| 2017-07-28 11:00:45 |
Ard Biesheuvel |
bug |
|
|
added bug |
| 2017-09-01 13:24:30 |
Ard Biesheuvel |
bug watch added |
|
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867581 |
|
| 2017-09-01 13:35:38 |
Julian Andres Klode |
description |
The following Debian issue exists in the Ubuntu package as well
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867581
It breaks gnome-terminal and xfce4-terminal on arm64 machines.
The issue is fixed upstream in 3.5.13, and the fix was backported to Debian stretch as well (3.5.8-5+deb9u2) |
[Impact]
AES256-GCM ciphertext is all zero on arm64 with hardware acceleration, breaking gnome-terminal and xfce4-terminal which use encrypted scrollback buffers.
[Test case]
Compile the program from https://gitlab.com/gnutls/gnutls/issues/204 and make sure the cipher text is not all zeros
[Regression potential]
Code change is limited to AES256-GCM w/ HW accel on aarch64, so that's the only thing that could possibly break. But given that it's broken already, it does not seem to be a big issue even if it breaks otherwise.
[Other info]
Original report:
The following Debian issue exists in the Ubuntu package as well
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867581
It breaks gnome-terminal and xfce4-terminal on arm64 machines.
The issue is fixed upstream in 3.5.13, and the fix was backported to Debian stretch as well (3.5.8-5+deb9u2) |
|
| 2017-09-01 13:36:16 |
Julian Andres Klode |
gnutls28 (Ubuntu): status |
New |
Triaged |
|
| 2017-09-01 13:36:37 |
Julian Andres Klode |
gnutls28 (Ubuntu): importance |
Undecided |
High |
|
| 2017-09-01 13:37:25 |
Julian Andres Klode |
gnutls28 (Ubuntu): status |
Triaged |
In Progress |
|
| 2017-09-01 13:37:28 |
Julian Andres Klode |
gnutls28 (Ubuntu): assignee |
|
Julian Andres Klode (juliank) |
|
| 2017-09-01 14:21:23 |
largeprime |
bug |
|
|
added subscriber largeprime |
| 2017-09-02 14:23:56 |
Julian Andres Klode |
nominated for series |
|
Ubuntu Zesty |
|
| 2017-09-02 14:23:56 |
Julian Andres Klode |
bug task added |
|
gnutls28 (Ubuntu Zesty) |
|
| 2017-09-02 14:24:18 |
Julian Andres Klode |
gnutls28 (Ubuntu Zesty): importance |
Undecided |
High |
|
| 2017-09-02 14:24:28 |
Julian Andres Klode |
gnutls28 (Ubuntu Zesty): status |
New |
Triaged |
|
| 2017-09-02 14:24:32 |
Julian Andres Klode |
gnutls28 (Ubuntu Zesty): assignee |
|
Julian Andres Klode (juliank) |
|
| 2017-09-02 14:36:25 |
Julian Andres Klode |
gnutls28 (Ubuntu): status |
In Progress |
Fix Committed |
|
| 2017-09-02 14:40:11 |
Julian Andres Klode |
description |
[Impact]
AES256-GCM ciphertext is all zero on arm64 with hardware acceleration, breaking gnome-terminal and xfce4-terminal which use encrypted scrollback buffers.
[Test case]
Compile the program from https://gitlab.com/gnutls/gnutls/issues/204 and make sure the cipher text is not all zeros
[Regression potential]
Code change is limited to AES256-GCM w/ HW accel on aarch64, so that's the only thing that could possibly break. But given that it's broken already, it does not seem to be a big issue even if it breaks otherwise.
[Other info]
Original report:
The following Debian issue exists in the Ubuntu package as well
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867581
It breaks gnome-terminal and xfce4-terminal on arm64 machines.
The issue is fixed upstream in 3.5.13, and the fix was backported to Debian stretch as well (3.5.8-5+deb9u2) |
[Impact]
AES256-GCM ciphertext is all zero on arm64 with hardware acceleration, breaking gnome-terminal and xfce4-terminal which use encrypted scrollback buffers.
[Test case]
Compile the program from https://gitlab.com/gnutls/gnutls/issues/204 and make sure the cipher text is not all zeros when running it on an aarch64 machine w/ HW accel.
[Regression potential]
Code change is limited to AES256-GCM w/ HW accel on aarch64, so that's the only thing that could possibly break. But given that it's broken already, it does not seem to be a big issue even if it breaks otherwise.
[Other info]
Original report:
The following Debian issue exists in the Ubuntu package as well
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867581
It breaks gnome-terminal and xfce4-terminal on arm64 machines.
The issue is fixed upstream in 3.5.13, and the fix was backported to Debian stretch as well (3.5.8-5+deb9u2) |
|
| 2017-09-02 14:58:51 |
Julian Andres Klode |
gnutls28 (Ubuntu Zesty): status |
Triaged |
Confirmed |
|
| 2017-09-02 14:58:53 |
Julian Andres Klode |
gnutls28 (Ubuntu Zesty): status |
Confirmed |
In Progress |
|
| 2017-09-04 14:55:26 |
Launchpad Janitor |
gnutls28 (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2017-09-06 09:24:42 |
Julian Andres Klode |
gnutls28 (Ubuntu): importance |
High |
Critical |
|
| 2017-09-06 09:24:44 |
Julian Andres Klode |
gnutls28 (Ubuntu Zesty): importance |
High |
Critical |
|
| 2017-09-06 09:50:23 |
Andy Whitcroft |
gnutls28 (Ubuntu Zesty): status |
In Progress |
Fix Committed |
|
| 2017-09-06 09:50:25 |
Andy Whitcroft |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2017-09-06 09:50:27 |
Andy Whitcroft |
bug |
|
|
added subscriber SRU Verification |
| 2017-09-06 09:50:29 |
Andy Whitcroft |
tags |
|
verification-needed verification-needed-zesty |
|
| 2017-09-06 14:39:11 |
Ard Biesheuvel |
tags |
verification-needed verification-needed-zesty |
verification-done-zesty verification-needed |
|
| 2017-09-18 10:20:42 |
Launchpad Janitor |
gnutls28 (Ubuntu Zesty): status |
Fix Committed |
Fix Released |
|
| 2017-09-18 10:20:46 |
Ćukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
