[Bug 1974037] Please test proposed package
Łukasz Zemczak
1974037 at bugs.launchpad.net
Thu Jun 9 14:26:53 UTC 2022
Hello Simon, or anyone else affected,
Accepted openssl into jammy-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/openssl/3.0.2-0ubuntu1.4 in a few
hours, and then in the -proposed repository.
Please help us by testing this new package. See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed. Your feedback will aid us getting this
update out to other Ubuntu users.
If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
jammy to verification-done-jammy. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-jammy. In either case, without details of your testing we will
not be able to proceed.
Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in
advance for helping!
N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1974037
Title:
openssl: EVP_EC_gen() segfault without init
Status in openssl package in Ubuntu:
Fix Released
Status in openssl source package in Jammy:
Fix Committed
Status in openssl source package in Kinetic:
Fix Released
Status in openssl package in Debian:
Fix Released
Bug description:
[Impact]
The fix for
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1968997 has
broken some code paths as the new string comparison functions now need
initialization, triggering segafults.
The provided debdiff fixes the immediate issue and also settles on a
new implementation not requiring the initialization in the first
place.
[Test Plan]
Since this is a regression fix, we first need to check that the
original bug hasn't cropped up again:
sudo locale-gen tr_TR.UTF-8
LANG=C curl https://ubuntu.com/ > /dev/null # This work
LANG=tr_TF.UTF-8 curl https://ubuntu.com/ > /dev/null # This should work as well
For the regression itself:
sudo apt install libssl-dev
cat <<EOF > openssl_test.c
#include <openssl/evp.h>
int main()
{
EVP_PKEY_Q_keygen(NULL, NULL, "EC", "P-256");
}
EOF
gcc openssl_test.c -lcrypto -lssl -o openssl_test
./openssl_test
[Where problems could occur]
This new patch set is relatively massive, on top of another massive one.
Some new regressions could crop up of a similar kind. Furthermore, the
homegrown string comparison function could be buggy, leading to algorithm name mismatches.
[Other info]
The patches all come from upstream and have been merged on their 3.0
maintenance branch.
[Original report]
Source: sscg
Version: 3.0.2-1
Severity: serious
Tags: ftbfs
https://buildd.debian.org/status/logs.php?pkg=sscg&ver=3.0.2-1%2Bb1
...
1/10 generate_rsa_key_test FAIL 0.01s killed by signal 11 SIGSEGV
04:32:21 MALLOC_PERTURB_=87 /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/generate_rsa_key_test
...
Summary of Failures:
1/10 generate_rsa_key_test FAIL 0.01s killed by signal
11 SIGSEGV
Ok: 9
Expected Fail: 0
Fail: 1
Unexpected Pass: 0
Skipped: 0
Timeout: 0
dh_auto_test: error: cd obj-x86_64-linux-gnu && LC_ALL=C.UTF-8 MESON_TESTTHREADS=4 ninja test returned exit code 1
make: *** [debian/rules:6: binary-arch] Error 25
This has also been reported on the openssl-users mailing list:
https://www.mail-archive.com/openssl-users@openssl.org/msg90830.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1974037/+subscriptions
More information about the foundations-bugs
mailing list