Your message dated Wed, 11 Jul 2012 11:02:15 +0000
with message-id <e1sougr-0003fn...@franck.debian.org>
and subject line Bug#681066: fixed in botan1.10 1.10.3-1
has caused the Debian Bug report #681066,
regarding Botan 1.10.2 breaks ABI compatibility
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
681066: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681066
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libbotan-1.10-0
Version: 1.10.2-1
Severity: critical
As Francis Russel pointed out on the Debian packaging mailing list for
monotone, it looks like Botan 1.10.2 broke ABI compatibility compared to
1.10.1, see here:
http://lists.nongnu.org/archive/html/monotone-debian/2012-07/msg00000.html
I can confirm ABI compatibility between versions 1.10.1 and 1.10.2 of
Botan is not given. I've identified the cause, successfully tried a
work-around (patch attached) and contacted the upstream author(s), see
here:
http://lists.randombit.net/pipermail/botan-devel/2012-July/001624.html
With this bug report I hope to stop 1.10.2 from propagating further and
think upstream will soon release 1.10.3 (or take whatever other actions
they think are appropriate).
Regards
Markus Wanner
#
# old_revision [2bf8ad2c501213efb4cf9b219330b87666988e91]
#
# patch "src/alloc/secmem.h"
# from [ea3aff086ed1a1f49ee8a0e877ba755dc575e6b4]
# to [746a95d28216664a4e6c945ba32663cea6023ae5]
#
============================================================
--- src/alloc/secmem.h ea3aff086ed1a1f49ee8a0e877ba755dc575e6b4
+++ src/alloc/secmem.h 746a95d28216664a4e6c945ba32663cea6023ae5
@@ -164,7 +164,7 @@ class MemoryRegion
*/
void swap(MemoryRegion<T>& other);
- virtual ~MemoryRegion() { deallocate(buf, allocated); }
+ ~MemoryRegion() { deallocate(buf, allocated); }
protected:
MemoryRegion() : buf(0), used(0), allocated(0), alloc(0) {}
--- End Message ---
--- Begin Message ---
Source: botan1.10
Source-Version: 1.10.3-1
We believe that the bug you reported is fixed in the latest version of
botan1.10, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 681...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Ondřej Surý <ond...@debian.org> (supplier of updated botan1.10 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 10 Jul 2012 21:03:03 +0200
Source: botan1.10
Binary: botan1.10-dbg libbotan-1.10-0 libbotan1.10-dev
Architecture: source amd64
Version: 1.10.3-1
Distribution: unstable
Urgency: high
Maintainer: Ondřej Surý <ond...@debian.org>
Changed-By: Ondřej Surý <ond...@debian.org>
Description:
botan1.10-dbg - multiplatform crypto library (debug)
libbotan-1.10-0 - multiplatform crypto library
libbotan1.10-dev - multiplatform crypto library (development)
Closes: 681066
Changes:
botan1.10 (1.10.3-1) unstable; urgency=high
.
* Imported Upstream version 1.10.3
+ A change in 1.10.2 accidentally broke ABI compatibility with 1.10.1
and earlier versions, causing programs compiled against 1.10.1 to
crash if linked with 1.10.2 at runtime. (Closes: #681066)
+ Recent versions of OpenSSL include extra information in ECC private
keys, the presence of which caused an exception when such a key was
loaded by botan. The decoding of ECC private keys has been changed to
ignore these fields if they are set.
Checksums-Sha1:
b9ca18033b867f14238f8baf9afde6b7848a3373 1398 botan1.10_1.10.3-1.dsc
0c0b2f6337d94245a32e215047311526652a114d 2711156 botan1.10_1.10.3.orig.tar.gz
a1e5de54187abf580b945ea6404b0b04c3957a91 7690 botan1.10_1.10.3-1.debian.tar.gz
5800956339cb6c36a8a1bb660c6297c23ec728ab 137888
botan1.10-dbg_1.10.3-1_amd64.deb
8dcb6d24c4a2cf707e8d7c49b662392905875252 1174570
libbotan-1.10-0_1.10.3-1_amd64.deb
8f8dd48854f4fca97370d2a54c14ddf5e9312ae0 2442986
libbotan1.10-dev_1.10.3-1_amd64.deb
Checksums-Sha256:
620101fbc55312464f781355b05f86404fca451a03ab44e50970b6f3bccb918d 1398
botan1.10_1.10.3-1.dsc
b76fc3118d8fe93230f8544a6507609fe103e65bd131ddd246af1ee88c30a1ab 2711156
botan1.10_1.10.3.orig.tar.gz
78f4c377b52c6a9e4e44b4cbe2f31dcf14a5d931d1aa5819161f5a3d2c094af4 7690
botan1.10_1.10.3-1.debian.tar.gz
c29f8dc96ee199ac55b72f465de921d01f1e9b54a62cd6f6ef27f219ddbf5d4d 137888
botan1.10-dbg_1.10.3-1_amd64.deb
038ed2e5ca57f084f3dee1fd29ac0e4168e32cf25b9917ac56131d380afba27d 1174570
libbotan-1.10-0_1.10.3-1_amd64.deb
1ed6d49135105edb23afcf9a131e4a41bb82d0d3eaceb221db27cb2bd94e4d91 2442986
libbotan1.10-dev_1.10.3-1_amd64.deb
Files:
d300b517c4468901be2fe433d4f155fc 1398 libs optional botan1.10_1.10.3-1.dsc
1b5fcbc5795f615219277efc5059c886 2711156 libs optional
botan1.10_1.10.3.orig.tar.gz
5c8777467fcb44a4c27f38d1c1f7f41c 7690 libs optional
botan1.10_1.10.3-1.debian.tar.gz
78caee2960fee3b700de8ca9f7a417b1 137888 debug extra
botan1.10-dbg_1.10.3-1_amd64.deb
b84b53cf2068ab83072358a9270aecaf 1174570 libs optional
libbotan-1.10-0_1.10.3-1_amd64.deb
88dbfb87c2d33d92ca8eb4b2bf49d1da 2442986 libdevel optional
libbotan1.10-dev_1.10.3-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk/8fvoACgkQ9OZqfMIN8nNWwwCffXTi4sL6V0bEITNtxHNqYj5m
UoIAn21y9ZM+GQuK5xcmoRIfpuwhTR+c
=Oogo
-----END PGP SIGNATURE-----
--- End Message ---
