On 30 March 2024 13:14:37 CET, Sean Whitton <spwhit...@spwhitton.name> wrote:
>Hello,
Hi,
>I downgraded, changed the password for my database to 'asdf',
>changed it back to the password it had before, upgraded libssl3,
>and the bug did not appear.
>
>I reverted to my original db, downgraded again, deleted an entry without
>changing the password, upgraded, and the bug appeared.
>
>I can't really say more without compromising my opsec. But does the
>above give any clues / further debugging ideas?
I would look at the function yapet is using from openssl and compare the
results.
Could create a database from scratch an use similar patterns in terms number
of entries and password (length, special characters) until you have something
that you can share with me. I don't mind if throw it in my inbox without Cc:
the bug.
>
>> Also, yapet is unchanged in unstable. Is the problem there, too?
>
>Unfortunately I do not have an unstable machine to hand right now, and
>until we know more about the xz-utils situation I would want to set up
>something air-gapped before copying my password db in there -- but can
>do that if we can't otherwise make progress.
The 5.6 xz is no more in unstable. But as you wish. I was just curious why this
was not yet reported.
>
>Thanks for looking!
>
--
Sebastian