libengine-gost-openssl1.1 - Debian Package Tracker

general

source: libengine-gost-openssl1.1 (main)
version: 1.1.0.3-1.1
maintainer: Wartan Hachaturow (DMD)
arch: any
std-ver: 3.9.5
VCS: Git (QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 1.1.0.3-1
stable: 1.1.0.3-1
unstable: 1.1.0.3-1.1

versioned links

1.1.0.3-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.1.0.3-1.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

gostsum
libengine-gost-openssl1.1

action needed

A new upstream version is available: 3.0.1 high

A new upstream version 3.0.1 is available, you should consider packaging it.

Created: 2022-05-21 Last update: 2022-08-07 13:41

Failed to analyze the VCS repository. Please troubleshoot and fix the issue. high

vcswatch reports that there is an error with this package's VCS, or the debian/changelog file inside it. Please check the error shown below and try to fix it. You might have to update the VCS URL in the debian/control file to point to the correct repository.

debian/changelog not found in any branch (tried master, debian, debian/master, debian/sid, debian/latest, master)

Created: 2017-12-03 Last update: 2022-08-07 04:41

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2022-29242: GOST engine is a reference implementation of the Russian GOST crypto algorithms for OpenSSL. TLS clients using GOST engine when ciphersuite `TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC` is agreed and the server uses 512 bit GOST secret keys are vulnerable to buffer overflow. GOST engine version 3.0.1 contains a patch for this issue. Disabling ciphersuite `TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC` is a possible workaround.

Created: 2022-07-04 Last update: 2022-08-01 13:40

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 3.9.5).

Created: 2017-11-15 Last update: 2022-05-21 09:12

The package has not entered testing even though the delay is over normal

The package has not entered testing even though the 5-day delay is over. Check why.

Created: 2022-05-26 Last update: 2022-08-07 15:04

RM: This package has been requested to be removed. normal

This package has been requested to be removed. This means that, when this request gets processed by an ftp-master, this package will no longer be in unstable, and will automatically be removed from testing too afterwards. If for some reason you want keep this package in unstable, please discuss so in the bug. Please see bug number #1014146 for more information.

Created: 2022-06-30 Last update: 2022-06-30 22:42

lintian reports 4 warnings normal

Lintian reports 4 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2020-07-29 Last update: 2021-10-23 20:01

1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:

CVE-2022-29242: (needs triaging) GOST engine is a reference implementation of the Russian GOST crypto algorithms for OpenSSL. TLS clients using GOST engine when ciphersuite `TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC` is agreed and the server uses 512 bit GOST secret keys are vulnerable to buffer overflow. GOST engine version 3.0.1 contains a patch for this issue. Disabling ciphersuite `TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC` is a possible workaround.

You can find information about how to handle this issue in the security team's documentation.

Created: 2022-07-04 Last update: 2022-08-01 13:40

testing migrations

excuses:
- Migration status for libengine-gost-openssl1.1 (- to 1.1.0.3-1.1): BLOCKED: Rejected/violates migration policy/introduces a regression
- Issues preventing migration:
- ∙ ∙ Updating libengine-gost-openssl1.1 would introduce bugs in testing: #1012512, #1012795
- Additional info:
- ∙ ∙ Cannot be tested by piuparts (not a blocker) - (no link yet)
- ∙ ∙ 78 days old (needed 5 days)
- Not considered

news

[rss feed]

[2022-06-06] libengine-gost-openssl1.1 REMOVED from testing (Debian testing watch)
[2022-05-20] Accepted libengine-gost-openssl1.1 1.1.0.3-1.1 (source) into unstable (Bastian Germann) (signed by: bage@debian.org)
[2018-09-22] libengine-gost-openssl1.1 1.1.0.3-1 MIGRATED to testing (Debian testing watch)
[2018-09-17] Accepted libengine-gost-openssl1.1 1.1.0.3-1 (source amd64) into unstable (Wartan Hachaturow)
[2017-11-25] libengine-gost-openssl1.1 1.1.0.1-1 MIGRATED to testing (Debian testing watch)
[2017-11-15] Accepted libengine-gost-openssl1.1 1.1.0.1-1 (source amd64) into unstable, unstable (Wartan Hachaturow)

bugs [bug history graph]

all: 2
RC: 1
I&N: 1
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (0, 4)
buildd: logs, clang, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.1.0.3-1.1