Your message dated Fri, 27 Mar 2026 22:48:41 +0000
with message-id <[email protected]>
and subject line Bug#1132097: fixed in wolfssl 5.9.0-0.2
has caused the Debian Bug report #1132097,
regarding wolfssl: Broken PKCS#7 verification for digestAlgorithm.parameters =
NULL
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1132097: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132097
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: wolfssl
Version: 5.8.2-1
Severity: important
Tags: upstream
swupdate implements PKCS#7 verification. Building with wolfSSL > 5.7.2
leads to it not being able to verify certain certs built via openssl
cms.
RFC 8017 hardcodes DER serialization samples of DigestInfo, where the
parameter part is always NULL (05 00) for any hash algorithm. This value
does therefore *not* depend on SignerInfo.digestAlgorithm.parameters.
WolfSSL wrongly assumed and implemented such a dependency:
https://github.com/wolfSSL/wolfssl/commit/75c3030554db798f4536d370842dd16e9b2e6866
--- End Message ---
--- Begin Message ---
Source: wolfssl
Source-Version: 5.9.0-0.2
Done: Bastian Germann <[email protected]>
We believe that the bug you reported is fixed in the latest version of
wolfssl, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bastian Germann <[email protected]> (supplier of updated wolfssl package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 27 Mar 2026 23:26:21 +0100
Source: wolfssl
Architecture: source
Version: 5.9.0-0.2
Distribution: unstable
Urgency: medium
Maintainer: Jacob Barthelmeh <[email protected]>
Changed-By: Bastian Germann <[email protected]>
Closes: 1132097
Changes:
wolfssl (5.9.0-0.2) unstable; urgency=medium
.
* Non-maintainer upload
* Fix PKCS#7 verification (Closes: #1132097)
Checksums-Sha1:
f34b210dbf680d8e7ee86e4202f40332ee45ac26 2002 wolfssl_5.9.0-0.2.dsc
2661ace2585995cd58a592c03a0309e9d94f9db4 37524 wolfssl_5.9.0-0.2.debian.tar.xz
9e6fc13349c8ac2525bf6607842edda2786368cf 5661
wolfssl_5.9.0-0.2_source.buildinfo
Checksums-Sha256:
fe78341288d491130a7d81ed35a43596feec234d8fe45a43bd4c1780ee2ab8e0 2002
wolfssl_5.9.0-0.2.dsc
f8f6af911d638a30d93310c95f214fee2e47cc59c2b9a02aef34849575bb2f48 37524
wolfssl_5.9.0-0.2.debian.tar.xz
622408ff9998fae647694cf60e7715e135867a055f26a28dcfd2ed83cd0dfa30 5661
wolfssl_5.9.0-0.2_source.buildinfo
Files:
2a3f3cf6e764fbee86a9d9549d5b188d 2002 libs optional wolfssl_5.9.0-0.2.dsc
d92844a020caa290da934f30fc62b87e 37524 libs optional
wolfssl_5.9.0-0.2.debian.tar.xz
8a8b8eb7692c9dc1fc72c16a70732cb8 5661 libs optional
wolfssl_5.9.0-0.2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQHEBAEBCgAuFiEEQGIgyLhVKAI3jM5BH1x6i0VWQxQFAmnHBHUQHGJhZ2VAZGVi
aWFuLm9yZwAKCRAfXHqLRVZDFDzOC/9JsfeOK4x6Yi9zLtfj1zp8Y+fEnjcWSnfP
zywPOTvISue7FuqbIDIqLEZlRc01qTS8TfrfgAjZGVHc4ofu1CrlQ+8tMQqcM8vJ
hKIGTLLF3WEpBwnSJbsv+B0affCYz1uQd+hS0SttFl8fbV5Ii9QGBKbtmumz1Ca6
XJVv2179d2AKo22CMjhV/CDpzoh1w4bK8iA/szjPwTHdfwLoMA6HB5KVv9vRiwew
329ICKG+yYX25mnXfXT/BRcRGLg+DbZTwsHS5nQLKi2us/XTnxz61395NLSqqP7V
5c+dOwOO3MQDjFMJVPs6x5B8Jjbq+MYwdoRfbeFvJG5hoOOoV/K8ZwjicFWUhcgB
lmUNRRXawEFA0OdzUAUBGyFv/oUzEbZjrO6OGkFzpWtqBm/9x/g25un4XU87nF/n
YM2xzXRXttKAMmSTUuaTQ8mkMUG1Zx3HcJe1IBzp5HYjwTdYBftN/jheNgXw4miF
/WkeEZj85HmH8OYetZRfFI0uxyzrHEw=
=x5dN
-----END PGP SIGNATURE-----
pgp2XDFeqD6g7.pgp
Description: PGP signature
--- End Message ---
