[pkg-opensc-maint] Bug#969559: curl segmentation fauls on any https URL

Bruce Momjian,,, bruce at momjian.us
Mon Sep 14 23:00:50 BST 2020


On Fri, Sep 11, 2020 at 06:28:20PM +0200, Bernhard √úbelacker wrote:
> Dear Maintainer, hello Bruce Momjian,
> with the last informations the issue is perfectly reproducible.
> 
> It looks like a use after free caused by statically stored
> function pointers in libengine-pkcs11-openssl / libp11.
> 
> That led to following upstream bug:
>   https://github.com/OpenSC/libp11/issues/328
> 
> This got fixed in this commit:
>   https://github.com/OpenSC/libp11/commit/e64496a198d4d2eb0310a22dc21be8b81367d319
> 
> This commit is not yet included in an upstream release tag.
> Therefore this error is also visible in current testing.
> 
> I hope it is ok to reassign to libengine-pkcs11-openssl.

Yes, thank you for researching this and closing it.

-- 
  Bruce Momjian  <bruce at momjian.us>        https://momjian.us
  EnterpriseDB                             https://enterprisedb.com

  The usefulness of a cup is in its emptiness, Bruce Lee



More information about the pkg-opensc-maint mailing list