[Debian-iot-maintainers] Bug#1126421: libmbedcrypto16: Package long description out of date

Cliff Kilby cliffjkilby at gmail.com
Sun Jan 25 18:02:00 GMT 2026 

Package: libmbedcrypto16
X-Debbugs-Cc: cliffjkilby at gmail.com
Version: 3.6.5-0.1~deb13u1
Severity: wishlist

Dear Maintainer,

In the 3.6.5.orig download the following configs appear to have changed
from the long description.


Blowfish, ARC4, XTEA, TLS1.0 and 1.1 no longer appear in the config.


A suggested long description as 3.6.5 is configured, follows:

****


mbed TLS (formerly known as PolarSSL) is a lean open source crypto library
for

providing SSL and TLS support in your programs. It offers an intuitive API
and

documented header files, so you can actually understand what the code does.


It features:

- Symmetric algorithms: AES, Camellia, ARIA, ChaCha20-Poly1305, DES/3DES

- Hash algorithms: MD5, SHA-1, SHA-2(224/256/384/512), SHA-3, RIPEMD-160

- Entropy pool, and random generators: CTR-DRBG, HMAC-DRBG

- Public key algorithms: PSK, DHE, ECDHE, RSA, ECDH

- Short Weierstrass curves (supporting ECP, ECDH, ECDSA): SECP192R1,
SECP224R1, SECP256R1, SECP384R1, SECP521R1, SECP192K1, SECP224K1,
SECP256K1, BP256R1, BP384R1, BP512R1

- Montgomery curves (supporting ECP): CURVE25519, CURVE448

- TLS 1.2 and 1.3. DTLS 1.2.

- Abstraction layers for ciphers, hashes, public key operations, platform

abstraction and threading


This package contains the shared library handling cryptography.


***

I believe this level of detail is important, as the package implements its
own TLS rather than abstracting from the system's openssl or gnutls, and
may enable a feature (like DES) that has been disabled elsewhere. It is
worth noting I am not developing against this library, and my suggested
changes are from me reading the published config file. I would strongly
urge review by someone who is more familiar with this project.


-- System Information:
Debian Release: 13.3
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500,
'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.12.63+deb13-amd64 (SMP w/24 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE
not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: SELinux: enabled - Mode: Enforcing - Policy name: default

Versions of packages libmbedcrypto16 depends on:
ii  libc6  2.41-12+deb13u1

libmbedcrypto16 recommends no packages.

libmbedcrypto16 suggests no packages.

-- debconf-show failed
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-iot-maintainers/attachments/20260125/678df3f3/attachment.htm>

More information about the Debian-iot-maintainers mailing list