[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1034809: marked as done (bookworm-pu: package argon2/0~20171227-0.3+deb12u1)

Your message dated Thu, 27 Apr 2023 00:33:08 +0200
with message-id <20230426223308.w4gchit5xyuzhyhf@mraw.org>
and subject line Re: Bug#1034809: bullseye-pu: package argon2/0~20171227-0.3+deb12u1
has caused the Debian Bug report #1034809,
regarding bookworm-pu: package argon2/0~20171227-0.3+deb12u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1034809: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034809
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian.org@packages.debian.org
Usertags: pu
Control: affects -1 + src:argon2 cryptsetup-udeb

Dear Release Team,

[ Reason ]

While collecting LUKS2 PBKDF memory cost values in kibi and I discovered
that memory cost were significantly lower when `cryptsetup luksFormat`
was run in d-i compared to the final system.

elbrus argued at https://bugs.debian.org/1032235#107 that ≥0~20190702-0.1
was not suitable for bookworm at this point of the release cycle, hence
the targeted fix for t-p-u.

[ Impact ]

The lower memory cost has security implications for the volume.  See
https://bugs.debian.org/1028250#78 and follow-up messages.

[ Tests ]

 * Upstream test suite.
 * New benchmarks (with cryptsetup/2:2.6.1-4~deb12u1) at
   https://bugs.debian.org/1028250#93 .
 * DEP-8 for cryptsetup (reverse dependency).

[ Risks ]

Changing d/rules so late in the release cycle might sound scary, however
the change merely reverts a commit from 2018 that is no longer relevant
and is causing the issue.  It was partially reverted in 0~20190702-0.1
already, but but for the argon2 binary only (see #1032234) not
libargon2-1-udeb.

[ Checklist ]

  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

[ Changes ]

  * Add Breaks on cryptsetup-initramfs <2:2.6.1-2 as the rebuild with
    recent glibc broke it.
  * Set 'debian-branch = debian/bookworm' in d/gbp.conf.
  * Restore threading support to libargon2-1-udeb as well an the argon2
    binary.

[ Other info ]

CC'ing kibi for d-i-ack.

-- 
Guilhem.

diffstat for argon2-0~20171227 argon2-0~20171227

 changelog                |   18 ++++++++++++++++++
 control                  |    1 +
 gbp.conf                 |    2 +-
 libargon2-1-udeb.install |    2 ++
 rules                    |   11 -----------
 5 files changed, 22 insertions(+), 12 deletions(-)

diff -Nru argon2-0~20171227/debian/changelog argon2-0~20171227/debian/changelog
--- argon2-0~20171227/debian/changelog	2022-02-13 10:41:34.000000000 +0100
+++ argon2-0~20171227/debian/changelog	2023-04-21 21:29:33.000000000 +0200
@@ -1,3 +1,21 @@
+argon2 (0~20171227-0.3+deb12u1) bookworm; urgency=medium
+
+  * Non-maintainer upload.
+
+  [ Bastian Germann ]
+  * Add Breaks on cryptsetup-initramfs (see #1032235)
+
+  [ Guilhem Moulin ]
+  * d/gbp.conf: Set 'debian-branch = debian/bookworm'.
+  * d/rules: Restore threading support to libargon2-1-udeb (closes: #1034696).
+    This is beneficial for cryptsetup-udeb, see #1028250.  Removing threading
+    support in libargon2-1-udeb was done for historical reasons no longer
+    relevant since Debian Bookworm.  This also restores threading support to
+    argon2 which was inadvertently dropped in 0~20171227-0.1 (closes:
+    #1032234).
+
+ -- Guilhem Moulin <guilhem@debian.org>  Fri, 21 Apr 2023 21:29:33 +0200
+
 argon2 (0~20171227-0.3) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru argon2-0~20171227/debian/control argon2-0~20171227/debian/control
--- argon2-0~20171227/debian/control	2022-02-13 10:41:34.000000000 +0100
+++ argon2-0~20171227/debian/control	2023-04-21 21:29:33.000000000 +0200
@@ -60,6 +60,7 @@
 Architecture: any
 Pre-Depends: ${misc:Pre-Depends}
 Depends: ${shlibs:Depends}, ${misc:Depends}
+Breaks: cryptsetup-initramfs (<<2:2.6.1-2)
 Multi-Arch: same
 Description: memory-hard hashing function - runtime library
  Argon2 is a password-hashing function that can be used to hash passwords
diff -Nru argon2-0~20171227/debian/gbp.conf argon2-0~20171227/debian/gbp.conf
--- argon2-0~20171227/debian/gbp.conf	2022-02-13 10:41:34.000000000 +0100
+++ argon2-0~20171227/debian/gbp.conf	2023-04-21 21:29:33.000000000 +0200
@@ -1,7 +1,7 @@
 [DEFAULT]
 debian-tag = debian/%(version)s
 pristine-tar = True
-debian-branch = debian/sid
+debian-branch = debian/bookworm
 
