[Bug 1832659] Reminder of SRU verification policy change

Wed Jun 19 19:29:36 UTC 2019

Thank you for taking the time to verify this stable release fix.  We
have noticed that you have used the verification-done tag for marking
the bug as verified and would like to point out that due to a recent
change in SRU bug verification policy fixes now have to be marked with
per-release tags (i.e. verification-done-$RELEASE).  Please remove the
verification-done tag and add one for the release you have tested the
package in.  Thank you!

https://wiki.ubuntu.com/StableReleaseUpdates#Verification

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1832659

Title:
  openssl 1.1.1-1ubuntu2.1~18.04.1 contains upstream bug 7350

Status in OpenSSL:
  Fix Released
Status in openssl package in Ubuntu:
  Fix Released
Status in openssl source package in Bionic:
  Fix Committed
Status in openssl source package in Cosmic:
  Fix Committed
Status in openssl source package in Disco:
  Fix Released
Status in openssl source package in Eoan:
  Fix Released

Bug description:
  [Impact]

   * Regression was introduced in OpenSSL 1.1.1 and fixed in 1.1.1b that prevents initialising libcrypto/libssl multiple times, and/or with different options.
   * This breaks existing applications that correctly use init API, ie. initialise libcrypto before/separately from libssl and/or with different options.

  [Test Case]

   * wget
  https://bugs.launchpad.net/ubuntu/cosmic/+source/openssl/+bug/1832659/+attachment/5270802/+files/test_multiple_libssl_libcrypto_init.py

   * python3 ./test_multiple_libssl_libcrypto_init.py

  test_multiple_init (__main__.TestMultipleInit) ... ok

  ----------------------------------------------------------------------
  Ran 1 test in 0.014s

  OK

  [Regression Potential]

   * This is a cherrypick from upstream, and is backwards compatible
  with existing code. Simply init succeeds under more conditions now,
  than it did previously in 1.1.1. Also with this fix, OpenSSL is back
  to how things used to work with 1.1.0 and prior releases.

  [Original Bug report]

  After the update of openssl in bionic, I started having an issue and
  after troubleshooting found this issue:

  https://github.com/openssl/openssl/issues/7350

  Applying the patch linked in that issue and rebuilding the openssl
  package avoided the issue.

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: openssl 1.1.1-1ubuntu2.1~18.04.1
  ProcVersionSignature: Ubuntu 4.15.0-51.55-generic 4.15.18
  Uname: Linux 4.15.0-51-generic x86_64
  ApportVersion: 2.20.9-0ubuntu7.6
  Architecture: amd64
  Date: Thu Jun 13 00:21:16 2019
  InstallationDate: Installed on 2019-06-12 (0 days ago)
  InstallationMedia: Ubuntu-Server 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: openssl
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssl/+bug/1832659/+subscriptions