Bug#848113: libcrypt-openssl-rsa-perl: binary incompatibility with libcrypt-openssl-pkcs10-perl (openssl versions)

Niko Tyni ntyni at debian.org
Wed Dec 14 08:49:53 UTC 2016 

Package: libcrypt-openssl-rsa-perl
Version: 0.28-4
Severity: grave
User: debian-perl at lists.debian.org
Usertags: autopkgtest

The libcrypt-openssl-pkcs10-perl recently started failing its autopkgtest
checks, as seen at
 https://ci.debian.net/packages/libc/libcrypt-openssl-pkcs10-perl/unstable/amd64/

The package still builds successfully and passes all the tests.

It looks like there's a binary incompatibility in sid between
libcrypt-openssl-rsa-perl_0.28-4 and libcrypt-openssl-pkcs10-perl_0.16-1,
which can be reduced to

  # perl -MCrypt::OpenSSL::PKCS10 -MCrypt::OpenSSL::RSA -e 'Crypt::OpenSSL::PKCS10->new_from_rsa(Crypt::OpenSSL::RSA->generate_key(1024))'
  Segmentation fault (core dumped)

Backtrace below. Note the different libcrypto versions. Apparently the
packages need to be built against the same openssl version; I haven't
looked into whether that's avoidable.

Filing the bug against libcrypt-openssl-rsa-perl to make sure it
doesn't enter testing as-is, but the minimal fix is to rebuild
libcrypt-openssl-pkcs10-perl.

We probably want some Breaks as well for partial upgrades,
even if they don't directly affect jessie->stretch upgrades
(because perlapi-* dependency makes sure both get upgraded there
in lockstep.) I expect the Breaks are needed on both sides to also
make sure libcrypt-openssl-pkcs10-perl doesn't get updated without
libcrypt-openssl-rsa-perl.

  Core was generated by `perl -MCrypt::OpenSSL::PKCS10 -MCrypt::OpenSSL::RSA -e Crypt::OpenSSL::PKCS10->'.
  Program terminated with signal SIGSEGV, Segmentation fault.
  #0  0x00007f596170644e in BN_clear_free () from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1
  (gdb) bt
  #0  0x00007f596170644e in BN_clear_free () from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1
  #1  0x00007f5961707692 in BN_MONT_CTX_free () from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1
  #2  0x00007f59617d94dd in ?? () from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1
  #3  0x00007f5961ff9482 in RSA_free () from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.2
  #4  0x00007f596202662b in ?? () from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.2
  #5  0x00007f5962026dd8 in EVP_PKEY_free () from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.2
  #6  0x00007f596235190c in XS_Crypt__OpenSSL__PKCS10_DESTROY (my_perl=<optimized out>, cv=0x55dff40e8298)
      at PKCS10.xs:374
  #7  0x000055dff30fb0b0 in Perl_pp_entersub ()
  #8  0x000055dff307186c in Perl_call_sv ()
  #9  0x000055dff30ffd35 in ?? ()
  #10 0x000055dff3100740 in Perl_sv_clear ()
  #11 0x000055dff3100a80 in Perl_sv_free2 ()
  #12 0x000055dff312f377 in Perl_free_tmps ()
  #13 0x000055dff30796f9 in perl_run ()
  #14 0x000055dff305285d in main ()
 
-- 
Niko Tyni   ntyni at debian.org

More information about the pkg-perl-maintainers mailing list