Ubuntu
openssl097 package

libssl0.9.7 g series break pam_pgsql

Bug #22875 reported by Debian Bug Importer
12
Affects Status Importance Assigned to Milestone
openssl097 (Debian)
Fix Released
Unknown
openssl097 (Ubuntu)
Fix Released
High
Tollef Fog Heen

Bug Description

Automatically imported from Debian bug report #330867 http://bugs.debian.org/330867

See original description
Revision history for this message
Debian Bug Importer (debzilla) wrote :

Automatically imported from Debian bug report #330867 http://bugs.debian.org/330867

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-Id: <email address hidden>
Date: Fri, 30 Sep 2005 09:52:32 +0200
From: Krisztian PIFKO <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: libssl0.9.7 g series break pam_pgsql

Package: libssl0.9.7
Version: 0.9.7g-2
Severity: grave
Justification: renders package unusable

libpam_pgsql breaks after upgrading to libssl g from libssl e.

the reason (from auth log):
PAM unable to dlopen(/lib/security/pam_pgsql.so)
PAM [dlerror: /usr/lib/i686/cmov/libssl.so.0.9.7: undefined symbol: HMAC_CTX_set_flags]
PAM adding faulty module: /lib/security/pam_pgsql.so

downgrading to libssl0.9.7_0.9.7e solves the problem.

libpam_pgsql version: 0.5.2-9

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.9-ck3-skas3-v8-rc1-bs7-nudi.3
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages libssl0.9.7 depends on:
ii debconf [debconf-2.0] 1.4.58 Debian configuration management sy
ii libc6 2.3.5-6 GNU C Library: Shared libraries an

libssl0.9.7 recommends no packages.

-- debconf information excluded

Revision history for this message
In , Henrique de Moraes Holschuh (hmh) wrote : merging related bugs

severity 330867 critical
merge 330867 333349
thanks

--
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Revision history for this message
In , Henrique de Moraes Holschuh (hmh) wrote : reassign 330867 to openssl

# Automatically generated email from bts, devscripts version 2.9.7
reassign 330867 openssl

Revision history for this message
In , Henrique de Moraes Holschuh (hmh) wrote : merging 330867 333349

# Automatically generated email from bts, devscripts version 2.9.7
merge 330867 333349

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: Tue, 11 Oct 2005 11:15:08 -0300
From: Henrique de Moraes Holschuh <email address hidden>
To: <email address hidden>
Subject: merging related bugs

severity 330867 critical
merge 330867 333349
thanks

--
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-Id: <email address hidden>
Date: Tue, 11 Oct 2005 12:31:11 -0300
From: Henrique de Moraes Holschuh <email address hidden>
To: <email address hidden>
Subject: reassign 330867 to openssl

# Automatically generated email from bts, devscripts version 2.9.7
reassign 330867 openssl

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-Id: <email address hidden>
Date: Tue, 11 Oct 2005 12:31:18 -0300
From: Henrique de Moraes Holschuh <email address hidden>
To: <email address hidden>
Subject: merging 330867 333349

# Automatically generated email from bts, devscripts version 2.9.7
merge 330867 333349

Revision history for this message
Debian Bug Importer (debzilla) wrote :

*** Bug 23730 has been marked as a duplicate of this bug. ***

Revision history for this message
In , Steve Langasek (vorlon) wrote : reassign 330867 to openssl, merging 330867 333349

# Automatically generated email from bts, devscripts version 2.9.4
reassign 330867 openssl
merge 330867 333349

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-Id: <email address hidden>
Date: Tue, 11 Oct 2005 16:15:40 -0700
From: Steve Langasek <email address hidden>
To: <email address hidden>
Subject: reassign 330867 to openssl, merging 330867 333349

