Your message dated Sat, 09 Jul 2022 11:47:43 +0100 with message-id <2280fe8c78e64b02a6c1d04c6dde5a32e342ba81.camel@adam-barratt.org.uk> and subject line Closing requests for updates included in 11.4 has caused the Debian Bug report #1012033, regarding bullseye-pu: package gnutls28/3.7.1-5+deb11u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 1012033: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012033 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: bullseye-pu: package gnutls28/3.7.1-5+deb11u1
- From: Andreas Metzler <ametzler@bebt.de>
- Date: Sun, 29 May 2022 07:37:47 +0200
- Message-id: <YpMGq5hyLraDU8Gn@argenau.bebt.de>
Package: release.debian.org Severity: normal Tags: bullseye User: release.debian.org@packages.debian.org Usertags: pu X-Debbugs-Cc: Dmitry Baryshkov <dbaryshkov@gmail.com>, gnutls28@packages.debian.org Hello, as requested in #1011246 I would like fix miscalculation of SHA384 in the SSA accelarated implementation. It is a one-line change and was part of the 3.7.3 release. cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure'diff -Nru gnutls28-3.7.1/debian/changelog gnutls28-3.7.1/debian/changelog --- gnutls28-3.7.1/debian/changelog 2021-05-29 12:14:30.000000000 +0200 +++ gnutls28-3.7.1/debian/changelog 2022-05-22 13:04:01.000000000 +0200 @@ -1,3 +1,10 @@ +gnutls28 (3.7.1-5+deb11u1) bullseye; urgency=medium + + * 56_40-fix-SSSE3-SHA384-to-work-more-than-once.patch: Backport SSSE3 SHA384 + miscalculation fix from 3.7.3. Closes: #1011246 + + -- Andreas Metzler <ametzler@debian.org> Sun, 22 May 2022 13:04:01 +0200 + gnutls28 (3.7.1-5) unstable; urgency=medium * Another fix from 3.7.2: diff -Nru gnutls28-3.7.1/debian/patches/56_40-fix-SSSE3-SHA384-to-work-more-than-once.patch gnutls28-3.7.1/debian/patches/56_40-fix-SSSE3-SHA384-to-work-more-than-once.patch --- gnutls28-3.7.1/debian/patches/56_40-fix-SSSE3-SHA384-to-work-more-than-once.patch 1970-01-01 01:00:00.000000000 +0100 +++ gnutls28-3.7.1/debian/patches/56_40-fix-SSSE3-SHA384-to-work-more-than-once.patch 2022-05-22 13:04:01.000000000 +0200 @@ -0,0 +1,34 @@ +From acdfeb4b3f0c64ad20f28513618e9903bfb81426 Mon Sep 17 00:00:00 2001 +From: Miroslav Lichvar <mlichvar@redhat.com> +Date: Wed, 1 Sep 2021 15:48:27 +0200 +Subject: [PATCH] fix SSSE3 SHA384 to work more than once + +The output function called sha512_digest() instead of sha384_digest(), +which caused the hash context to be reinitialized for SHA512 instead of +SHA384 and all following digests using the hash handle were wrong. + +Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com> +--- + lib/accelerated/x86/sha-x86-ssse3.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/accelerated/x86/sha-x86-ssse3.c b/lib/accelerated/x86/sha-x86-ssse3.c +index 8ea4e54aee..1d442e97e7 100644 +--- a/lib/accelerated/x86/sha-x86-ssse3.c ++++ b/lib/accelerated/x86/sha-x86-ssse3.c +@@ -258,11 +258,11 @@ static int _ctx_init(gnutls_digest_algorithm_t algo, + ctx->length = SHA256_DIGEST_SIZE; + break; + case GNUTLS_DIG_SHA384: + sha384_init(&ctx->ctx.sha384); + ctx->update = (update_func) x86_sha512_update; +- ctx->digest = (digest_func) sha512_digest; ++ ctx->digest = (digest_func) sha384_digest; + ctx->init = (init_func) sha384_init; + ctx->ctx_ptr = &ctx->ctx.sha384; + ctx->length = SHA384_DIGEST_SIZE; + break; + case GNUTLS_DIG_SHA512: +-- +2.35.1 + diff -Nru gnutls28-3.7.1/debian/patches/series gnutls28-3.7.1/debian/patches/series --- gnutls28-3.7.1/debian/patches/series 2021-05-29 11:37:38.000000000 +0200 +++ gnutls28-3.7.1/debian/patches/series 2022-05-22 13:04:01.000000000 +0200 @@ -18,3 +18,4 @@ 56_28-handshake-fix-timing-of-sending-early-data.patch 56_30-x509-verify-treat-SHA-1-signed-CA-in-the-trusted-set.patch 56_33-serv-stop-setting-AI_ADDRCONFIG-on-getaddrinfo.patch +56_40-fix-SSSE3-SHA384-to-work-more-than-once.patchAttachment: signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
- To: 1000355-done@bugs.debian.org, 1003261-done@bugs.debian.org, 1003713-done@bugs.debian.org, 1004459-done@bugs.debian.org, 1004580-done@bugs.debian.org, 1005129-done@bugs.debian.org, 1005135-done@bugs.debian.org, 1005231-done@bugs.debian.org, 1005237-done@bugs.debian.org, 1005252-done@bugs.debian.org, 1005256-done@bugs.debian.org, 1006316-done@bugs.debian.org, 1006504-done@bugs.debian.org, 1007714-done@bugs.debian.org, 1007762-done@bugs.debian.org, 1008045-done@bugs.debian.org, 1008153-done@bugs.debian.org, 1008161-done@bugs.debian.org, 1008162-done@bugs.debian.org, 1008166-done@bugs.debian.org, 1008168-done@bugs.debian.org, 1008268-done@bugs.debian.org, 1008577-done@bugs.debian.org, 1009077-done@bugs.debian.org, 1009250-done@bugs.debian.org, 1009345-done@bugs.debian.org, 1009363-done@bugs.debian.org, 1009726-done@bugs.debian.org, 1010037-done@bugs.debian.org, 1010050-done@bugs.debian.org, 1010058-done@bugs.debian.org, 1010194-done@bugs.debian.org, 1010211-done@bugs.debian.org, 1010304-done@bugs.debian.org, 1010383-done@bugs.debian.org, 1010439-done@bugs.debian.org, 1010613-done@bugs.debian.org, 1010857-done@bugs.debian.org, 1010924-done@bugs.debian.org, 1010963-done@bugs.debian.org, 1011022-done@bugs.debian.org, 1011198-done@bugs.debian.org, 1011271-done@bugs.debian.org, 1011287-done@bugs.debian.org, 1011331-done@bugs.debian.org, 1011359-done@bugs.debian.org, 1011365-done@bugs.debian.org, 1011426-done@bugs.debian.org, 1011746-done@bugs.debian.org, 1011939-done@bugs.debian.org, 1011942-done@bugs.debian.org, 1012033-done@bugs.debian.org, 1012047-done@bugs.debian.org, 1012140-done@bugs.debian.org, 1012322-done@bugs.debian.org, 1012323-done@bugs.debian.org, 1012331-done@bugs.debian.org, 1012553-done@bugs.debian.org, 1012585-done@bugs.debian.org, 1012723-done@bugs.debian.org, 1013237-done@bugs.debian.org, 1013306-done@bugs.debian.org, 1013418-done@bugs.debian.org, 1013755-done@bugs.debian.org, 1013879-done@bugs.debian.org, 1013880-done@bugs.debian.org, 1013944-done@bugs.debian.org, 1014014-done@bugs.debian.org, 1014054-done@bugs.debian.org, 1014079-done@bugs.debian.org, 1014199-done@bugs.debian.org, 1014206-done@bugs.debian.org, 1014221-done@bugs.debian.org
- Subject: Closing requests for updates included in 11.4
- From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Date: Sat, 09 Jul 2022 11:47:43 +0100
- Message-id: <2280fe8c78e64b02a6c1d04c6dde5a32e342ba81.camel@adam-barratt.org.uk>
Package: release.debian.org Version: 11.4 (re-sending with fixed bug numbers) Hi, The updates discussed in these bugs were included in today's bullseye point release. Regards, Adam
--- End Message ---