Bug#1034809: marked as done (bookworm-pu: package argon2/0~20171227-0.3+deb12u1)

Debian Bug Tracking System Wed, 26 Apr 2023 15:36:34 -0700

Your message dated Thu, 27 Apr 2023 00:33:08 +0200
with message-id <[email protected]>
and subject line Re: Bug#1034809: bullseye-pu: package 
argon2/0~20171227-0.3+deb12u1
has caused the Debian Bug report #1034809,
regarding bookworm-pu: package argon2/0~20171227-0.3+deb12u1
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1034809: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034809
Debian Bug Tracking System
Contact [email protected] with problems

--- Begin Message ---

Package: release.debian.org
Severity: normal
Tags: bookworm
User: [email protected]
Usertags: pu
Control: affects -1 + src:argon2 cryptsetup-udeb

Dear Release Team,

[ Reason ]

While collecting LUKS2 PBKDF memory cost values in kibi and I discovered
that memory cost were significantly lower when `cryptsetup luksFormat`
was run in d-i compared to the final system.

elbrus argued at https://bugs.debian.org/1032235#107 that ≥0~20190702-0.1
was not suitable for bookworm at this point of the release cycle, hence
the targeted fix for t-p-u.

[ Impact ]

The lower memory cost has security implications for the volume.  See
https://bugs.debian.org/1028250#78 and follow-up messages.

[ Tests ]

 * Upstream test suite.
 * New benchmarks (with cryptsetup/2:2.6.1-4~deb12u1) at
   https://bugs.debian.org/1028250#93 .
 * DEP-8 for cryptsetup (reverse dependency).

[ Risks ]

Changing d/rules so late in the release cycle might sound scary, however
the change merely reverts a commit from 2018 that is no longer relevant
and is causing the issue.  It was partially reverted in 0~20190702-0.1
already, but but for the argon2 binary only (see #1032234) not
libargon2-1-udeb.

[ Checklist ]

  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

[ Changes ]

  * Add Breaks on cryptsetup-initramfs <2:2.6.1-2 as the rebuild with
    recent glibc broke it.
  * Set 'debian-branch = debian/bookworm' in d/gbp.conf.
  * Restore threading support to libargon2-1-udeb as well an the argon2
    binary.

[ Other info ]

CC'ing kibi for d-i-ack.

-- 
Guilhem.

diffstat for argon2-0~20171227 argon2-0~20171227

 changelog                |   18 ++++++++++++++++++
 control                  |    1 +
 gbp.conf                 |    2 +-
 libargon2-1-udeb.install |    2 ++
 rules                    |   11 -----------
 5 files changed, 22 insertions(+), 12 deletions(-)

diff -Nru argon2-0~20171227/debian/changelog argon2-0~20171227/debian/changelog
--- argon2-0~20171227/debian/changelog  2022-02-13 10:41:34.000000000 +0100
+++ argon2-0~20171227/debian/changelog  2023-04-21 21:29:33.000000000 +0200
@@ -1,3 +1,21 @@
+argon2 (0~20171227-0.3+deb12u1) bookworm; urgency=medium
+
+  * Non-maintainer upload.
+
+  [ Bastian Germann ]
+  * Add Breaks on cryptsetup-initramfs (see #1032235)
+
+  [ Guilhem Moulin ]
+  * d/gbp.conf: Set 'debian-branch = debian/bookworm'.
+  * d/rules: Restore threading support to libargon2-1-udeb (closes: #1034696).
+    This is beneficial for cryptsetup-udeb, see #1028250.  Removing threading
+    support in libargon2-1-udeb was done for historical reasons no longer
+    relevant since Debian Bookworm.  This also restores threading support to
+    argon2 which was inadvertently dropped in 0~20171227-0.1 (closes:
+    #1032234).
+
+ -- Guilhem Moulin <[email protected]>  Fri, 21 Apr 2023 21:29:33 +0200
+
 argon2 (0~20171227-0.3) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru argon2-0~20171227/debian/control argon2-0~20171227/debian/control
--- argon2-0~20171227/debian/control    2022-02-13 10:41:34.000000000 +0100
+++ argon2-0~20171227/debian/control    2023-04-21 21:29:33.000000000 +0200
@@ -60,6 +60,7 @@
 Architecture: any
 Pre-Depends: ${misc:Pre-Depends}
 Depends: ${shlibs:Depends}, ${misc:Depends}
+Breaks: cryptsetup-initramfs (<<2:2.6.1-2)
 Multi-Arch: same
 Description: memory-hard hashing function - runtime library
  Argon2 is a password-hashing function that can be used to hash passwords
diff -Nru argon2-0~20171227/debian/gbp.conf argon2-0~20171227/debian/gbp.conf
--- argon2-0~20171227/debian/gbp.conf   2022-02-13 10:41:34.000000000 +0100
+++ argon2-0~20171227/debian/gbp.conf   2023-04-21 21:29:33.000000000 +0200
@@ -1,7 +1,7 @@
 [DEFAULT]
 debian-tag = debian/%(version)s
 pristine-tar = True
-debian-branch = debian/sid
+debian-branch = debian/bookworm
 
