Package: libssl0.9.8 Version: 0.9.8c-4etch3 I'm using dkim-filter on a Debian Etch system (from etch-backports). I always get a strange message in my syslog:
SSL error:04067069:rsa routines:RSA_EAY_PUBLIC_DECRYPT:pkcs1 padding too short I did some research and found out that "padding too short" should lead to a signature verification error. But in my case it does not; in my case signature verification is fine besides the fact that I get a "padding too short" error. I found out (with great help from the dkim-milter-users mailing list) that this error message has been introduced in this commit: http://cvs.openssl.org/chngview?cn=15514 This is a part of the 0.9.8c upstream version and patches CVE-2006-4339. One of the next commits removes it: http://cvs.openssl.org/chngview?cn=15536 Some people on the dkim-milter-users mailing list confirmed that the behaviour I encounter does not happen with newer libssl versions. Therefore I think that there are some compatibility issues with etch's libssl. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
