Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > linux.debian.kernel > #92344

Re: Bug#1135729 closed by Debian FTP Masters <ftpmaster@ftp-master.debian.org> (reply to Maytham Alsudany <maytham@debian.org>) (Bug#1135729: fixed in docker-credential-gcr 2.1.32-1)

From Chris Hofstaedtler <zeha@debian.org>
Newsgroups linux.debian.kernel
Subject Re: Bug#1135729 closed by Debian FTP Masters <ftpmaster@ftp-master.debian.org> (reply to Maytham Alsudany <maytham@debian.org>) (Bug#1135729: fixed in docker-credential-gcr 2.1.32-1)
Date 2026-05-07 12:00 +0200
Message-ID <MS3Gr-3fl7-61@gated-at.bofh.it> (permalink)
References <MS2U2-3eYQ-19@gated-at.bofh.it> <MRkgi-2K3J-5@gated-at.bofh.it> <MS3Gr-3fl7-63@gated-at.bofh.it>
Organization linux.* mail to news gateway

Show all headers | View raw

reopen 1135729
thanks

Seems like you had a typo in your Closes:?

BR,
Chris

* Debian Bug Tracking System <owner@bugs.debian.org> [260507 11:01]:
>This is an automatic notification regarding your Bug report
>which was filed against the src:linux package:
>
>#1135729: Consider disabling CONFIG_CRYPTO_USER_API_*
>
>It has been closed by Debian FTP Masters <ftpmaster@ftp-master.debian.org> (reply to Maytham Alsudany <maytham@debian.org>).
>
>Their explanation is attached below along with your original report.
>If this explanation is unsatisfactory and you have not received a
>better one in a separate message then please contact Debian FTP Masters <ftpmaster@ftp-master.debian.org> (reply to Maytham Alsudany <maytham@debian.org>) by
>replying to this email.
>
>
>-- 
>1135729: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135729
>Debian Bug Tracking System
>Contact owner@bugs.debian.org with problems

