[Bug 1942357] [NEW] Regression in openssl 1.0.1f for trusty/esm after last update

Leonidas S. Barbosa 1942357 at bugs.launchpad.net
Wed Sep 1 17:32:14 UTC 2021 

Public bug reported:

A security regression was reported by Johannes Wegener that is causing a
regression in the last openssl1.0.1f in trusty/esm.

[How to reproduce]
1. Install Openssl/libssl1.0.0 Version 1.0.1f-1ubuntu2.27+esm3 on
ubuntu 14.04
2. openssl s_client -connect wikipedia.org:443 2>&1 < /dev/null | sed -n '/-----BEGIN/,/-----END/p' > wikipedia.pem 
3. openssl x509 -noout -ocsp_uri -in wikipedia.pem 

Expected it prints: http://r3.o.lencr.org
Issue: it's not printing anything.

Thanks Johannes for report this issue.

** Affects: openssl (Ubuntu)
     Importance: Undecided
     Assignee: Leonidas S. Barbosa (leosilvab)
         Status: In Progress

** Affects: openssl (Ubuntu Trusty)
     Importance: Undecided
         Status: Confirmed

** Changed in: openssl (Ubuntu)
       Status: New => In Progress

** Changed in: openssl (Ubuntu)
     Assignee: (unassigned) => Leonidas S. Barbosa (leosilvab)

** Also affects: openssl (Ubuntu Trusty)
   Importance: Undecided
       Status: New

** Changed in: openssl (Ubuntu Trusty)
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1942357

Title:
  Regression in openssl 1.0.1f for trusty/esm after last update

Status in openssl package in Ubuntu:
  In Progress
Status in openssl source package in Trusty:
  Confirmed

Bug description:
  A security regression was reported by Johannes Wegener that is causing
  a regression in the last openssl1.0.1f in trusty/esm.

  [How to reproduce]
  1. Install Openssl/libssl1.0.0 Version 1.0.1f-1ubuntu2.27+esm3 on
  ubuntu 14.04
  2. openssl s_client -connect wikipedia.org:443 2>&1 < /dev/null | sed -n '/-----BEGIN/,/-----END/p' > wikipedia.pem 
  3. openssl x509 -noout -ocsp_uri -in wikipedia.pem 

  Expected it prints: http://r3.o.lencr.org
  Issue: it's not printing anything.

  Thanks Johannes for report this issue.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1942357/+subscriptions

More information about the foundations-bugs mailing list