Bug#780121: marked as done (unblock: libgcrypt20/1.6.3-2)

To: Niels Thykier <niels@thykier.net>
Subject: Bug#780121: marked as done (unblock: libgcrypt20/1.6.3-2)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Mon, 30 Mar 2015 06:33:05 +0000
Message-id: <[🔎] handler.780121.D780121.14276969827203.ackdone@bugs.debian.org>
References: <5518ED4C.7010900@thykier.net> <[🔎] 20150309142214.GA2168@downhill.g.la>

Your message dated Mon, 30 Mar 2015 08:29:32 +0200
with message-id <5518ED4C.7010900@thykier.net>
and subject line Re: Bug#780121: unblock: libgcrypt20/1.6.3-2
has caused the Debian Bug report #780121,
regarding unblock: libgcrypt20/1.6.3-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
780121: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780121
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: unblock: libgcrypt20/1.6.3-2
From: Andreas Metzler <ametzler@bebt.de>
Date: Mon, 9 Mar 2015 15:22:14 +0100
Message-id: <[🔎] 20150309142214.GA2168@downhill.g.la>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Hello,

Please unblock package libgcrypt20. This is bugfix only stable
release, taking care of two side-channel vulnerabilities (CVE-2015-0837
and CVE-2014-3591):
Noteworthy changes in version 1.6.3 (2015-02-27) [C20/A0/R3]
------------------------------------------------

 * Use ciphertext blinding for Elgamal decryption [CVE-2014-3591].
   See http://www.cs.tau.ac.il/~tromer/radioexp/ for details.

 * Fixed data-dependent timing variations in modular exponentiation
   [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks
   are Practical].

 * Improved asm support for older toolchains.

Find attached the filtered debdiff (| filterdiff -x '*/build-aux/*' -x
'*/Makefile.in'  -x '*/configure' -x '*/gcrypt.info*' -x
'*/aclocal.m4') versus testing.

thanks, cu Andreas

unblock libgcrypt20/1.6.3-2

-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

Attachment: gcrypt-filtered.diff.gz
Description: application/gzip

Attachment: signature.asc
Description: Digital signature

--- End Message ---

--- Begin Message ---

To: Cyril Brulebois <kibi@debian.org>, 780121-done@bugs.debian.org

Cc: Andreas Metzler <ametzler@bebt.de>

Subject: Re: Bug#780121: unblock: libgcrypt20/1.6.3-2

From: Niels Thykier <niels@thykier.net>

Date: Mon, 30 Mar 2015 08:29:32 +0200

Message-id: <5518ED4C.7010900@thykier.net>

In-reply-to: <[🔎] 20150330054836.GA1750@mraw.org>

References: <[🔎] 20150309142214.GA2168@downhill.g.la> <[🔎] 5504068D.6040900@thykier.net> <[🔎] 20150330054836.GA1750@mraw.org>
On 2015-03-30 07:48, Cyril Brulebois wrote:
> Control: tag -1 confirmed
> 
> Niels Thykier <niels@thykier.net> (2015-03-14):
>> [...]
>>
>> It is a bit noiser than I liked (especially without your filterdiff),
> 
> Indeed (and thanks for the said filterdiff)…
> 
>> but ack from RT, CC'ing KiBi for a d-i ack.
> 
> No objections, thanks.
> 
> Mraw,
> KiBi.
> 

Unblocked, thanks.

~Niels
--- End Message ---

Reply to:

References:
- Bug#780121: unblock: libgcrypt20/1.6.3-2
  - From: Andreas Metzler <ametzler@bebt.de>

Prev by Date: Bug#781499: unblock: bsd-mailx/8.1.2-0.20141216cvs-2
Next by Date: Bug#781233: marked as done (unblock: parted/3.2-7)
Previous by thread: Processed: Re: Bug#780121: unblock: libgcrypt20/1.6.3-2
Next by thread: Bug#780130: unblock (pre-approval): python-x2go/0.5.0.1-3
Index(es):
- Date
- Thread