Your message dated Sun, 02 Dec 2012 16:32:29 +0000 with message-id <e1tfcsz-0006f3...@franck.debian.org> and subject line Bug#694091: fixed in bcrypt 1.1-7 has caused the Debian Bug report #694091, regarding bcrypt: Tries to load whole file into memory regardless of the size to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 694091: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694091 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: bcrypt Version: 1.1-6 Severity: grave Tags: lfs upstream Hi, The current version of bcrypt reads the whole file into memory by using fread, regardless of the file size. This means that for large files, a machine can run out of memory by trying to just read the file. The out of memory killer will kill other programs before killing an active program, thus causing the death of unrelated process. The solution to this problem would be to put a limit on how much can be read and encrypt via various subsequent read/writes instead of just one big read and one big write. -- Regards, Marga -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 3.2.0-0.bpo.2-686-pae (SMP w/2 CPU cores) Locale: LANG=es_AR.UTF-8, LC_CTYPE=es_AR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages bcrypt depends on: ii libc6 2.13-37 Embedded GNU C Library: Shared lib ii zlib1g 1:1.2.7.dfsg-13 compression library - runtime bcrypt recommends no packages. bcrypt suggests no packages. -- no debconf information
--- End Message ---
--- Begin Message ---Source: bcrypt Source-Version: 1.1-7 We believe that the bug you reported is fixed in the latest version of bcrypt, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 694...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Kevin Coyner <kcoy...@debian.org> (supplier of updated bcrypt package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 02 Dec 2012 14:53:40 +0000 Source: bcrypt Binary: bcrypt Architecture: source amd64 Version: 1.1-7 Distribution: unstable Urgency: low Maintainer: Kevin Coyner <kcoy...@debian.org> Changed-By: Kevin Coyner <kcoy...@debian.org> Description: bcrypt - Cross platform file encryption utility using blowfish Closes: 694091 Changes: bcrypt (1.1-7) unstable; urgency=low . * Added new patch to deal with bcrypt trying to load entire file into memory regardless of size. Thanks to Michael Stapelberg. Closes: #694091. * Removed unneeded amd_memory patch. Checksums-Sha1: b530af856d88d32c00a678d6dfc735c5408ccc7f 1315 bcrypt_1.1-7.dsc 47b763595b73c8ed97383690dd895f7423cfa318 7134 bcrypt_1.1-7.diff.gz 588dcee3f6cbc81a78d0dccf2c40ac5e6c9c7c4d 20132 bcrypt_1.1-7_amd64.deb Checksums-Sha256: 02b37941fcc776263baeedcdc9f8da4b92b8f23d242e0686c7373af47385ef79 1315 bcrypt_1.1-7.dsc 5879d21b9cec1d4c723cd88303cf3dde3c310ec25ecb8c01b1e99010ab9a3402 7134 bcrypt_1.1-7.diff.gz e1e21274948bd23af39ec93050608469cba279a362937acd404601147b80bebe 20132 bcrypt_1.1-7_amd64.deb Files: 3fe988c2ae554f015a2e8477216a9f9b 1315 utils optional bcrypt_1.1-7.dsc 0a6ffda97851a6eedba768b2da2dee5c 7134 utils optional bcrypt_1.1-7.diff.gz 771413d79d56fd0037258ca2e2aaee83 20132 utils optional bcrypt_1.1-7_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBCAAGBQJQu4FoAAoJEOuzGmLIXY9xeSQH/jFqwLy62Q6MrD76TzLAVu9x BwhC1/Q852lvlaQcL91fhrmZdMN+pZFUmB8y+xFwvKcWfAxre3NLgpjMpZ0V7eiW 9HkShomLjMIJps0vPkXMWg/CYps5u8TNUHK7YlbxDDW716Wij7yLi43cGBJW7Wuz p7g7C6+KELraNHBpY8y26jCKrcFH5GMoszIW3HRc71oN1sNglhH9fed8K+8Wq2Jb z9Ut+aYWgVVzExFk7Byf+7gcH6jWwRsBqGul4Unmd0DLPSsY8K0odqz0QpCv5nht GyGatQvdbpQiJdZAS8mw4YSfYpwyvlPMHhVZWURZTzH4cpzBYOCKe/RwSq7BpfI= =LW9D -----END PGP SIGNATURE-----
--- End Message ---
