Details about package wolfssl

Package uploads

Upload #1

Information

Changelog

 wolfssl (5.8.2-1) unstable; urgency=medium
 .
   * New upstream release
   * Fix for CVE-2025-7395, CVE-2025-7394, CVE-2025-7396

QA information

• –
  Package uses debhelper-compat
  Debhelper compatibility level 13
• –
  Package is the latest upstream version

  Local:	5.8.2
  Upstream:	5.8.2
  Url:	https://github.com/wolfSSL/wolfssl/archive/refs/tags/v5.8.2-stable.tar.gz

• –
  Package is not native

  Format:

  3.0 (quilt)

• –
  "Maintainer" email is the same as the uploader
• –
  Package has lintian warnings
  libwolfssl44

  • W symbols-declares-dependency-on-other-package
    • #MINVER# (libwolfssl.so.44) [symbols]
  • I symbols-file-missing-build-depends-package-field
    • libwolfssl.so.44 [symbols]

  wolfssl source

  • I out-of-date-standards-version
    • 4.6.1 (released 2022-05-11) (current is 4.7.2)
  • I patch-not-forwarded-upstream
    • [debian/patches/multi-arch.patch]
  • P source-contains-autogenerated-visual-c++-file
    • [IDE/WIN-SRTP-KDF-140-3/resource.h]
    • [IDE/WIN-SRTP-KDF-140-3/wolfssl-fips.rc]
    • [IDE/WIN10/resource.h]
    • [IDE/WIN10/wolfssl-fips.rc]
    • [resource.h]
  • P trailing-whitespace
    • [debian/changelog:117]
  • X prefer-uscan-symlink
    • filenamemangle s/.+\/v?(\d\S+)-stable\.tar\.gz/wolfssl-$1\.tar\.gz/ [debian/watch:6]
  • X update-debian-copyright
    • 2022 vs 2025 [debian/copyright:126]
  • X very-long-line-length-in-source-file
    • 1005 > 512 [mqx/wolfssl_client/.cproject:333]
    • 1006 > 512 [mqx/wolfcrypt_test/.cproject:332]
    • 1007 > 512 [README.md:103]
    • 1007 > 512 [README:98]
    • 1011 > 512 [mqx/wolfcrypt_benchmark/.cproject:340]
    • 1017 > 512 [IDE/MCUEXPRESSO/benchmark/.cproject:709]
    • 1060 > 512 [.codespellexcludelines:9]
    • 1061 > 512 [IDE/IAR-MSP430/main.c:65]
    • 1100 > 512 [scripts/sniffer-tls13-dh-resume.pcap:280]
    • 1186 > 512 [IDE/XilinxSDK/2018_2/.cproject:88]
    • 1192 > 512 [IDE/MCUEXPRESSO/RT1170/wolfcrypt_test_cm7/.cproject:742]
    • 1203 > 512 [ChangeLog.md:949]
    • 1224 > 512 [IDE/MCUEXPRESSO/wolfssl/.cproject:528]
    • 1225 > 512 [IDE/MCUEXPRESSO/wolfcrypt_test/.cproject:765]
    • 1266 > 512 [scripts/sniffer-tls13-ecc-resume.pcap:218]
    • 1285 > 512 [IDE/apple-universal/README.md:90]
    • 1287 > 512 [wolfcrypt/src/fp_mul_comba_48.i:234]
    • 1299 > 512 [IDE/MCUEXPRESSO/RT1170/wolfssl_cm7/.cproject:525]
    • 1540 > 512 [IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/test.scfg:1133]
    • 1541 > 512 [IDE/Renesas/e2studio/RX65N/GR-ROSE/smc/smc.scfg:700]
    • 1575 > 512 [IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/test_HardwareDebug.launch:173]
    • 1576 > 512 [IDE/Renesas/e2studio/RX65N/GR-ROSE/test/test_HardwareDebug.launch:134]
    • 1747 > 512 [wolfcrypt/src/fp_mul_comba_64.i:298]
    • 3160 > 512 [certs/test/cert-over-max-nc.cfg:17]
    • 3205 > 512 [certs/renewcerts/wolfssl.cnf:365]
    • 513 > 512 [IDE/Renesas/e2studio/RX65N/RSK/wolfssl/.cproject:21]
    • 513 > 512 [IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl/.cproject:21]
    • 531 > 512 [IDE/CSBENCH/.cproject:103]
    • 531 > 512 [wolfcrypt/src/fp_mul_comba_20.i:121]
    • 532 > 512 [.github/workflows/pq-all.yml:23]
    • 532 > 512 [IDE/HEXIWEAR/wolfSSL_HW/.cproject:27]
    • 540 > 512 [IDE/Renesas/e2studio/RA6M3/wolfssl/.cproject:188]
    • 540 > 512 [IDE/Renesas/e2studio/RA6M4/wolfssl/.cproject:311]
    • 548 > 512 [IDE/LPCXPRESSO/README.md:16]
    • 550 > 512 [IDE/Renesas/e2studio/Projects/test/.cproject:20]
    • 550 > 512 [IDE/Renesas/e2studio/RX65N/GR-ROSE/smc/.cproject:20]
    • 580 > 512 [wolfcrypt/src/fp_sqr_comba_48.i:285]
    • 583 > 512 [IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md:109]
    • 639 > 512 [wolfcrypt/src/fp_mul_comba_24.i:138]
    • 674 > 512 [doc/dox_comments/header_files-ja/wolfio.h:270]
    • 691 > 512 [IDE/HEXAGON/README.md:4]
    • 738 > 512 [IDE/Renesas/e2studio/RX65N/GR-ROSE/test/.cproject:21]
    • 738 > 512 [IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/.cproject:21]
    • 742 > 512 [scripts/sniffer-tls13-keylog.pcap:97]
    • 747 > 512 [wolfcrypt/src/fp_mul_comba_28.i:154]
    • 760 > 512 [IDE/XilinxSDK/2022_1/wolfCrypt_FreeRTOS_example/.cproject:206]
    • 760 > 512 [IDE/XilinxSDK/2022_1/wolfCrypt_example/.cproject:204]
    • 763 > 512 [doc/dox_comments/header_files-ja/ssl.h:5415]
    • 772 > 512 [wolfcrypt/src/fp_sqr_comba_64.i:365]
    • 780 > 512 [IDE/Espressif/ESP-IDF/test/test_wolfssl.c:627]
    • 787 > 512 [certs/test-stream-dec.p7b:11]
    • 797 > 512 [scripts/sniffer-tls13-dh.pcap:95]
    • 823 > 512 [scripts/sniffer-tls13-ecc.pcap:91]
    • 855 > 512 [wolfcrypt/src/fp_mul_comba_32.i:172]
    • 869 > 512 [LPCExpresso.cproject:113]
    • 893 > 512 [sslSniffer/README.md:537]
    • 915 > 512 [certs/test-ber-exp02-05-2022.p7b:1]
    • 923 > 512 [doc/dox_comments/header_files-ja/types.h:25]
    • 9279 > 512 [doc/formats/html/html_changes/tabs.css:1]
    • 936 > 512 [IDE/LPCXPRESSO/wolf_example/.cproject:138]
    • 936 > 512 [mqx/wolfssl/.cproject:402]
    • 937 > 512 [mqx/util_lib/.cproject:142]
• –
  No VCS field present
• –
  Package is already in Debian
  • The package uploader is currently maintaining wolfssl in Debian
  • Last upload was on the 2024-09-23
• –
  d/copyright is in DEP5 format

