Your message dated Thu, 28 Mar 2019 07:19:37 +0000 with message-id <[email protected]> and subject line Bug#920477: fixed in gnutls28 3.6.7-1 has caused the Debian Bug report #920477, regarding gnutls-bin: gnutls-cli benchmark outputs wrong results in 32bit arch to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 920477: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920477 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: gnutls-bin Version: 3.6.5-2 Severity: normal Dear Maintainer, Some fast ciphers(suites) are strange results. $ gnutls-cli --benchmark-ciphers Checking AEAD ciphers, payload size: 16384 AES-128-GCM 96.93 MB/sec AES-128-CCM 0.31 GB/sec CHACHA20-POLY1305 157.18 MB/sec (snip) NULL 177.63 MB/sec $ gnutls-cli --benchmark-tls-ciphers Testing throughput in cipher/MAC combinations (payload: 1400 bytes) AES-128-GCM - TLS1.2 45.26 MB/sec AES-128-GCM - TLS1.3 45.01 MB/sec AES-128-CCM - TLS1.2 129.46 MB/sec (snip) The following code is the cause. "gnutls-3.6.5/src/benchmark.h" line 45 struct benchmark_st { struct timespec start; unsigned long size; <== 32bit in i386 arch. sighandler_t old_handler; #if defined(_WIN32) HANDLE wtimer; HANDLE wthread; LARGE_INTEGER alarm_timeout; #endif }; This size variable will overflow. Thank you, Hiroyuki YAMAMORI -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 4.19.0-1-686-pae (SMP w/2 CPU cores) Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages gnutls-bin depends on: ii libc6 2.28-5 ii libgmp10 2:6.1.2+dfsg-4 ii libgnutls-dane0 3.6.5-2 ii libgnutls30 3.6.5-2 ii libhogweed4 3.4.1~rc1-1 ii libidn2-0 2.0.5-1 ii libnettle6 3.4.1~rc1-1 ii libopts25 1:5.18.12-4 ii libp11-kit0 0.23.14-2 ii libtasn1-6 4.13-3 ii libunistring2 0.9.10-1 gnutls-bin recommends no packages. gnutls-bin suggests no packages. -- no debconf information
--- End Message ---
--- Begin Message ---Source: gnutls28 Source-Version: 3.6.7-1 We believe that the bug you reported is fixed in the latest version of gnutls28, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Metzler <[email protected]> (supplier of updated gnutls28 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 28 Mar 2019 07:44:36 +0100 Source: gnutls28 Architecture: source Version: 3.6.7-1 Distribution: experimental Urgency: medium Maintainer: Debian GnuTLS Maintainers <[email protected]> Changed-By: Andreas Metzler <[email protected]> Closes: 920477 922879 Changes: gnutls28 (3.6.7-1) experimental; urgency=medium . * New upstream version. + Update AUTHOR list in copyright file. + Update symbol file. + Fixes issue preventing sending and receiving from different threads when false start was enabled. Closes: #922879 + gnutls-cli: fix --benchmark-ciphers type overflow. Closes: #920477 + Fixes a memory corruption (double free) vulnerability in the certificate verification API. https://gitlab.com/gnutls/gnutls/issues/694 CVE-2019-3829 GNUTLS-SA-2019-03-27 + Fixes an invalid pointer access via malformed TLS1.3 async messages; https://gitlab.com/gnutls/gnutls/issues/704 CVE-2019-3836 GNUTLS-SA-2019-03-27 Checksums-Sha1: f6e602399dd743c600437e0612a4afc103b049fd 3328 gnutls28_3.6.7-1.dsc 71f73b9829e44c947bb668b25b8b2e594a065345 8153728 gnutls28_3.6.7.orig.tar.xz 5911d8f00c70e65d27f8d5244c37ae3b04b6cae7 534 gnutls28_3.6.7.orig.tar.xz.asc acbd0a5d96b8e2641bf6b87f05e9120870940faf 66956 gnutls28_3.6.7-1.debian.tar.xz Checksums-Sha256: 07e138799c8c1b7c3924fb98d83bd6358a4c8835cc1b9732342d34e1ea640335 3328 gnutls28_3.6.7-1.dsc 5b3409ad5aaf239808730d1ee12fdcd148c0be00262c7edf157af655a8a188e2 8153728 gnutls28_3.6.7.orig.tar.xz a14d0a7b9295b65ae797a70f8e765024a2e363dca03d008bfce0aec2b3f292b0 534 gnutls28_3.6.7.orig.tar.xz.asc 29cd55e0c3145583bec6282f015e7f063cce0aa70038cb39f87255051d7535fd 66956 gnutls28_3.6.7-1.debian.tar.xz Files: dfb441881692acea5f152bcd710157bf 3328 libs optional gnutls28_3.6.7-1.dsc c4ac669c500df939d4fbfea722367929 8153728 libs optional gnutls28_3.6.7.orig.tar.xz 13b4d4d680c451c29129191ae9250529 534 libs optional gnutls28_3.6.7.orig.tar.xz.asc 3b20524119153b0418d85aad79d68886 66956 libs optional gnutls28_3.6.7-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAlycckgACgkQpU8BhUOC FIQT4g//SL+zd5HnkLIR0WfgAaic4Y4qs2eH5ffUISUrxXJqd8q22Wd9SUpmVO9u iVSN8SaJ4yCDx8RrUWmotl1/UdFlO2N0hWlNNCD5n1v9JQtbyfXDEcdGWzYwJr7u XouW+deKjTDsq6kxPQPqfpWhAeRGZdOIOouxopvsAdvFt6xIO9ZqFoQzKIxPB9QZ cw9tm9fKHug8omENSd/yPBFVtXsLsnB6gv/hUH3g7ehoqOdP9oxsvc2C2E1vRP89 Qvodv7LtMmLmXrrjxu9/cw91wSHAtto1UYASw3CC27PAaZFLzBAHWyuGmVssROKK imFIiaU3cPfjfTKH/14/kUqA40a5k/a6RyMqiEgDS9MzjzougD7ph/vpsZ5s9iCv loBTsXpe6B50Np1xmgLXDWgP6hyglzaNNPOxo6J8vGR/m0aMW8tNmRAERYq9GeCU ZfCWcpCwwdQwmRmrvwkaw1LqN7ConbtqPraKZnKEj4Ok0FVv3SihCdpyURY8U1fn 4SrWBKmA2ZqZv1QLuKQ1aO+1tUonfaIHNrJYu+r+RTe1JoH+fDKixInNMZkmfoqE eHBpRK5v8GEEWdtFXL+aKZfalS59ns3maJwMgX1U7qACXerEQhXxe+JEdHT5gdEi /BjHKkxXY+a4XDPEos44u6Ii3xAFMfTylbel+BVo35HNYG53Jsc= =kV+0 -----END PGP SIGNATURE-----
--- End Message ---
