Bug#837700: gnutls: GNUTLS segfaults on initialization

[J Phelps]

>Can you provide a (simple) way to reproduce the issue?

Reproduction was simple on my machine: Just try to run Chromium 53.0.2785.92,
which depends on libgnutls30. It crashed immediately.

I had just upgraded from a much older version of Chromium (in the 30s IIRC)
using Aptitude.

Running it under GDB showed that the segfault happened in Nettle.

>Your diagnosis cannot be completely correct. e.g. libgnutls30
>3.5.4-2 on i386 (which you reported the issue against) was built against
>nettle-dev i386 3.2-1 which continues to be the latest version of nettle
>available in Debian. So you cannot experience a breakage in Debian
>caused by the Debian-installed nettle version being newer and having a
>different ABI than the version GnuTLS was built against.

I think that the binary in the .deb package was compiled from a different
Nettle source than the one that you find in the corresponding .dsc package.
Otherwise, compiling the .dsc package should have given me a binary that was
compatible with the one that was already installed on my system.

Instead, I had unresolved symbols (I don't remember which ones), and I had
to go to Nettle's Git repository (https://git.lysator.liu.se/nettle/nettle)
to find source code that could produce a linkable library. The symbols
that were unresolved were only found in the "ecc-support" branch of that
repo. Compiling from the trunk led to the same symbols being unresolved.

The recompiled library produced the same crash as the original binary. The
diagnosis was done with the Git version of Nettle and the .dsc version of
libgnutls.