  Upstream Contact:	David Garske <david@wolfssl.com>
  Licenses:	Apache-2.0, FSFAP, GPL-3+-with-autoconf, GPL-2+, BSD-3-clause

Comments

1. Hi Jacob,
   
   As wolfSSL has switched to GPL-3+ the debian/copyright file has to be changed accordingly. Are you aware that the only reason that wolfssl made it to Debian was its compatibility with GPL-2? My involvement in uploading the package is going to cease after uploading the new GPL-3+ version because I am only interested in it for that reason.
   
   Thanks,
   Bastian

   Needs work Bastian Germann at Aug. 4, 2025, 10:07 a.m.

2. You have added --disable-crl-monitor for kFreeBSD, which is no longer existing. I think this option should not be added. The patch should still be dropped.
   
   The --enable-oldtls change is not documented in debian/changelog.

   Needs work Bastian Germann at Aug. 4, 2025, 12:34 p.m.

3. Hi,
   
   You have toggled "Needs a sponsor" to "Yes". If you do not have a regular sponsor, please file a Request For Sponsor (RFS)[1] bug.
   
   If you have a regular sponsor, please toggle "Needs a sponsor" to "No".
   
   Further information at: https://mentors.debian.net
   
   I would encourage subscribing to the Debian Mentors mailing list[2]. You may see valuable information, discussion and updates on this list.
   
   [1] https://mentors.debian.net/sponsors/rfs-howto/
   [2] https://lists.debian.org/debian-mentors/
   
   Regards
   
   Phil

   Phil Wyett at Aug. 8, 2025, 8:08 a.m.

4. sip-tester builds without --enable-oldtls now, so that change is okay from a distribution perspective.

   Bastian Germann at Aug. 10, 2025, 12:13 p.m.

© 2008-2022 mentors.debian.net - Hosting and hardware provided by Wavecon - Source code and bugs (Version 1305f48) - Contact Auto Light Dark