Ubuntu
bind9 package

bind9 calls CONF_modules_load_file() explicitly (OpenSSL 1.1.1 porting)

Bug #1951097 reported by Julian Andres Klode on 2021-11-16

This bug report is a duplicate of: Bug #1951943: Engine crashes when loading the configuration more than once. Edit Remove

This bug affects 1 person

	Status	Importance	Assigned to
bind9 (Ubuntu)	New	Undecided	Unassigned
Focal	New	Undecided	Unassigned
bind9-libs (Ubuntu)	New	Undecided	Unassigned
Focal	New	Undecided	Unassigned

Bug Description

This package is calling CONF_modules_load_file() explicitly with NULL filename. This might lead to configuration files being loaded twice in OpenSSL 1.1, which causes engines to be loaded multiple times, causing engines specified therein to be loaded and unloaded twice; which engines do not support (LP: #1921518)

Further analysis is needed if this package actually loads config files twice, this is just a preliminary report based on grepping the archive.

Julian Andres Klode (juliank) on 2021-11-16

summary:

- bind9 calls CONF_modules_load_file() explicitly
+ bind9 calls CONF_modules_load_file() explicitly (OpenSSL 1.1.1 porting)

Athos Ribeiro (athos-ribeiro) on 2021-11-17

tags:

added: server-todo

Christian Ehrhardt  (paelzer) on 2021-11-25

Changed in bind9 (Ubuntu):
assignee:	nobody → Miriam España Acebal (mirespace)
Changed in bind9-libs (Ubuntu):
assignee:	nobody → Miriam España Acebal (mirespace)

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2021-11-25:

This issue will be fixed in openssl via bug 1951943
Closing this one as a dup.

Changed in bind9 (Ubuntu):
assignee:	Miriam España Acebal (mirespace) → nobody
Changed in bind9-libs (Ubuntu):
assignee:	Miriam España Acebal (mirespace) → nobody
tags:	removed: server-todo