Support reading messages with 12-byte IVs
Bug #1866115 reported by
Julian Andres Klode
This bug affects 2 people
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| dino-im (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
| Bionic |
Fix Released
|
Critical
|
Julian Andres Klode | ||
Bug Description
[Impact]
Most clients switched to 12-byte IVs for OMEMO encrypted messages, but dino only accepts 16-byte IVs.
[Test case]
Send OMEMO message from client which uses 12-byte IV, make sure it can be read.
Note that other clients might still not be able to read our messages (dino should though), this requires https:/
[Regression potential]
Meh. I'm not sure what could regress here by not rejecting 12 byte IVs any longer, it's a simple if () on the IV size that we extend from == 16 to == 16 || == 12.
CVE References
| Changed in dino-im (Ubuntu): | |
| status: | New → Fix Released |
| Changed in dino-im (Ubuntu Bionic): | |
| status: | New → In Progress |
| importance: | Undecided → Critical |
| assignee: | nobody → Julian Andres Klode (juliank) |
| description: | updated |
Revision history for this message
| Julian Andres Klode (juliank) wrote | #1 |
| tags: | added: verification-done-bionic |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #2 |
| Changed in dino-im (Ubuntu Bionic): | |
| status: | In Progress → Fix Released |
To post a comment you must log in.
I have installed dino-im from the security-proposed PPA and confirmed I could receive 12-byte IV messages sent by conversations.