[Pkg-openssl-devel] Bug#414283: libssl0.9.8: shlibs dependencies aren't strict enough

Adrian Bunk bunk at stusta.de
Sat Mar 10 17:28:31 CET 2007


Package: libssl0.9.8
Version: 0.9.8e-3
Severity: serious


I upgraded openssl to 0.9.8e-3 while still having libssl0.9.8 0.9.8c-4
installed.


Today, I upgraded the ca-certificates package.

fetchmail then refused fetching any emails saying
  29033:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed:s3_clnt.c:894:


It took me some time until I ran "update-ca-certificates -f -v"
which told me the actual problem, there were tons of:

...
openssl: relocation error: openssl: symbol EVP_MD_type, version OPENSSL_0.9.8 not defined in file libcrypto.so.0.9.8 with link time reference
unable to load certificate
29775:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1296:
29775:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:380:Type=X509
WARNING: Skipping duplicate certificate signet_tsa1_pem.pem
unable to load certificate
29777:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:644:Expecting: TRUSTED CERTIFICATE
openssl: relocation error: openssl: symbol EVP_MD_type, version OPENSSL_0.9.8 no...


Upgrading libssl0.9.8 to 0.9.8e-3 fixed this issue.


$ cat /var/lib/dpkg/info/libssl0.9.8.shlibs 
libcrypto 0.9.8 libssl0.9.8 (>= 0.9.8c-1)
libssl 0.9.8 libssl0.9.8 (>= 0.9.8c-1)
udeb: libcrypto 0.9.8 libcrypto0.9.8-udeb (>= 0.9.8c-1)
udeb: libssl 0.9.8 libcrypto0.9.8-udeb (>= 0.9.8c-1)
$ 




More information about the Pkg-openssl-devel mailing list