Default Comment by Bridge ** Attachment added: "Standalone C program from the upstream test case" https://bugs.launchpad.net/bugs/1931994/+attachment/5513213/+files/evp_extra_test.c
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1931994 Title: [Ubuntu 20.04] OpenSSL bugs im s390x AES code Status in Ubuntu on IBM z Systems: Triaged Status in openssl package in Ubuntu: New Status in openssl source package in Bionic: New Status in openssl source package in Focal: New Status in openssl source package in Groovy: New Status in openssl source package in Hirsute: New Status in openssl source package in Impish: New Bug description: Problem description: When passing a NULL key to reset AES EVC state, the state wouldn't be completely reset on s390x. https://github.com/openssl/openssl/pull/14900 Solution available here: https://github.com/openssl/openssl/commit/dc67210d909b5dd7a50f60a96f36f3f5a891b1c8 Should be applied to all distros where openssl 1.1.1 is included for consistency reason. -> 21.10, 20.04, 18.04. I think not needed for 16.04 anymore.... [Test plan] $ sudo apt install libssl-dev $ gcc test.c -o evc-test -lcrypto -lssl # See https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1931994/comments/2 for the test.c program $ ./evc-test && echo OK [Where problems could occur] This patch only touches s390x code paths, so there shouldn't be any regression on other architectures. However, on s390x this could reveal latent bugs by spreading a NULL key to new code paths. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1931994/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
