[pkg-opensc-maint] Bug#969559: curl segmentation fauls on any https URL

Bernhard √úbelacker bernhardu at mailbox.org
Fri Sep 11 17:28:20 BST 2020


Dear Maintainer, hello Bruce Momjian,
with the last informations the issue is perfectly reproducible.

It looks like a use after free caused by statically stored
function pointers in libengine-pkcs11-openssl / libp11.

That led to following upstream bug:
  https://github.com/OpenSC/libp11/issues/328

This got fixed in this commit:
  https://github.com/OpenSC/libp11/commit/e64496a198d4d2eb0310a22dc21be8b81367d319

This commit is not yet included in an upstream release tag.
Therefore this error is also visible in current testing.

I hope it is ok to reassign to libengine-pkcs11-openssl.

Kind regards,
Bernhard



More information about the pkg-opensc-maint mailing list