>From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
>Reply-To: Maytham Alsudany <maytham@debian.org>
>Subject: Bug#1135729: fixed in docker-credential-gcr 2.1.32-1
>Date: Thu, 07 May 2026 09:00:19 +0000
>To: 1135729-close@bugs.debian.org
>
>Source: docker-credential-gcr
>Source-Version: 2.1.32-1
>Done: Maytham Alsudany <maytham@debian.org>
>
>We believe that the bug you reported is fixed in the latest version of
>docker-credential-gcr, which is due to be installed in the Debian FTP archive.
>
>A summary of the changes between this version and the previous one is
>attached.
>
>Thank you for reporting the bug, which will now be closed.  If you
>have further comments please address them to 1135729@bugs.debian.org,
>and the maintainer will reopen the bug report if appropriate.
>
>Debian distribution maintenance software
>pp.
>Maytham Alsudany <maytham@debian.org> (supplier of updated docker-credential-gcr package)
>
>(This message was generated automatically at their request; if you
>believe that there is a problem with it please contact the archive
>administrators by mailing ftpmaster@ftp-master.debian.org)
>
>
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA512
>
>Format: 1.8
>Date: Thu, 07 May 2026 11:42:23 +0800
>Source: docker-credential-gcr
>Binary: docker-credential-gcr docker-credential-gcr-dbgsym golang-github-googlecloudplatform-docker-credential-gcr-dev
>Architecture: source amd64 all
>Version: 2.1.32-1
>Distribution: unstable
>Urgency: medium
>Maintainer: Debian Go Packaging Team <team+pkg-go@tracker.debian.org>
>Changed-By: Maytham Alsudany <maytham@debian.org>
>Description:
> docker-credential-gcr - Docker credential helper for GCR users (program)
> golang-github-googlecloudplatform-docker-credential-gcr-dev - Docker credential helper for GCR users (library)
>Closes: 1135729
>Changes:
> docker-credential-gcr (2.1.32-1) unstable; urgency=medium
> .
>   * Initial release (Closes: #1135729)
>Checksums-Sha1:
> 6f46038070594f9c917189cc83a834f138ba57e3 2678 docker-credential-gcr_2.1.32-1.dsc
> a3a6bd0d349dfccb6d06a44ba1fd74cc3a041e02 39545 docker-credential-gcr_2.1.32.orig.tar.gz
> 144d6658be362b37c6b635b3158a305bec69ce86 4536 docker-credential-gcr_2.1.32-1.debian.tar.xz
> d1c1dd9ae9676f6c1cd747f512eb6d863b417115 2738184 docker-credential-gcr-dbgsym_2.1.32-1_amd64.deb
> 10fcfbe2a523b12aada8c398219524bf26aaa848 33266 docker-credential-gcr_2.1.32-1_amd64.buildinfo
> ed333dd283c195c577f8a84c392b069946f321ad 2563672 docker-credential-gcr_2.1.32-1_amd64.deb
> 0d38321801ac05ea66dbeaa689256803decd327d 28800 golang-github-googlecloudplatform-docker-credential-gcr-dev_2.1.32-1_all.deb
>Checksums-Sha256:
> 984b913a37f1466c935c9459b37c4c1e3ec8d39bf8236ed37ec21817c6c1c510 2678 docker-credential-gcr_2.1.32-1.dsc
> 106375cdfc48a08724fd8a45dbc026363fbe03153c0b201e50356483e3cd2517 39545 docker-credential-gcr_2.1.32.orig.tar.gz
> 905ef162e06c0cba138488265a1b6634ee8d60c36f40264a7f397680207d36b3 4536 docker-credential-gcr_2.1.32-1.debian.tar.xz
> e5654caa257649fe88299eba068bf47c18e2cd4db25c2374a045c9def9f2d469 2738184 docker-credential-gcr-dbgsym_2.1.32-1_amd64.deb
> 45a2d1c5d03ffe96b995fda45ec3410c6bc5004a57ef821fcef3946dca2da7d9 33266 docker-credential-gcr_2.1.32-1_amd64.buildinfo
> 4b9646e628e63de925df93331ecbb8dafddbe8b197b80bb3b7d33ba50dee035c 2563672 docker-credential-gcr_2.1.32-1_amd64.deb
> 22ce06abd9336b8c0185b10d89f7da21542e6f8fc5243bf781a65da2b1743d7f 28800 golang-github-googlecloudplatform-docker-credential-gcr-dev_2.1.32-1_all.deb
>Files:
> 245b2232e0ae3818c404ef855ef48699 2678 golang optional docker-credential-gcr_2.1.32-1.dsc
> 6310de0da9345408be8e01dc41d5b1ab 39545 golang optional docker-credential-gcr_2.1.32.orig.tar.gz
> 6f26bd0578547a44428a72f2ee7b6d69 4536 golang optional docker-credential-gcr_2.1.32-1.debian.tar.xz
> 4ee50256b4970de0af0fef935d36cb4d 2738184 debug optional docker-credential-gcr-dbgsym_2.1.32-1_amd64.deb
> 1253a4f6b4d416ff3568ed41bdaec572 33266 golang optional docker-credential-gcr_2.1.32-1_amd64.buildinfo
> d0dbda922ada0e15f6886087eaaf0c1b 2563672 admin optional docker-credential-gcr_2.1.32-1_amd64.deb
> b297a5b4a4850d91d330590d8719ec4d 28800 golang optional golang-github-googlecloudplatform-docker-credential-gcr-dev_2.1.32-1_all.deb
>
>-----BEGIN PGP SIGNATURE-----
>
>iQIzBAEBCgAdFiEESl/RzRFQh8wD3DXB1ZeJcgbF8H8FAmn8DiMACgkQ1ZeJcgbF
>8H8CfA/+N1+Muzz+NTIRNMZDaJrJHLW1ToekAsrba3ePwmzTvRRCbgIJO1AR8fWJ
>EKWxC+iLDW3E35KvmYydK2HZ0mlAmeCbkB/tncVfe/XO0/jvjg87dE1hwkpwmDkn
>Lz67Z+89A5jY1qTBBab/Jbh1BCJAL+1raGtY3WDrYioPeSVBjwvAt5oXiQhdF0Bu
>yjv7bh6oVPQgP2m0XDnAnGsZ+6OuP6o82ws9CwnRTeMqH8+hJNI90YSpy4eGEIEe
>2tKoxp4UKdBsiAyz3+KI8nhD+tWZU4R9VEbYfmaYgd2udERczdz/3qys32lBxt/r
>t0i7Xri7emOBSXc7zZ4r5+QLP0typ11w/ub0LOab7PejVm+49HxLIA9g+mH+EIAF
>BgsOm8w09jsdmwIUprY+Z91dQ79PQJASNJPGKh5SUlU9mFBkvqGtzM4neUpPSACj
>CAbsecB4+MldBX/5hqJDyVfxqSA7KJQS/qVp8NGteQjPCAoOSuz8tH4C0QXqFCv+
>uTUQRwE2Ko1/wS7vQIpeQSvtsTf1h4p+YSCM/0dL1j1xCYPrZfLBPE5Erbh3Ifv3
>mRukZTfDv0ELV0yz8Xug6M8c8g/fZggZ86Ii2B/kIa9VL/ZhJwi2R/t3mdI1hCrT
>/xErEf+y1WVGucZMucpNJIx9dEki/PoQ01JR2nYf79u+lAMZO5c=
>=X342
>-----END PGP SIGNATURE-----
>



