Bug#867581: libgnutls30: AES256-GCM emits all-zeros ciphertext on aarch64 with hardware acceleration (upstream bug report)

[Andreas Metzler]

Control: found -1 3.5.8-5
Control: severity -1 serious

On 2017-07-07 Catalin Marinas <catalin.marinas at arm.com> wrote:
> Package: libgnutls30
> Version: 3.5.8-5+deb9u1
[...]
> Unrelated gnome-terminal or xfce4-terminal crashing when significant output
> (e.g. running 'yes'; apparently because of the corruption of the encrypted
> scrollback buffer).

> Issue noticed on a Cavium ThunderX running Debian Stretch.

>    * What exactly did you do (or not do) that was effective (or
>      ineffective)?

> Patching libgnutls with
> https://gitlab.com/gnutls/gnutls/commit/228b18dfbf934d8924d3305dc24d7b0162352eba
> fixes the issue.

> This fix is available in gnutls 3.5.13 (and testing+unstable) but not in 3.5.8
> (stable). Please back-port the above patch to stable.

> Upstream bug report: https://gitlab.com/gnutls/gnutls/issues/204

> I marked it as 'critical' because it breaks unrelated packages, though I'm not
> sure that's the appropriate severity level.
[...]

Hello,

Thanks for the bugreport. I will try to get this fixed via a stable
update.

cu Andreas

PS: I am downgrading to serious. Afaiui this is not "unrelated"
software. Both gnome-terminal and xfce4-terminal link (indirectly)
against gnutls and the error happens when actual gnutls code is invoked.
(For encrypting the scrollback buffer?). The "unrelated software" clause
is about something like a package overwriting /bin/bash.
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'