Bug#768841: libgnutls-deb0-28: SIGABRT when loading certificates
Andreas Metzler
ametzler at bebt.de
Mon Nov 10 18:56:47 UTC 2014
Control: severity -1 serious
On 2014-11-09 "Marc Dequènes (Duck)" <duck at duckcorp.org> wrote:
> Package: libgnutls-deb0-28
> Version: 3.3.8-3
> Severity: grave
> Justification: breaks related softwares (minbif, ircd-ratbox)
> Control: affects -1 = minbif ircd-ratbox
[...]
> Reverting the certificates (which are still valid until the end of the
> month) did not help. Downgrading gnutls to 3.3.8-2 (before the rusage patch)
> did not help either.
> I find two things disturbing. First, fd 3 is used to read the public key,
> closed, but then read again which fails and the abort is done shortly
> afterwards. Second, rnd_func() fails like if there was no entropy available,
> but /proc/sys/kernel/random/entropy_avail proves it wrong (the machine has a
> hardware generator with rngd).
[...]
Hello,
This sounds somehow similar to <https://cups.org/str.php?L4484> which
this change in GnuTLS 3.3.10 should work around:
** libgnutls: When gnutls_global_init() is called for a second time, it
will check whether the /dev/urandom fd kept is still open and matches
the original one. That behavior works around issues with servers that
close all file descriptors.
Could you check whether upgrading to 3.3.10 (just uploaded to
experimental) fixes the issues you reported, too?
cu Andreas
PS: Looking at
<https://www.debian.org/Bugs/Developer.en.html#severities> this seems
to match "a bug which has a major effect on the usability of a
package, without rendering it completely unusable to everyone" which
would be "important", not "grave".
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Pkg-gnutls-maint
mailing list