[Pkg-openssl-devel] Bug#804487: Bug#804487: openssl_1.0.2d-3 breaks mumble and mumble-server after binNMU
Chris Knadle
Chris.Knadle at coredump.us
Sun Mar 13 17:23:56 UTC 2016
Chris Knadle:
> Mikkel Krautz:
>[...]
> When a new OpenSSL comes down containing a library rename, the Mumble #2124
> patch will disallow multiple libssl/libcrypto load and Mumble will break.
> Besides Mumble not being functional, the broken behavior deletes the user's
> SSL key used with Mumble and the automatic backup of it, replacing the
> latter with an empty file. This harms the user's trust and represents a bug
> of severity "grave".
Sorry -- the patch doesn't cause the SSL key deletion, the different
libssl/libcrypto library versions without SSL initialization did. The above
erroneous wording happened due to paragraph re-arranging.
-- Chris
--
Chris Knadle
Chris.Knadle at coredump.us
More information about the Pkg-openssl-devel
mailing list