Deadlock when reading a public key
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenSSL |
Fix Released
|
Unknown
|
|||
openssl (Ubuntu) |
Fix Released
|
High
|
Marc Deslauriers | ||
Precise |
Fix Released
|
High
|
Marc Deslauriers | ||
Quantal |
Fix Released
|
High
|
Marc Deslauriers | ||
Raring |
Fix Released
|
High
|
Marc Deslauriers |
Bug Description
[SRU request]
[Impact]
A deadlock exists in the public key decoding code of openssl in Precise and Quantal. Users of openssl is environments where a large number of keys are being processed may hit it, causing the application to hang. This has been fixed in the development release by backporting a trivial patch from upstream.
[Test Case]
There is currently no known reliable way of reproducing the deadlock.
The openssl test suite passes with the patch, and the QRT scripts have been run successfully.
[Regression Potential]
The patch is trivial, and shouldn't cause any regressions. It has been used in a couple of upstream releases so far. If the patch does introduce a regression, it would affect public key decoding and would be apparent.
Original report:
We're experiencing deadlocks in Ubuntu 12.04 at our customers. After some investigation, a known bug in OpenSSL 1.0.1c (and other versions) is causing this. The bug itself was known since one day after this release (11th of May this year).
OpenSSL bug report: http://
Commit that fixes the issue in OpenSSL 1.0.1: http://
For now, we're distributing a modified version of the OpenSSL packages for Ubuntu, but of course we're not the only ones with this bug.
Related branches
Changed in openssl: | |
status: | Unknown → Fix Released |
Changed in openssl (Ubuntu Precise): | |
status: | New → Confirmed |
Changed in openssl (Ubuntu Quantal): | |
status: | New → Confirmed |
Changed in openssl (Ubuntu Precise): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in openssl (Ubuntu): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in openssl (Ubuntu Quantal): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in openssl (Ubuntu Precise): | |
importance: | Undecided → High |
Changed in openssl (Ubuntu Quantal): | |
importance: | Undecided → High |
Changed in openssl (Ubuntu Raring): | |
importance: | Undecided → High |
description: | updated |
tags: | added: verification-done-precise |
tags: | added: verification-done-quantal |
tags: | removed: verification-needed |
I'm hitting this bug also and was just wondering is a fix planed or should I try to get hold of the modified version of openssl?