Sign me up Login

Details about package wolfssl

Name:	wolfssl (PTS)
Uploader:	Jacob Barthelmeh <sirkilamole@msn.com> (Debian QA page)
Description:	libwolfssl44 - wolfSSL encryption library libwolfssl-dev - Development files for the wolfSSL encryption library

Package uploads

Upload #1

Information

Version:	5.8.2-2
Uploaded:	2025-08-12 15:13
Source package:	wolfssl_5.8.2-2.dsc
Distribution:	unstable
Section:	libs
Priority:	optional
Homepage:	https://www.wolfssl.com/products/wolfssl/

Changelog

 wolfssl (5.8.2-2) unstable; urgency=medium
 .
   * update debian/copyright to GPLv3

QA information

–
Package uses debhelper-compat

Debhelper compatibility level 13

–

Package is the latest upstream version

Local:	5.8.2
Upstream:	5.8.2
Url:	https://github.com/wolfSSL/wolfssl/archive/refs/tags/v5.8.2-stable.tar.gz

–
Package is not native

Format: 3.0 (quilt)
–
"Maintainer" email is the same as the uploader
–
Package has lintian warnings
libwolfssl44
- W symbols-declares-dependency-on-other-package
  - #MINVER# (libwolfssl.so.44) [symbols]
- I symbols-file-missing-build-depends-package-field
  - libwolfssl.so.44 [symbols]
wolfssl source
- W missing-license-paragraph-in-dep5-copyright
  - gpl-3+ [debian/copyright:10]
- I out-of-date-standards-version
  - 4.6.1 (released 2022-05-11) (current is 4.7.2)
- I patch-not-forwarded-upstream
  - [debian/patches/multi-arch.patch]
- P source-contains-autogenerated-visual-c++-file
  - [IDE/WIN-SRTP-KDF-140-3/resource.h]
  - [IDE/WIN-SRTP-KDF-140-3/wolfssl-fips.rc]
  - [IDE/WIN10/resource.h]
  - [IDE/WIN10/wolfssl-fips.rc]
  - [resource.h]
- P trailing-whitespace
  - [debian/changelog:123]
- X prefer-uscan-symlink
  - filenamemangle s/.+\/v?(\d\S+)-stable\.tar\.gz/wolfssl-$1\.tar\.gz/ [debian/watch:6]
- X update-debian-copyright
  - 2022 vs 2025 [debian/copyright:126]
- X very-long-line-length-in-source-file
  - 1005 > 512 [mqx/wolfssl_client/.cproject:333]
  - 1006 > 512 [mqx/wolfcrypt_test/.cproject:332]
  - 1007 > 512 [README.md:103]
  - 1007 > 512 [README:98]
  - 1011 > 512 [mqx/wolfcrypt_benchmark/.cproject:340]
  - 1017 > 512 [IDE/MCUEXPRESSO/benchmark/.cproject:709]
  - 1060 > 512 [.codespellexcludelines:9]
  - 1061 > 512 [IDE/IAR-MSP430/main.c:65]
  - 1100 > 512 [scripts/sniffer-tls13-dh-resume.pcap:280]
  - 1186 > 512 [IDE/XilinxSDK/2018_2/.cproject:178]
  - 1192 > 512 [IDE/MCUEXPRESSO/RT1170/wolfcrypt_test_cm7/.cproject:742]
  - 1203 > 512 [ChangeLog.md:949]
  - 1224 > 512 [IDE/MCUEXPRESSO/wolfssl/.cproject:528]
  - 1225 > 512 [IDE/MCUEXPRESSO/wolfcrypt_test/.cproject:765]
  - 1266 > 512 [scripts/sniffer-tls13-ecc-resume.pcap:218]
  - 1285 > 512 [IDE/apple-universal/README.md:90]
  - 1287 > 512 [wolfcrypt/src/fp_mul_comba_48.i:234]
  - 1299 > 512 [IDE/MCUEXPRESSO/RT1170/wolfssl_cm7/.cproject:525]
  - 1540 > 512 [IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/test.scfg:1133]
  - 1541 > 512 [IDE/Renesas/e2studio/RX65N/GR-ROSE/smc/smc.scfg:700]
