Support reading messages with 12-byte IVs
Bug #1866115 reported by
Julian Andres Klode
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
dino-im (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Critical
|
Julian Andres Klode |
Bug Description
[Impact]
Most clients switched to 12-byte IVs for OMEMO encrypted messages, but dino only accepts 16-byte IVs.
[Test case]
Send OMEMO message from client which uses 12-byte IV, make sure it can be read.
Note that other clients might still not be able to read our messages (dino should though), this requires https:/
[Regression potential]
Meh. I'm not sure what could regress here by not rejecting 12 byte IVs any longer, it's a simple if () on the IV size that we extend from == 16 to == 16 || == 12.
CVE References
Changed in dino-im (Ubuntu): | |
status: | New → Fix Released |
Changed in dino-im (Ubuntu Bionic): | |
status: | New → In Progress |
importance: | Undecided → Critical |
assignee: | nobody → Julian Andres Klode (juliank) |
description: | updated |
To post a comment you must log in.
I have installed dino-im from the security-proposed PPA and confirmed I could receive 12-byte IV messages sent by conversations.