Bug#1006169: bullseye-pu: package mbedtls/2.16.12-0+deb11u1

Sun, 07 Jul 2024 13:18:23 -0700 

Hi Jonathan!

On Sun Jul 7, 2024 at 8:51 PM CEST, Jonathan Wiltshire wrote:

Sorry about the long delay to this.


No worries :)


On Sun, Feb 20, 2022 at 12:25:47PM +0100, Andrea Pappacoda wrote:

This upstream release only contains fixes anyway,


I'm not sure that's strictly true:


+Default behavior changes
+   * In mbedtls_rsa_context objects, the ver field was formerly documented
+     as always 0. It is now reserved for internal purposes and may take
+     different values.



Yeah, back when I was working on this I was a bit scared by this 
changelog entry, but if I recall correctly there was nothing that was 
actually depending on this "ver" field. And I honestly cannot think of 
useful piece of user code that would depend on having a certain struct 
member being zero.



and arguably:

> +Changes

+   * Improve the performance of base64 constant-flow code. The result is still
+     slower than the original non-constant-flow implementation, but much faster
+     than the previous constant-flow implementation. Fixes #4814.


(not a functional change, but one with some risk).



This is a performance improvement relative to an MbedTLS 2.16.10 
regression. In MbedTLS 2.16.10, some base64 code was made constant-flow, 
leading to a noticeable performance hit. In MbedTLS 2.16.12, this 
constant-flow code was improved. This isn't relevant for us though, 
since Debian Bullseye ships 2.16.9, i.e. the non-constant-flow 
implementation. Since a secure implementation needs to be constant-flow, 
we might as well choose the faster constant-flow one :)



In any case, I'm not sure that CVE-2021-44732 is as serious as you make
out. It's impactful yes, but doesn't the out-of-memory condition mean
another exploit or outrageous good fortune is also required to trigger
this?



I honestly do not remember what this CVE is about, but I see it has 
a 9.8 CRITICAL score, so it might make sense to fix it anyway. I know 
CVE scores are often a joke, but still.



Would you be able to accept this proposed update into bullseye? If yes, 
I could resume my work on this.


Thanks! Bye :)



Attachment:
signature.asc

Description: PGP signature






















					Reply via email to