  - 1575 > 512 [IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/test_HardwareDebug.launch:173]
  - 1576 > 512 [IDE/Renesas/e2studio/RX65N/GR-ROSE/test/test_HardwareDebug.launch:134]
  - 1747 > 512 [wolfcrypt/src/fp_mul_comba_64.i:298]
  - 3160 > 512 [certs/test/cert-over-max-nc.cfg:17]
  - 3205 > 512 [certs/renewcerts/wolfssl.cnf:365]
  - 513 > 512 [IDE/Renesas/e2studio/RX65N/RSK/wolfssl/.cproject:21]
  - 513 > 512 [IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl/.cproject:21]
  - 531 > 512 [IDE/CSBENCH/.cproject:103]
  - 531 > 512 [wolfcrypt/src/fp_mul_comba_20.i:121]
  - 532 > 512 [.github/workflows/pq-all.yml:23]
  - 532 > 512 [IDE/HEXIWEAR/wolfSSL_HW/.cproject:27]
  - 540 > 512 [IDE/Renesas/e2studio/RA6M3/wolfssl/.cproject:188]
  - 540 > 512 [IDE/Renesas/e2studio/RA6M4/wolfssl/.cproject:311]
  - 548 > 512 [IDE/LPCXPRESSO/README.md:16]
  - 550 > 512 [IDE/Renesas/e2studio/Projects/test/.cproject:20]
  - 550 > 512 [IDE/Renesas/e2studio/RX65N/GR-ROSE/smc/.cproject:20]
  - 580 > 512 [wolfcrypt/src/fp_sqr_comba_48.i:285]
  - 583 > 512 [IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md:109]
  - 639 > 512 [wolfcrypt/src/fp_mul_comba_24.i:138]
  - 674 > 512 [doc/dox_comments/header_files-ja/wolfio.h:270]
  - 691 > 512 [IDE/HEXAGON/README.md:4]
  - 738 > 512 [IDE/Renesas/e2studio/RX65N/GR-ROSE/test/.cproject:21]
  - 738 > 512 [IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/.cproject:21]
  - 742 > 512 [scripts/sniffer-tls13-keylog.pcap:97]
  - 747 > 512 [wolfcrypt/src/fp_mul_comba_28.i:154]
  - 760 > 512 [IDE/XilinxSDK/2022_1/wolfCrypt_FreeRTOS_example/.cproject:206]
  - 760 > 512 [IDE/XilinxSDK/2022_1/wolfCrypt_example/.cproject:204]
  - 763 > 512 [doc/dox_comments/header_files-ja/ssl.h:5415]
  - 772 > 512 [wolfcrypt/src/fp_sqr_comba_64.i:365]
  - 780 > 512 [IDE/Espressif/ESP-IDF/test/test_wolfssl.c:627]
  - 787 > 512 [certs/test-stream-dec.p7b:11]
  - 797 > 512 [scripts/sniffer-tls13-dh.pcap:95]
  - 823 > 512 [scripts/sniffer-tls13-ecc.pcap:91]
  - 855 > 512 [wolfcrypt/src/fp_mul_comba_32.i:172]
  - 869 > 512 [LPCExpresso.cproject:113]
  - 893 > 512 [sslSniffer/README.md:537]
  - 915 > 512 [certs/test-ber-exp02-05-2022.p7b:1]
  - 923 > 512 [doc/dox_comments/header_files-ja/types.h:25]
  - 9279 > 512 [doc/formats/html/html_changes/tabs.css:1]
  - 936 > 512 [IDE/LPCXPRESSO/wolf_example/.cproject:138]
  - 936 > 512 [mqx/wolfssl/.cproject:402]
  - 937 > 512 [mqx/util_lib/.cproject:142]
–
No VCS field present
–
Package is already in Debian
- The package uploader is currently maintaining wolfssl in Debian
- Last upload was on the 2025-08-10

–

d/copyright is in DEP5 format

Upstream Contact:	David Garske <david@wolfssl.com>
Licenses:	BSD-3-clause, GPL-2+, GPL-3+, FSFAP, GPL-3+-with-autoconf, Apache-2.0

Comments

Hi,

You have toggled "Needs a sponsor" to "Yes". If you do not have a regular sponsor, please file a Request For Sponsor (RFS)[1] bug.

If you have a regular sponsor, please toggle "Needs a sponsor" to "No".

