Bug #2003629 “[23.04 FEAT] openCryptoki ep11 token: master key c...” : Bugs : opencryptoki package : Ubuntu

bugproxy (bugproxy) on 2023-01-22

tags:	added: architecture-s39064 bugnameltc-201331 severity-high targetmilestone-inin2304
Changed in ubuntu:
assignee:	nobody → Skipper Bug Screeners (skipper-screen-team)
affects:	ubuntu → linux (Ubuntu)

Revision history for this message

bugproxy (bugproxy) wrote on 2023-01-22: Comment bridged from LTC Bugzilla

#1

------- Comment From <email address hidden> 2023-01-21 19:59 EDT-------
This feature is included in the latest released opencryptoki 3.19.0 as available at
https://github.com/opencryptoki/opencryptoki/releases/tag/v3.19.0

Frank Heimes (fheimes) on 2023-01-22

affects:	linux (Ubuntu) → opencryptoki (Ubuntu)
Changed in ubuntu-z-systems:
assignee:	nobody → Skipper Bug Screeners (skipper-screen-team)
Changed in opencryptoki (Ubuntu):
importance:	Undecided → High
Changed in ubuntu-z-systems:
importance:	Undecided → High
status:	New → Triaged
Changed in opencryptoki (Ubuntu):
status:	New → Triaged

Frank Heimes (fheimes) on 2023-02-14

Changed in ubuntu-z-systems:
status:	Triaged → Fix Committed
Changed in opencryptoki (Ubuntu):
status:	Triaged → Fix Committed
information type:	Private → Public

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-02-14:

#2

This bug was fixed in the package opencryptoki - 3.20.0+dfsg-0ubuntu1

---------------
opencryptoki (3.20.0+dfsg-0ubuntu1) lunar; urgency=medium

  * New upstream release (LP: #2003847), includes support for:
    - ep11 token: master key consistency (LP: #2003629)
    - ica and soft tokens: PKCS #11 3.0 - support AES_XTS (LP: #2003630)
    - ep11 token: PKCS #11 3.0 - support AES_XTS (LP: #2003632)
    - Support of ep11 token for new IBM Z Hardware (IBM z16) (LP: #2003635)
    - ep11 token: vendor specific key derivation (LP: #2003638)
    - key gen. with expected MKVP only on CCA and EP11 tokens (LP: #2003639)
    - p11sak support Dilithium and Kyber keys (LP: #2003669)
  * Remove patch
    d/p/lp-1982842-EP11-Fix-C_GetMechanismList-returning-CKR_BUFFER_TOO.patch
    since it's included in 3.19 and newer.
  * Remove patch
    d/p/lp-1989558-common-fix-memory-leak-in-save_private_token_object.patch
    since it's included in 3.19 and newer.
  * Adjust patch d/p/01-disable-testcases.patch due to minor change in context.
  * Refresh patch d/p/03-dlopen-soname.patch to fix 'fuzz'.
  * Modified patch
    d/p/lp-1982842-move-pkcs11-group-assigment-from-makefile-to-postinst.patch
    due to change in context, refresh it to fix 'fuzz' and remove addgroup
    from Makefile.am, since this is handled in d/opencryptoki.postinst.
  * Add opencryptoki.pc to d/libopencryptoki-dev.install.
  * Add new config file ccatok.conf to d/opencryptoki.install.s390x.
  * Consolidate multiple /etc/opencryptoki/*.conf entries in
    d/opencryptoki.install to one line and make it more generic.
  * Migrate in d/rules from 'dh_install --fail-missing --sourcedir=debian/tmp'
    to 'dh_install --sourcedir=debian/tmp' and 'dh_missing --fail-missing'.
  * Update 'Standards-Version' field in d/control to latest version 4.6.1.0.
  * Expand the copyright year range in d/copyright relfecting the latest code.

-- Frank Heimes <email address hidden> Mon, 13 Feb 2023 10:10:45 +0100

This bug was fixed in the package opencryptoki - 3.20.0+dfsg-0ubuntu1

---------------
opencryptoki (3.20.0+dfsg-0ubuntu1) lunar; urgency=medium

* New upstream release (LP: #2003847), includes support for:
    - ep11 token: master key consistency (LP: #2003629)
    - ica and soft tokens: PKCS #11 3.0 - support AES_XTS (LP: #2003630)
    - ep11 token: PKCS #11 3.0 - support AES_XTS (LP: #2003632)
    - Support of ep11 token for new IBM Z Hardware (IBM z16) (LP: #2003635)
    - ep11 token: vendor specific key derivation (LP: #2003638)
    - key gen. with expected MKVP only on CCA and EP11 tokens (LP: #2003639)
    - p11sak support Dilithium and Kyber keys (LP: #2003669)
  * Remove patch
    d/p/lp-1982842-EP11-Fix-C_GetMechanismList-returning-CKR_BUFFER_TOO.patch
    since it's included in 3.19 and newer.
  * Remove patch
    d/p/lp-1989558-common-fix-memory-leak-in-save_private_token_object.patch
    since it's included in 3.19 and newer.
  * Adjust patch d/p/01-disable-testcases.patch due to minor change in context.
  * Refresh patch d/p/03-dlopen-soname.patch to fix 'fuzz'.
  * Modified patch
    d/p/lp-1982842-move-pkcs11-group-assigment-from-makefile-to-postinst.patch
    due to change in context, refresh it to fix 'fuzz' and remove addgroup
    from Makefile.am, since this is handled in d/opencryptoki.postinst.
  * Add opencryptoki.pc to d/libopencryptoki-dev.install.
  * Add new config file ccatok.conf to d/opencryptoki.install.s390x.
  * Consolidate multiple /etc/opencryptoki/*.conf entries in
    d/opencryptoki.install to one line and make it more generic.
  * Migrate in d/rules from 'dh_install --fail-missing --sourcedir=debian/tmp'
    to 'dh_install --sourcedir=debian/tmp' and 'dh_missing --fail-missing'.
  * Update 'Standards-Version' field in d/control to latest version 4.6.1.0.
  * Expand the copyright year range in d/copyright relfecting the latest code.

-- Frank Heimes <frank.heimes@canonical.com>  Mon, 13 Feb 2023 10:10:45 +0100

Changed in opencryptoki (Ubuntu):
status:	Fix Committed → Fix Released

Frank Heimes (fheimes) on 2023-02-14

Changed in ubuntu-z-systems:
status:	Fix Committed → Fix Released

Ubuntu
opencryptoki package

[23.04 FEAT] openCryptoki ep11 token: master key consistency

Bug Description

Other bug subscribers

Remote bug watches

Affects		Status	Importance	Assigned to	Milestone
	Ubuntu on IBM z Systems	Fix Released	High	Skipper Bug Screeners
	opencryptoki (Ubuntu)	Fix Released	High	Skipper Bug Screeners

Ubuntuopencryptoki package

[23.04 FEAT] openCryptoki ep11 token: master key consistency

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
opencryptoki package