On Wed, Mar 10, 2010 at 11:30:10AM +0100, Klaus Ethgen wrote: > Hi, > > Am So den 28. Feb 2010 um 21:24 schrieb Kurt Roeckx: > > commit 56bf036afe0ab64efdc49daeb3a01466792fa113 > > Author: steve <steve> > > Date: Mon Feb 15 19:40:45 2010 +0000 > > > > The "block length" for CFB mode was incorrectly coded as 1 all the > > time. It > > should be the number of feedback bits expressed in bytes. For CFB1 mode > > set > > this to 1 by rounding up to the nearest multiple of 8. > [...] > > I'm not sure what to do with this, I'll contact upstream about this. > > Any news about that bug? > > There are more and more packages in unstable depending on the broken > libssl which blocks them from upgrade. I think the problem will get > worse if it is not fixed recently as the used incompatible CFB will hold > any upgrade possibility.
I uploaded a 0.9.8m-2 version that fixes it 10 days ago. It will probably move to testing tomorrow. Applications should never be broken. What could be a problem is that you encypted something with the 0.9.8m-1 version and can't decrypt it with any other version. But that version was never part of testing. Kurt -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