 [buildpackage]
 upstream-tag = v%(version)s
diff -Nru argon2-0~20171227/debian/libargon2-1-udeb.install 
argon2-0~20171227/debian/libargon2-1-udeb.install
--- argon2-0~20171227/debian/libargon2-1-udeb.install   1970-01-01 
01:00:00.000000000 +0100
+++ argon2-0~20171227/debian/libargon2-1-udeb.install   2023-04-21 
21:29:33.000000000 +0200
@@ -0,0 +1,2 @@
+#!/usr/bin/dh-exec
+libargon2.so.1 => usr/lib/${DEB_HOST_MULTIARCH}/${SONAME}
diff -Nru argon2-0~20171227/debian/rules argon2-0~20171227/debian/rules
--- argon2-0~20171227/debian/rules      2022-02-13 10:41:34.000000000 +0100
+++ argon2-0~20171227/debian/rules      2023-04-21 21:29:33.000000000 +0200
@@ -16,26 +16,15 @@
 export SOVER=1
 export DEBPREFIX=0~
 export UPSTREAMVER=$(subst $(DEBPREFIX),,$(DEB_VERSION_UPSTREAM))
-export UDEBLIB=$(SONAME).udeb
 
 %:
        dh $@
 
-override_dh_auto_build:
-       dh_auto_build -- NO_THREADS=1
-       mv $(SONAME) $(UDEBLIB)
-       dh_auto_build
-
 override_dh_install:
        dh_install
        sed -i '/^## /d' 
debian/${PKG}-dev/usr/lib/$(DEB_HOST_MULTIARCH)/pkgconfig/libargon2.pc
        sed -i s/@HOST_MULTIARCH@/$(DEB_HOST_MULTIARCH)/ 
debian/${PKG}-dev/usr/lib/$(DEB_HOST_MULTIARCH)/pkgconfig/libargon2.pc
        sed -i s/@UPSTREAM_VER@/$(UPSTREAMVER)/ 
debian/${PKG}-dev/usr/lib/$(DEB_HOST_MULTIARCH)/pkgconfig/libargon2.pc
-       install -D $(UDEBLIB) 
debian/$(SOPKG)-udeb/usr/lib/$(DEB_HOST_MULTIARCH)/$(SONAME)
-
-override_dh_auto_clean:
-       dh_auto_clean
-       -rm $(UDEBLIB)
 
 override_dh_auto_test:
        -$(MAKE) -j1 test

signature.asc
Description: PGP signature

--- End Message ---

--- Begin Message ---

Guilhem Moulin <[email protected]> (2023-04-25):
> [ Reason ]
> 
> While collecting LUKS2 PBKDF memory cost values in kibi and I discovered
> that memory cost were significantly lower when `cryptsetup luksFormat`
> was run in d-i compared to the final system.
> 
> elbrus argued at https://bugs.debian.org/1032235#107 that ≥0~20190702-0.1
> was not suitable for bookworm at this point of the release cycle, hence
> the targeted fix for t-p-u.

Approved from tpu:

    argon2     | 0~20171227-0.3+deb12u1    | testing                         | 
source, amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x

Thanks again!


Cheers,
-- 
Cyril Brulebois ([email protected])            <https://debamax.com/>
D-I release manager -- Release team member -- Freelance Consultant

signature.asc
Description: PGP signature

--- End Message ---

Bug#1034809: marked as done (bookworm-pu: package argon2/0~20171227-0.3+deb12u1)

Reply via email to