# Automatically generated email from bts, devscripts version 2.9.4
reassign 330867 openssl
merge 330867 333349

Revision history for this message
In , Steve Langasek (vorlon) wrote : Re: Must either version symbols or conflict with ALL libraries linked to previous version

tags 333349 patch
thanks

Here, give this one a try. This patch enables symbol versioning in
libcrypto and libssl for all targets which I know use GNU ld and whose
runtime linker supports symbol versioning. Basically, this covers Linux
and Hurd at this point; other platforms may benefit from this as well, but I
don't know which ones with any certainty. I've provided a comprehensive
patch for *all* Linux targets, and not just the Debian ones, because it's
very important that this change be integrated upstream: while deploying
versioned symbols in Debian's build will let *us* avoid segfaults, this is
also a one-way ABI change that will cause problems for anyone running
binaries on other systems that were built against a Debian openssl build
that includes this patch.

A similar patch should apply ok to libssl0.9.7, and it would be a good idea
to do so there as well to further help with the segfaults caused by loading
multiple versions of the same library into a single address space. Getting
upstream to accept a patch for 0.9.7 is not a concern, since obviously
that's an old version of the lib which is going to be phased out.

Cheers,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
<email address hidden> http://www.debian.org/

Revision history for this message
In , Christoph Martin (christoph-martin) wrote : Bug#330867: fixed in openssl 0.9.8a-1
Download full text (3.7 KiB)

Source: openssl
Source-Version: 0.9.8a-1

We believe that the bug you reported is fixed in the latest version of
openssl, which is due to be installed in the Debian FTP archive:

libcrypto0.9.8-udeb_0.9.8a-1_i386.udeb
  to pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-1_i386.udeb
libssl-dev_0.9.8a-1_i386.deb
  to pool/main/o/openssl/libssl-dev_0.9.8a-1_i386.deb
libssl0.9.8-dbg_0.9.8a-1_i386.deb
  to pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-1_i386.deb
libssl0.9.8_0.9.8a-1_i386.deb
  to pool/main/o/openssl/libssl0.9.8_0.9.8a-1_i386.deb
openssl_0.9.8a-1.diff.gz
  to pool/main/o/openssl/openssl_0.9.8a-1.diff.gz
openssl_0.9.8a-1.dsc
  to pool/main/o/openssl/openssl_0.9.8a-1.dsc
openssl_0.9.8a-1_i386.deb
  to pool/main/o/openssl/openssl_0.9.8a-1_i386.deb
openssl_0.9.8a.orig.tar.gz
  to pool/main/o/openssl/openssl_0.9.8a.orig.tar.gz

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Christoph Martin <email address hidden> (supplier of updated openssl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 17 Oct 2005 17:01:06 +0200
Source: openssl
Binary: libssl-dev openssl libssl0.9.8-dbg libcrypto0.9.8-udeb libssl0.9.8
Architecture: source i386
Version: 0.9.8a-1
Distribution: unstable
Urgency: low
Maintainer: Debian OpenSSL Team <email address hidden>
Changed-By: Christoph Martin <email address hidden>
Description:
 libcrypto0.9.8-udeb - crypto shared library - udeb (udeb)
 libssl-dev - SSL development libraries, header files and documentation
 libssl0.9.8 - SSL shared libraries
 libssl0.9.8-dbg - Symbol tables for libssl and libcrypt
 openssl - Secure Socket Layer (SSL) binary and related cryptographic tools
Closes: 330554 330867 332755 333579
Changes:
 openssl (0.9.8a-1) unstable; urgency=low
 .
   Christoph Martin:
   * fix asm entries for some architectures, fixing #332758 properly.
   * add noexecstack option to i386 subarch
   * include symbol versioning in Configure (closes: #330867)
   * include debian-armeb arch (closes: #333579)
   * include new upstream patches; includes some minor fixes
   * fix dh_shlibdeps line, removing the redundant dependency on
     libssl0.9.8 (closes: #332755)
   * add swedish debconf template (closes: #330554)
 .
   Kurt Roeckx:
   * Also add noexecstack option for amd64, since it now has an
     executable stack with the assembler fixes for amd64.
Files:
 d185640b299f65afa64823b59c030004 788 utils optional openssl_0.9.8a-1.dsc
 1d16c727c10185e4d694f87f5e424ee1 3271435 utils optional openssl_0.9.8a.orig.tar.gz
 e7f1feab1e60fd3138558b6e6e574ef1 29983 utils optional openssl_0.9.8a-1.diff.gz
 9947bc503516ff80d5b04e802e744a8b 982576 utils optional openssl_0.9.8a-1_i386.deb
 008ece8c28da53f49...

