Your message dated Tue, 20 Dec 2016 18:33:43 +0000
with message-id <[email protected]>
and subject line Bug#848905: fixed in gnutls28 3.5.7-3
has caused the Debian Bug report #848905,
regarding 3.5.7-2 breaks reading password-protected PKCS#8 files for openvpn
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
848905: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848905
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libgnutls30
Version: 3.5.7-2
Severity: important
When I upgraded from libgnutls30 3.5.6-7 to 3.5.7-2, certificate
authentication with openvpn broke with the error:
Failed to load private key as PKCS#8: An illegal parameter was found.
Downgrading fixed this. This appears to be the same bug as:
https://bugzilla.redhat.com/show_bug.cgi?id=1404084
https://gitlab.com/gnutls/gnutls/merge_requests/185
which appears (if I read the diff properly) to be a bug that prevents
loading of password-protected PKCS#8 files. Could you get this fixed
in Debian as well? For severity, I'm not sure how broad the impact is,
but for me it made VPN unusable, which was pretty distruptive.
Thanks!
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (990, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 4.8.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages libgnutls30 depends on:
ii libc6 2.24-8
ii libgmp10 2:6.1.1+dfsg-1
ii libhogweed4 3.3-1
ii libidn11 1.33-1
ii libnettle6 3.3-1
ii libp11-kit0 0.23.2-5
ii libtasn1-6 4.9-4
ii zlib1g 1:1.2.8.dfsg-4
libgnutls30 recommends no packages.
Versions of packages libgnutls30 suggests:
pn gnutls-bin <none>
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: gnutls28
Source-Version: 3.5.7-3
We believe that the bug you reported is fixed in the latest version of
gnutls28, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Metzler <[email protected]> (supplier of updated gnutls28 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 20 Dec 2016 18:47:13 +0100
Source: gnutls28
Binary: libgnutls28-dev libgnutls30 gnutls-bin gnutls-doc libgnutlsxx28
libgnutls-openssl27 libgnutls-dane0
Architecture: source
Version: 3.5.7-3
Distribution: unstable
Urgency: medium
Maintainer: Debian GnuTLS Maintainers <[email protected]>
Changed-By: Andreas Metzler <[email protected]>
Closes: 848905
Description:
gnutls-bin - GNU TLS library - commandline utilities
gnutls-doc - GNU TLS library - documentation and examples
libgnutls28-dev - GNU TLS library - development files
libgnutls30 - GNU TLS library - main runtime library
libgnutls-dane0 - GNU TLS library - DANE security support
libgnutls-openssl27 - GNU TLS library - OpenSSL wrapper
libgnutlsxx28 - GNU TLS library - C++ runtime library
Changes:
gnutls28 (3.5.7-3) unstable; urgency=medium
.
* 35_01_pkcs8-ensure-that-the-correct-error-code-is-returned.patch,
35_02_tests-added-test-for-PKCS-8-encrypted-key-decoding.patch from
upstream 3.5 branch: Ensure that GNUTLS_E_DECRYPTION_FAIL will be returned
by PKCS#8 decryption functions when an invalid key is provided. This
addresses regression on decrypting certain PKCS#8 keys.
Closes: #848905
Checksums-Sha1:
9999fd2edbb5d432a43d4d09e68b6afc14d93a7a 3258 gnutls28_3.5.7-3.dsc
a684a976e1b01cd62e6be2631c0bebbd8c767de3 100680 gnutls28_3.5.7-3.debian.tar.xz
Checksums-Sha256:
c25f600463e0dadbad937eb4ab943de9ff4e51dc9326116ebfcfc4dcf6836019 3258
gnutls28_3.5.7-3.dsc
58f84eff722fe0329f6002f83ae89b64f088831b9c40504e37b782249ea63599 100680
gnutls28_3.5.7-3.debian.tar.xz
Files:
a5190f48633eb56f59e97e0cb94427be 3258 libs optional gnutls28_3.5.7-3.dsc
3c7044c4cbeb7bd04c69d9400cafd741 100680 libs optional
gnutls28_3.5.7-3.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAlhZdR0ACgkQpU8BhUOC
FIR9ng/+Pmj7garWAFbYYbLOj+GMqkqApEgQbV+Pb35MpOZ4ZZrBb4SM0ScUej0Z
bO3H+01k0NtJAJKvvry8LRP98bCyzoV/Ds+XldUDQmhgSAc92FPyE/CIks0Dmakp
iQpvgCw50mju23LX9HkmhumZ7Tp4bDIeIavCgmUfxtvgazEJdSCTsJHC5jSe/OW+
3f1hOTP/SLA91lpUwNOCY4BP2BVgYBR9zKjHlS/r7OrgVeQlCiV6JAJDSQC/X4Og
zscvAW+4TAokemRuFNxwkOE306860eAsBGmKZoEjetYEEXYHaXZeSiF1H2yoGH4Y
UgapZXMhlz1gMGsW39UAFi+vxfCsle8T/D+cdAua/BgsiyODg2og0AkEXYLhgMzQ
ZUKIWZO+RnFumT6NjzX3shLjz9Pi3ZrgRaFeTNMZdhPbX+GW4v/SSZc3J441nXD5
v0XINfzxzyNzTOkfCmDDpwp9mEP/yqu+Cjtc7FIV9xt+Yop6BqltFZaYOBYeW8Bt
SfI7J88z+v4mg4hoVnjMZjwDXSlw8wAiInRpkWmfZMD62l3Y4LmqL/T+tMD/aoN5
HL8CgQuehOoTMN+/SH73hE3NQn5HJom0vyLpN+c3sH+ghxwPevAJs3WDSsVwgZvg
crf5BfNKW16gZmNxtHRmVBsKjN29F+yl0ngBLFtZGxiKWLlG6Kc=
=A0z6
-----END PGP SIGNATURE-----
--- End Message ---
