Comments

31 Comments

@adamwill how to we get this one going again ? The problem seem not to be in this update

Great, thanks! It will take some time due to vacations to get this fixed, should we just kill this update and wait until I can upload a new version that fixes that bug ?

This looks like a bona fide bug in pkcs11-provider, do you want to open a bug at https://github.com/latchset/pkcs11-provider/ ?

I do not see how these could be related but would definitely like to see the backtrace

User Icon simo commented & provided feedback on nss-3.94.0-2.fc37 a year ago
karma

Containes required fix for a regression

karma

tested on container with the CI that uncovered the bug

User Icon simo commented & provided feedback on nss-3.94.0-2.fc38 a year ago
karma

tested on container with the CI that uncovered the bug

This update has been unpushed.

User Icon simo commented & provided feedback on nss-3.94.0-1.fc39 a year ago
karma

Broken softoken wrt EC key generation, returns incorrect values to caller. Hideen by login in NSS to fixup thing for firefox, but exposed to direct pkcs11 users

karma

I tested all this when I worked on the fixes.

BZ#1654929 CVE-2018-16868 gnutls: Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification and padding oracle verification
BZ#1659095 CVE-2018-16868 gnutls: Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification and padding oracle verification [fedora-all]
BZ#1458181 GSS-Proxy is not supported by this kernel

Added custodia to the update and re-pushed

This update has been unpushed.

karma

Made a test print with the older package and this package and I see no regressions.