Read more...

Revision history for this message
Debian Bug Importer (debzilla) wrote :
Download full text (3.9 KiB)

Message-Id: <email address hidden>
Date: Mon, 17 Oct 2005 10:32:07 -0700
From: Christoph Martin <email address hidden>
To: <email address hidden>
Subject: Bug#330867: fixed in openssl 0.9.8a-1

Source: openssl
Source-Version: 0.9.8a-1

We believe that the bug you reported is fixed in the latest version of
openssl, which is due to be installed in the Debian FTP archive:

libcrypto0.9.8-udeb_0.9.8a-1_i386.udeb
  to pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-1_i386.udeb
libssl-dev_0.9.8a-1_i386.deb
  to pool/main/o/openssl/libssl-dev_0.9.8a-1_i386.deb
libssl0.9.8-dbg_0.9.8a-1_i386.deb
  to pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-1_i386.deb
libssl0.9.8_0.9.8a-1_i386.deb
  to pool/main/o/openssl/libssl0.9.8_0.9.8a-1_i386.deb
openssl_0.9.8a-1.diff.gz
  to pool/main/o/openssl/openssl_0.9.8a-1.diff.gz
openssl_0.9.8a-1.dsc
  to pool/main/o/openssl/openssl_0.9.8a-1.dsc
openssl_0.9.8a-1_i386.deb
  to pool/main/o/openssl/openssl_0.9.8a-1_i386.deb
openssl_0.9.8a.orig.tar.gz
  to pool/main/o/openssl/openssl_0.9.8a.orig.tar.gz

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Christoph Martin <email address hidden> (supplier of updated openssl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 17 Oct 2005 17:01:06 +0200
Source: openssl
Binary: libssl-dev openssl libssl0.9.8-dbg libcrypto0.9.8-udeb libssl0.9.8
Architecture: source i386
Version: 0.9.8a-1
Distribution: unstable
Urgency: low
Maintainer: Debian OpenSSL Team <email address hidden>
Changed-By: Christoph Martin <email address hidden>
Description:
 libcrypto0.9.8-udeb - crypto shared library - udeb (udeb)
 libssl-dev - SSL development libraries, header files and documentation
 libssl0.9.8 - SSL shared libraries
 libssl0.9.8-dbg - Symbol tables for libssl and libcrypt
 openssl - Secure Socket Layer (SSL) binary and related cryptographic tools
Closes: 330554 330867 332755 333579
Changes:
 openssl (0.9.8a-1) unstable; urgency=low
 .
   Christoph Martin:
   * fix asm entries for some architectures, fixing #332758 properly.
   * add noexecstack option to i386 subarch
   * include symbol versioning in Configure (closes: #330867)
   * include debian-armeb arch (closes: #333579)
   * include new upstream patches; includes some minor fixes
   * fix dh_shlibdeps line, removing the redundant dependency on
     libssl0.9.8 (closes: #332755)
   * add swedish debconf template (closes: #330554)
 .
   Kurt Roeckx:
   * Also add noexecstack option for amd64, since it now has an
     executable stack with the assembler fixes for amd64.
Files:
 d185640b299f65afa64823b59c030004 788 utils optional openssl_0.9.8a-1.dsc
 1d16c727c10185e4d694f87f5e424ee1 3271435...

Read more...

Revision history for this message
Carthik Sharma (carthik) wrote :

The fix was committed upstream in Debian.
This bug has been fixed in the latest version in Dapper.

Changed in openssl097:
status: Unconfirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.