[Bug 1931994] Re: [Ubuntu 20.04] OpenSSL bugs im s390x AES code
Frank Heimes
1931994 at bugs.launchpad.net
Tue Jul 27 07:20:51 UTC 2021
@schopin that is a (known) issue with the bugzilla-launchpad bridge that is in place here (bugproxy is the functional user id for this).
I'll ask to get the "Standalone C program from the upstream test case" attachment removed on the bugzilla side, that should help ...
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1931994
Title:
[Ubuntu 20.04] OpenSSL bugs im s390x AES code
Status in Ubuntu on IBM z Systems:
In Progress
Status in openssl package in Ubuntu:
Fix Committed
Status in openssl source package in Bionic:
New
Status in openssl source package in Focal:
New
Status in openssl source package in Hirsute:
New
Status in openssl source package in Impish:
Fix Committed
Bug description:
Problem description:
When passing a NULL key to reset AES EVC state, the state wouldn't be completely reset on s390x.
https://github.com/openssl/openssl/pull/14900
Solution available here:
https://github.com/openssl/openssl/commit/dc67210d909b5dd7a50f60a96f36f3f5a891b1c8
Should be applied to all distros where openssl 1.1.1 is included for consistency reason.
-> 21.10, 20.04, 18.04.
I think not needed for 16.04 anymore....
[Test plan]
$ sudo apt install libssl-dev
$ gcc test.c -o evc-test -lcrypto -lssl # See https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1931994/comments/2 for the test.c program
$ ./evc-test && echo OK
[Where problems could occur]
This patch only touches s390x code paths, so there shouldn't be any regression on other architectures. However, on s390x this could reveal
latent bugs by spreading a NULL key to new code paths.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1931994/+subscriptions
More information about the Ubuntu-sponsors
mailing list