Further information at: https://mentors.debian.net

I would encourage subscribing to the Debian Mentors mailing list[2]. You may see valuable information, discussion and updates on this list.

[1] https://mentors.debian.net/sponsors/rfs-howto/
[2] https://lists.debian.org/debian-mentors/

Regards

Phil

Phil Wyett at Aug. 13, 2025, 12:58 p.m.

Thanks Phil,

I'm not sure if a sponsor is needed, but likely is? Will check out the "Request For Sponsor (RFS)[1] bug".

Needs work Jacob Barthelmeh at Aug. 13, 2025, 6 p.m.

I am not a Debian Developer (DD) (and can never be, you could say I have been DAM'ed) and have no ability to upload your package, sorry. This review is for your information with no requirement to act upon it.

Jacob,

Review of upload: 2025-08-12 15:13

Test 1 (reproducibility): Information only, not a blocker

* Good

Test 2 (pbuilder build): Information only

* Good

Test 3 (pbuilder build --twice): Information only

* Good

Test 4 (sbuild): Information only

Lintian:

Running lintian...
N:
W: wolfssl source: missing-license-paragraph-in-dep5-copyright gpl-3+ [debian/copyright:10]
N: 
N:   The Files paragraph in the machine readable copyright file references a
N:   license for which no stand-alone License paragraph exists.
N:   
N:   Sometimes this tag appears because of incorrect ordering. Stand-alone
N:   License paragraphs must appear *after* all Files paragraphs.
N: 
N:   Please refer to
N:   https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ and
N:   Bug#959067 for details.
N: 
N:   Visibility: warning
N:   Show-Always: no
N:   Check: debian/copyright/dep5
N: 
N:
W: libwolfssl44: symbols-declares-dependency-on-other-package #MINVER# (libwolfssl.so.44) [symbols]
N: 
N:   This package declares in its symbols control file a dependency on some
N:   other package (and not one listed in the Provides of this package).
N:   
N:   Packages should normally only list in their symbols control file the
N:   shared libraries included in that package, and therefore the dependencies
N:   listed there should normally be satisfied by either the package itself or
N:   one of its Provides.
N:   
N:   In unusual circumstances where it's necessary to declare more complex
N:   dependencies in the symbols control file, please add a Lintian override
N:   for this warning.
N: 
N:   Please refer to Dependencies between the library and other packages
N:   (Section 8.6) in the Debian Policy Manual for details.
N: 
N:   Visibility: warning
N:   Show-Always: no
N:   Check: debian/shlibs
N: 
N:
I: wolfssl source: out-of-date-standards-version 4.6.1 (released 2022-05-11) (current is 4.7.2)
N: 
N:   The source package refers to a Standards-Version older than the one that
N:   was current at the time the package was created (according to the
N:   timestamp of the latest debian/changelog entry). Please consider updating
N:   the package to current Policy and setting this control field
N:   appropriately.
N:   
N:   If the package is already compliant with the current standards, you don't
N:   have to re-upload the package just to adjust the Standards-Version control
N:   field. However, please remember to update this field next time you upload
N:   the package.
N:   
N:   See /usr/share/doc/debian-policy/upgrading-checklist.txt.gz in the
N:   debian-policy package for a summary of changes in newer versions of
N:   Policy.
N: 
N:   Please refer to
N:   https://www.debian.org/doc/debian-policy/upgrading-checklist.html for
N:   details.
N: 
N:   Visibility: info
N:   Show-Always: no
N:   Check: fields/standards-version
N: 
N:
I: wolfssl source: patch-not-forwarded-upstream [debian/patches/multi-arch.patch]
N: 
N:   According to the DEP-3 headers, this patch has not been forwarded
N:   upstream.
N:   
N:   Please forward the patch and try to have it included in upstream's version
N:   control system. If the patch is not suitable for that, please mention
