[Pkg-openssl-devel] Bug#703031: libssl1.0.0: Segfault in SSL_get_certificate (1.0.1e-1)

Bernhard Miklautz bernhard.miklautz at shacknet.at
Thu Mar 14 13:35:04 UTC 2013


Package: libssl1.0.0
Version: 1.0.1e-1
Severity: important
Tags: patch upstream

SSL_get_certificate results in a segfault when called before SSL_accept.
Attached you find sample code that triggres the problem.

In in the upstream openssl git repository this problem is already fixed
with commit 147dbb2fe3bead7a10e2f280261b661ce7af7adc in the
OpenSSL_1_0_1-stable branch (patch also attached).

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.8.0 (SMP w/12 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libssl1.0.0 depends on:
ii  debconf [debconf-2.0]  1.5.49
ii  libc6                  2.13-38
ii  multiarch-support      2.13-38
ii  zlib1g                 1:1.2.7.dfsg-13

libssl1.0.0 recommends no packages.

libssl1.0.0 suggests no packages.

-- debconf information:
  libssl1.0.0/restart-failed:
  libssl1.0.0/restart-services:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 147dbb2fe3bead7a10e2f280261b661ce7af7adc.diff
Type: text/x-diff
Size: 798 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-openssl-devel/attachments/20130314/e8678b01/attachment.diff>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ssl_test.c
Type: text/x-csrc
Size: 1101 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-openssl-devel/attachments/20130314/e8678b01/attachment.c>


More information about the Pkg-openssl-devel mailing list