Bug#788704: gnutls28: VIA PadLock accelerated AES-CBC segfaults
Peter Lebbing
peter at digitalbrains.com
Thu Jun 18 14:30:12 UTC 2015
As indicated by Nikos Mavrogiannopoulos on the gnutls-devel mailing list[1],
this problem had been fixed upstream in 3.3.12.
I had completely forgotten to check upstream for fixes.
My suggested patch is almost exactly the same as commit 023156a from the GnuTLS
Git[2].
I'd like to suggest backporting that commit to GnuTLS in jessie/stable, to not
deviate unnecessarily from upstream and fix the problem.
The message [1] also mentions a second commit which prevents calling the code
with a length 0 in the first place, as it is a useless action. That commit is
not necessary to fix this specific bug.
With regards,
Peter.
[1] https://lists.gnupg.org/pipermail/gnutls-devel/2015-June/007627.html
[2] https://gitlab.com/gnutls/gnutls/commit/023156ae2504c1911f8f2e66a0ebde316931671c
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Pkg-gnutls-maint
mailing list