[Bug 1931994] Autopkgtest regression report (openssl/1.1.1j-1ubuntu3.2)

Ubuntu SRU Bot 1931994 at bugs.launchpad.net
Sat Jul 31 10:05:37 UTC 2021 

All autopkgtests for the newly accepted openssl (1.1.1j-1ubuntu3.2) for hirsute have finished running.
The following regressions have been reported in tests triggered by the package:

ruby-eventmachine/1.3~pre20201020-b50c135-2 (amd64)
scapy/2.4.4-4ubuntu1 (armhf, amd64, arm64, ppc64el)
python-a38/0.1.3-1 (armhf, amd64, s390x, arm64, ppc64el)
xmltooling/3.2.0-2 (amd64, arm64, s390x, ppc64el, armhf)


Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-
migration/hirsute/update_excuses.html#openssl

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1931994

Title:
  [Ubuntu 20.04] OpenSSL bugs in the s390x AES code

Status in Ubuntu on IBM z Systems:
  Fix Committed
Status in openssl package in Ubuntu:
  Fix Released
Status in openssl source package in Bionic:
  Fix Committed
Status in openssl source package in Focal:
  Fix Committed
Status in openssl source package in Hirsute:
  Fix Committed
Status in openssl source package in Impish:
  Fix Released

Bug description:
  Problem description:

  When passing a NULL key to reset AES EVC state, the state wouldn't be completely reset on s390x.
  https://github.com/openssl/openssl/pull/14900

  Solution available here:
  https://github.com/openssl/openssl/commit/dc67210d909b5dd7a50f60a96f36f3f5a891b1c8

  Should be applied to all distros where openssl 1.1.1 is included for consistency reason.
  -> 21.10, 20.04, 18.04.
  I think not needed for 16.04 anymore....

  [Test plan]

  $ sudo apt install libssl-dev
  $ gcc test.c -o evc-test -lcrypto -lssl # See https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1931994/comments/2 for the test.c program
  $ ./evc-test && echo OK

  [Where problems could occur]

  This patch only touches s390x code paths, so there shouldn't be any regression on other architectures. However, on s390x this could reveal
  latent bugs by spreading a NULL key to new code paths.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1931994/+subscriptions

More information about the foundations-bugs mailing list