[pkg-opensc-maint] Bug#969559: curl segmentation fauls on any https URL
Bruce Momjian,,,
bruce at momjian.us
Mon Sep 14 23:00:50 BST 2020
On Fri, Sep 11, 2020 at 06:28:20PM +0200, Bernhard Übelacker wrote:
> Dear Maintainer, hello Bruce Momjian,
> with the last informations the issue is perfectly reproducible.
>
> It looks like a use after free caused by statically stored
> function pointers in libengine-pkcs11-openssl / libp11.
>
> That led to following upstream bug:
> https://github.com/OpenSC/libp11/issues/328
>
> This got fixed in this commit:
> https://github.com/OpenSC/libp11/commit/e64496a198d4d2eb0310a22dc21be8b81367d319
>
> This commit is not yet included in an upstream release tag.
> Therefore this error is also visible in current testing.
>
> I hope it is ok to reassign to libengine-pkcs11-openssl.
Yes, thank you for researching this and closing it.
--
Bruce Momjian <bruce at momjian.us> https://momjian.us
EnterpriseDB https://enterprisedb.com
The usefulness of a cup is in its emptiness, Bruce Lee
More information about the pkg-opensc-maint
mailing list