Bug#596068: marked as done (libcrypt-openssl-x509-perl: broken fingerprint_sha1)

[Debian Bug Tracking System]

Your message dated Thu, 09 Sep 2010 01:11:21 +0900
with message-id <87pqwoxljq....@marvin.43-1.org>
and subject line Re: Bug#596069: libcrypt-openssl-x509-perl: broken 
new_from_string()
has caused the Debian Bug report #596068,
regarding libcrypt-openssl-x509-perl: broken fingerprint_sha1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
596068: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=596068
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: libcrypt-openssl-x509-perl
Version: 1.2-1
Severity: important

Hi,

the fingerprint_sha1() function is broken in 1.2.

This is one of the main functions of this module, hence the important
severity. The only change in the 1.2 -> 1.3 diff is a one-liner patch
that fixes this function.

This probably deserves a freeze exception, doesn't it?

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (900, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libcrypt-openssl-x509-perl depends on:
ii  libc6                         2.11.2-2   Embedded GNU C Library: Shared lib
ii  libssl0.9.8                   0.9.8o-2   SSL shared libraries
ii  perl                          5.10.1-14  Larry Wall's Practical Extraction 
ii  perl-base [perlapi-5.10.1]    5.10.1-14  minimal Perl system

libcrypt-openssl-x509-perl recommends no packages.

libcrypt-openssl-x509-perl suggests no packages.

-- no debconf information

--
  intrigeri <intrig...@boum.org>
  | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
  | OTR fingerprint @ 
https://gaffer.ptitcanardnoir.org/intrigeri/otr-fingerprint.asc
  | So what?

--- End Message ---

--- Begin Message ---

> Package: libcrypt-openssl-x509-perl
> Version: 1.3-1
>
> the new_from_string() function is broken in 1.2 and 1.3. This
> constructor is one of the main entry points to this module, hence the
> important severity.

> Package: libcrypt-openssl-x509-perl
> Version: 1.2-1
>
> the fingerprint_sha1() function is broken in 1.2.

I agree that these should be fixed for Squeeze and filed an unblock
request[1].  Meanwhile I'll mark these bugs as done as they are already
fixed in unstable.

Thanks for the notice!

Regards,
Ansgar

[1] <http://bugs.debian.org/596082>

--- End Message ---