[Pkg-openssl-devel] Bug#1028898: openssl: Regression, SIGSEGV when using engines
ValdikSS
iam at valdikss.org.ru
Sat Jan 14 15:03:52 GMT 2023
Package: openssl
Version: 3.0.7-1
Severity: important
Tags: patch
X-Debbugs-Cc: iam at valdikss.org.ru
Dear Maintainer,
OpenSSL 3.0.7-1 shipped in current Testing has a bug which causes SIGSEGV
in different applications if OpenSSL if configured to use engines.
People on OpenSSL bug tracker reported issues with devcrypto engine,
which causes SSHd crashes and inability to connect,
and for me it crashes when using VIA Padlock engine.
Upstream fix available, applies cleanly to 3.0.7, tested by me:
https://github.com/openssl/openssl/commit/d0f8056c47f7aea40a34815fe459404f14501e81.patch
Other bug reports:
https://github.com/openssl/openssl/issues/17995
https://github.com/openssl/openssl/issues/18578
-- System Information:
Debian Release: bookworm/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 6.0.0-6-686-pae (SMP w/1 CPU thread; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages openssl depends on:
ii libc6 2.36-7
ii libssl3 3.0.7-1
openssl recommends no packages.
Versions of packages openssl suggests:
ii ca-certificates 20211016
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-openssl-devel/attachments/20230114/8a412384/attachment.sig>
More information about the Pkg-openssl-devel
mailing list