N:   not-needed in the Forwarded field of the patch header.
N: 
N:   Please refer to social contract item 2, Coordination with upstream
N:   developers (Section 3.1.4) in the Debian Developer's Reference, Changes to
N:   the upstream sources (Section 4.3) in the Debian Policy Manual, and
N:   Bug#755153 for details.
N: 
N:   Visibility: info
N:   Show-Always: no
N:   Check: debian/patches/dep3
N:   Renamed from: send-patch
N: 
N:
I: libwolfssl44: symbols-file-missing-build-depends-package-field libwolfssl.so.44 [symbols]
N: 
N:   The symbols file for this package does not contain a Build-Depends-Package
N:   meta-information field.
N:   
N:   This field specifies the name of the -dev package associated to the
N:   library and is used by dpkg-shlibdeps(1) to make sure that the dependency
N:   generated is at least as strict as the corresponding build dependency.
N:   
N:   This is useful as allows packages to not hardcode this information
N:   multiple times.
N:   
N:   Note that the format of deb-symbols(5) files requires that the *
N:   Build-Depends-Package: line should start in column one of the file and not
N:   be indented to align with the symbols themselves. Please do not use the
N:   placeholder #PACKAGE#. The development package for your shared library
N:   must be stated explicitly.
N: 
N:   Please refer to The symbols File Format (Section 8.6.3.2) in the Debian
N:   Policy Manual, the deb-symbols(5) manual page, the dpkg-shlibdeps(1)
N:   manual page,
N:   https://www.debian.org/doc/manuals/maint-guide/advanced.en.html#librarysymbols,
N:   and Bug#944047 for details.
N: 
N:   Visibility: info
N:   Show-Always: no
N:   Check: debian/shlibs
N: 
N:
P: wolfssl source: source-contains-autogenerated-visual-c++-file [IDE/WIN-SRTP-KDF-140-3/resource.h]
N: 
N:   The following file is autogenerated by Microsoft Visual C++.
N:   
N:   They are usually provided for the convenience of users. These files
N:   usually just take up space in the tarball and are of no use in Debian.
N:   
N:   Check if upstream also provides source-only tarballs that you can use as
N:   the upstream distribution instead. If not, you may want to ask upstream to
N:   provide source-only tarballs.
N: 
N:   Visibility: pedantic
N:   Show-Always: no
N:   Check: cruft
N: 
N:
P: wolfssl source: source-contains-autogenerated-visual-c++-file [IDE/WIN-SRTP-KDF-140-3/wolfssl-fips.rc]
N:
P: wolfssl source: source-contains-autogenerated-visual-c++-file [IDE/WIN10/resource.h]
N:
P: wolfssl source: source-contains-autogenerated-visual-c++-file [IDE/WIN10/wolfssl-fips.rc]
N:
P: wolfssl source: source-contains-autogenerated-visual-c++-file [resource.h]
N:
P: wolfssl source: trailing-whitespace [debian/changelog:123]
N: 
N:   This file contains lines with trailing whitespace characters.
N:   
N:   Whilst often harmless and unsightly, such extra whitespaces can also cause
N:   tools to interpret the whitespace characters literally. The tool diff(1)
N:   does not like them, either. They are best avoided.
N:   
N:   Some of these problems can be hard to track down.
N:   
N:   Whitespace at the end of lines may be removed with the following:
N:   
N:    $ sed -i -e 's@[[:space:]]*$@@g' debian/control debian/changelog
N:   
N:   If you use Emacs, you can also use "M-x wh-cl" (whitespace-cleanup).
N:   
N:   However, if you wish to only remove trailing spaces and leave trailing
N:   tabs (eg. for Makefiles), you can use the following code snippet:
N:   
N:    $ sed -i -e 's@[ ]*$@@g' debian/rules
N:   
N:   To remove empty lines from the end of a file, you can use:
N:   
N:    $ sed -i -e :a -e '/^\n*$/{$d;N;};/\n$/ba' debian/rules
N: 
N:   Visibility: pedantic
N:   Show-Always: no
N:   Check: debian/trailing-whitespace
N:   Renamed from: file-contains-trailing-whitespace
N: 

E: Lintian run failed (policy violation)

Test 5 (ratt): Information only, not a blocker

Note: Possible false positives.