>From: Chris Hofstädtler <zeha@debian.org>
>Subject: Consider disabling CONFIG_CRYPTO_USER_API_*
>Date: Tue, 5 May 2026 11:20:17 +0200
>To: Debian Bug Tracking System <submit@bugs.debian.org>
>
>Source: linux
>Severity: normal
>Tags: security
>X-Debbugs-Cc: Debian Security Team <team@security.debian.org>
>
>Hi,
>
>people claim that the crypto API is a source of security issues when
>(mis-)used by user space. LWN commenters on the recent algif_aead
>issue have some more notes:
>
>https://lwn.net/Articles/1070682/
>
>partial quotes:
>
>> found only 6 packages that use it: iproute2, util-linux, bluez, qtconnectivity, openssl, and ell
>> [..] As far I know, the only thing that uses algif_aead is bluetooth-meshd
>
>> Yes, it's only a small set of userspace programs that made the
>> shortsighted decision to use AF_ALG, instead of following the
>> standard practice of using a userspace crypto library.
>> Help fixing these userspace programs would be greatly appreciated.
>> It would be really impactful, as it would allow more people to
>> disable CONFIG_CRYPTO_USER_API_* in their kernels.
>
>https://lwn.net/Articles/1070960/
>
>> it's primarily intended as an interface for some hardware crypto
>> acceleration engines (like AMD's CCP, on systems it works in
>> anyway)
>
>
>So it appears there are some tradeoffs to be made. Please take a
>look and consider turning the crypto user api off.
>
>Best,
>Chris
>
>PS: For src:util-linux, a quick look suggests we can easily stop
>using the kernels crypto API.

Back to linux.debian.kernel | Previous | NextPrevious in thread | Find similar

Thread

Bug#1135729: Consider disabling CONFIG_CRYPTO_USER_API_* Chris Hofstädtler <zeha@debian.org> - 2026-05-05 11:30 +0200
  Bug#1135729: Consider disabling CONFIG_CRYPTO_USER_API_* Salvatore Bonaccorso <carnil@debian.org> - 2026-05-06 08:30 +0200
    Bug#1135729: Consider disabling CONFIG_CRYPTO_USER_API_* Chris Hofstaedtler <zeha@debian.org> - 2026-05-06 13:40 +0200
  Processed: Re: Bug#1135729: Consider disabling CONFIG_CRYPTO_USER_API_* "Debian Bug Tracking System" <owner@bugs.debian.org> - 2026-05-06 08:30 +0200
  Processed: Re: Bug#1135729: Consider disabling CONFIG_CRYPTO_USER_API_* "Debian Bug Tracking System" <owner@bugs.debian.org> - 2026-05-06 13:40 +0200
  Bug#1135729: marked as done (Consider disabling CONFIG_CRYPTO_USER_API_*) "Debian Bug Tracking System" <owner@bugs.debian.org> - 2026-05-07 11:10 +0200
  Re: Bug#1135729 closed by Debian FTP Masters  <ftpmaster@ftp-master.debian.org> (reply to Maytham Alsudany  <maytham@debian.org>) (Bug#1135729: fixed in docker-credential-gcr 2.1.32-1) Chris Hofstaedtler <zeha@debian.org> - 2026-05-07 12:00 +0200

csiph-web