Hi Jonathan! On Sun Jul 7, 2024 at 8:51 PM CEST, Jonathan Wiltshire wrote:
Sorry about the long delay to this.
No worries :)
On Sun, Feb 20, 2022 at 12:25:47PM +0100, Andrea Pappacoda wrote:This upstream release only contains fixes anyway,I'm not sure that's strictly true:+Default behavior changes + * In mbedtls_rsa_context objects, the ver field was formerly documented + as always 0. It is now reserved for internal purposes and may take + different values.
Yeah, back when I was working on this I was a bit scared by this changelog entry, but if I recall correctly there was nothing that was actually depending on this "ver" field. And I honestly cannot think of useful piece of user code that would depend on having a certain struct member being zero.
and arguably: > +Changes+ * Improve the performance of base64 constant-flow code. The result is still + slower than the original non-constant-flow implementation, but much faster + than the previous constant-flow implementation. Fixes #4814.(not a functional change, but one with some risk).
This is a performance improvement relative to an MbedTLS 2.16.10 regression. In MbedTLS 2.16.10, some base64 code was made constant-flow, leading to a noticeable performance hit. In MbedTLS 2.16.12, this constant-flow code was improved. This isn't relevant for us though, since Debian Bullseye ships 2.16.9, i.e. the non-constant-flow implementation. Since a secure implementation needs to be constant-flow, we might as well choose the faster constant-flow one :)
In any case, I'm not sure that CVE-2021-44732 is as serious as you make out. It's impactful yes, but doesn't the out-of-memory condition mean another exploit or outrageous good fortune is also required to trigger this?
I honestly do not remember what this CVE is about, but I see it has a 9.8 CRITICAL score, so it might make sense to fix it anyway. I know CVE scores are often a joke, but still.
Would you be able to accept this proposed update into bullseye? If yes, I could resume my work on this.
Thanks! Bye :)
signature.asc
Description: PGP signature