 [buildpackage]
 upstream-tag = v%(version)s
diff -Nru argon2-0~20171227/debian/libargon2-1-udeb.install argon2-0~20171227/debian/libargon2-1-udeb.install
--- argon2-0~20171227/debian/libargon2-1-udeb.install	1970-01-01 01:00:00.000000000 +0100
+++ argon2-0~20171227/debian/libargon2-1-udeb.install	2023-04-21 21:29:33.000000000 +0200
@@ -0,0 +1,2 @@
+#!/usr/bin/dh-exec
+libargon2.so.1 => usr/lib/${DEB_HOST_MULTIARCH}/${SONAME}
diff -Nru argon2-0~20171227/debian/rules argon2-0~20171227/debian/rules
--- argon2-0~20171227/debian/rules	2022-02-13 10:41:34.000000000 +0100
+++ argon2-0~20171227/debian/rules	2023-04-21 21:29:33.000000000 +0200
@@ -16,26 +16,15 @@
 export SOVER=1
 export DEBPREFIX=0~
 export UPSTREAMVER=$(subst $(DEBPREFIX),,$(DEB_VERSION_UPSTREAM))
-export UDEBLIB=$(SONAME).udeb
 
 %:
 	dh $@
 
-override_dh_auto_build:
-	dh_auto_build -- NO_THREADS=1
-	mv $(SONAME) $(UDEBLIB)
-	dh_auto_build
-
 override_dh_install:
 	dh_install
 	sed -i '/^## /d' debian/${PKG}-dev/usr/lib/$(DEB_HOST_MULTIARCH)/pkgconfig/libargon2.pc
 	sed -i s/@HOST_MULTIARCH@/$(DEB_HOST_MULTIARCH)/ debian/${PKG}-dev/usr/lib/$(DEB_HOST_MULTIARCH)/pkgconfig/libargon2.pc
 	sed -i s/@UPSTREAM_VER@/$(UPSTREAMVER)/ debian/${PKG}-dev/usr/lib/$(DEB_HOST_MULTIARCH)/pkgconfig/libargon2.pc
-	install -D $(UDEBLIB) debian/$(SOPKG)-udeb/usr/lib/$(DEB_HOST_MULTIARCH)/$(SONAME)
-
-override_dh_auto_clean:
-	dh_auto_clean
-	-rm $(UDEBLIB)
 
 override_dh_auto_test:
 	-$(MAKE) -j1 test

Attachment: signature.asc
Description: PGP signature


--- End Message ---
--- Begin Message --- 
Guilhem Moulin <guilhem@debian.org> (2023-04-25):
> [ Reason ]
> 
> While collecting LUKS2 PBKDF memory cost values in kibi and I discovered
> that memory cost were significantly lower when `cryptsetup luksFormat`
> was run in d-i compared to the final system.
> 
> elbrus argued at https://bugs.debian.org/1032235#107 that ≥0~20190702-0.1
> was not suitable for bookworm at this point of the release cycle, hence
> the targeted fix for t-p-u.

Approved from tpu:

    argon2     | 0~20171227-0.3+deb12u1    | testing                         | source, amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x

Thanks again!


Cheers,
-- 
Cyril Brulebois (kibi@debian.org)            <https://debamax.com/>
D-I release manager -- Release team member -- Freelance Consultant

Attachment: signature.asc
Description: PGP signature


--- End Message ---
Reply to: