +0100

Message-id: <2280fe8c78e64b02a6c1d04c6dde5a32e342ba81.camel@adam-barratt.org.uk>
Package: release.debian.org
Version: 11.4

(re-sending with fixed bug numbers)

Hi,

The updates discussed in these bugs were included in today's bullseye
point release.

Regards,

Adam
--- End Message ---

Reply to:

Prev by Date: Bug#1012047: marked as done (bullseye-pu: package composer/2.0.9-2+deb11u1)
Next by Date: Bug#1012140: marked as done (bullseye-pu: package docker.io/20.10.5+dfsg1-1+deb11u2)
Previous by thread: Bug#1012047: marked as done (bullseye-pu: package composer/2.0.9-2+deb11u1)
Next by thread: Bug#1012140: marked as done (bullseye-pu: package docker.io/20.10.5+dfsg1-1+deb11u2)
Index(es):
- Date
- Thread