2025/08/14 14:30:49 Build results:
2025/08/14 14:30:49 PASSED: transmission
2025/08/14 14:30:49 FAILED: vdeplug-agno (see buildlogs/vdeplug-agno_0.1.1-1)
2025/08/14 14:30:49 FAILED: lighttpd (see buildlogs/lighttpd_1.4.79-2)
2025/08/14 14:30:49 FAILED: sip-tester (see buildlogs/sip-tester_1:3.7.3-2)
2025/08/14 14:30:49 FAILED: kamailio (see buildlogs/kamailio_6.0.2-2)
2025/08/14 14:30:49 FAILED: swupdate (see buildlogs/swupdate_2024.12.1+dfsg-3)

Test 6 (debian/watch): Information only

philwyett@ks-tarkin:~/build/wolfssl-5.8.2$ uscan --dehs 
uscan warn: Found multiple concatenated ASCII Armor blocks in
  debian/upstream/signing-key.asc, which is not an interoperable construct.
  See <https://tests.sequoia-pgp.org/results.html#ASCII_Armor>.
  Please concatenate them into a single ASCII Armor block. For example:
    sq keyring merge --overwrite --output debian/upstream/signing-key.asc \
      debian/upstream/signing-key.asc
<dehs>
<package>wolfssl</package>
<debian-uversion>5.8.2</debian-uversion>
<debian-mangled-uversion>5.8.2</debian-mangled-uversion>
<upstream-version>5.8.2</upstream-version>
<upstream-url>https://github.com/wolfSSL/wolfssl/archive/refs/tags/v5.8.2-stable.tar.gz</upstream-url>
<status>up to date</status>
</dehs>

Test 7 (licenserecon): Information only

philwyett@ks-tarkin:~/build/wolfssl-5.8.2$ lrc
en: Versions: licenserecon '6.0'  licensecheck '3.3.9-1'

Parsing Source Tree  ....
Reading d/copyright  ....
Running licensecheck ....

d/copyright      | licensecheck

GPL-3+           | GPL-2             IDE/XilinxSDK/bench.sh
GPL-3+           | GPL-2             IDE/XilinxSDK/combine.sh
GPL-3+           | GPL-2             IDE/XilinxSDK/graph.sh
GPL-3+-with-autoconf| GPL-3+ with Autoconf-2.0~Archive exception m4/ax_append_compile_flags.m4
GPL-3+-with-autoconf| GPL-3+ with Autoconf-2.0~Archive exception m4/ax_append_flag.m4
GPL-3+-with-autoconf| GPL-3+ with Autoconf-2.0~Archive exception m4/ax_append_link_flags.m4
GPL-3+-with-autoconf| GPL-3+ with Autoconf-2.0~Archive exception m4/ax_check_compile_flag.m4
GPL-3+-with-autoconf| GPL-3+ with Autoconf-2.0~Archive exception m4/ax_check_library.m4
GPL-3+-with-autoconf| GPL-3+ with Autoconf-2.0~Archive exception m4/ax_check_link_flag.m4
BSD-3-clause     | FSFAP             m4/ax_compiler_version.m4
GPL-3+-with-autoconf| GPL-3+ with Autoconf-2.0~Archive exception m4/ax_create_generic_config.m4
GPL-3+           | FSFAP             m4/ax_require_defined.m4
GPL-3+-with-autoconf| GPL-3+ with Autoconf-2.0~Archive exception m4/ax_tls.m4
GPL-3+           | FSFULLR           m4/visibility.m4
GPL-3+           | GPL-3             rpm/spec.in
GPL-3+           | GPL-2             scripts/bench/bench_functions.sh
GPL-2+           | GPL-3+            wolfcrypt/src/camellia.c
GPL-2+           | GPL-3+            wolfssl/wolfcrypt/camellia.h
GPL-3+           | GPL-2+            wrapper/Ada/spark_sockets.adb
GPL-3+           | GPL-2+            wrapper/Ada/spark_sockets.ads
GPL-3+           | GPL-2+            wrapper/Ada/spark_terminal.ads
GPL-3+           | GPL-2+            wrapper/Ada/tls_client.adb
GPL-3+           | GPL-2+            wrapper/Ada/tls_client.ads
GPL-3+           | GPL-2+            wrapper/Ada/tls_client_main.adb
GPL-3+           | GPL-2+            wrapper/Ada/tls_server.adb
GPL-3+           | GPL-2+            wrapper/Ada/tls_server.ads
GPL-3+           | GPL-2+            wrapper/Ada/tls_server_main.adb
GPL-3+           | GPL-2+            wrapper/Ada/wolfssl.adb
GPL-3+           | GPL-2+            wrapper/Ada/wolfssl.ads

Summary
=======

Quite a few issues that you may wish to look at.

Regards

Phil

Needs work Phil Wyett at Aug. 14, 2025, 1:33 p.m.