2012-10-12 15:51:35 |
Ivo Timmermans |
bug |
|
|
added bug |
2012-10-12 15:55:15 |
Logan Rosen |
bug watch added |
|
http://rt.openssl.org/Ticket/Display.html?id=2813 |
|
2012-10-12 15:55:15 |
Logan Rosen |
bug task added |
|
openssl |
|
2012-10-12 15:55:30 |
Logan Rosen |
bug |
|
|
added subscriber Logan Rosen |
2012-10-12 16:40:51 |
Bug Watch Updater |
openssl: status |
Unknown |
Fix Released |
|
2012-10-12 16:56:34 |
Marc Deslauriers |
nominated for series |
|
Ubuntu Precise |
|
2012-10-12 16:56:34 |
Marc Deslauriers |
bug task added |
|
openssl (Ubuntu Precise) |
|
2012-10-12 16:56:34 |
Marc Deslauriers |
nominated for series |
|
Ubuntu Quantal |
|
2012-10-12 16:56:34 |
Marc Deslauriers |
bug task added |
|
openssl (Ubuntu Quantal) |
|
2012-10-12 16:56:41 |
Marc Deslauriers |
openssl (Ubuntu Precise): status |
New |
Confirmed |
|
2012-10-12 16:56:43 |
Marc Deslauriers |
openssl (Ubuntu Quantal): status |
New |
Confirmed |
|
2013-01-02 13:14:59 |
John van der Kamp |
bug |
|
|
added subscriber John van der Kamp |
2013-01-02 15:25:59 |
Marc Deslauriers |
openssl (Ubuntu Precise): assignee |
|
Marc Deslauriers (mdeslaur) |
|
2013-01-02 15:26:03 |
Marc Deslauriers |
openssl (Ubuntu): assignee |
|
Marc Deslauriers (mdeslaur) |
|
2013-01-02 15:26:05 |
Marc Deslauriers |
openssl (Ubuntu Quantal): assignee |
|
Marc Deslauriers (mdeslaur) |
|
2013-02-06 15:49:09 |
Giacomo Boccardo |
bug |
|
|
added subscriber Giacomo Boccardo |
2013-02-06 15:49:15 |
Giacomo Boccardo |
removed subscriber Giacomo Boccardo |
|
|
|
2013-02-06 15:49:17 |
Giacomo Boccardo |
bug |
|
|
added subscriber Giacomo Boccardo |
2013-03-06 13:12:47 |
Marc Deslauriers |
nominated for series |
|
Ubuntu Raring |
|
2013-03-06 13:12:47 |
Marc Deslauriers |
bug task added |
|
openssl (Ubuntu Raring) |
|
2013-03-07 03:09:13 |
Launchpad Janitor |
openssl (Ubuntu Raring): status |
Confirmed |
Fix Released |
|
2013-03-07 23:55:27 |
Colin Watson |
openssl (Ubuntu Precise): importance |
Undecided |
High |
|
2013-03-07 23:55:29 |
Colin Watson |
openssl (Ubuntu Quantal): importance |
Undecided |
High |
|
2013-03-07 23:55:30 |
Colin Watson |
openssl (Ubuntu Raring): importance |
Undecided |
High |
|
2013-03-08 13:13:10 |
Marc Deslauriers |
description |
We're experiencing deadlocks in Ubuntu 12.04 at our customers. After some investigation, a known bug in OpenSSL 1.0.1c (and other versions) is causing this. The bug itself was known since one day after this release (11th of May this year).
OpenSSL bug report: http://rt.openssl.org/Ticket/Display.html?id=2813&user=guest&pass=guest
Commit that fixes the issue in OpenSSL 1.0.1: http://cvs.openssl.org/chngview?cn=22570
For now, we're distributing a modified version of the OpenSSL packages for Ubuntu, but of course we're not the only ones with this bug. |
[SRU request]
[Impact]
A deadlock exists in the public key decoding code of openssl in Precise and Quantal. Users of openssl is environments where a large number of keys are being processed may hit it, causing the application to hang. This has been fixed in the development release by backporting a trivial patch from upstream.
[Test Case]
There is currently no known reliable way of reproducing the deadlock.
The openssl test suite passes with the patch, and the QRT scripts have been run successfully.
[Regression Potential]
The patch is trivial, and shouldn't cause any regressions. It has been used in a couple of upstream releases so far. If the patch does introduce a regression, it would affect public key decoding and would be apparent.
Original report:
We're experiencing deadlocks in Ubuntu 12.04 at our customers. After some investigation, a known bug in OpenSSL 1.0.1c (and other versions) is causing this. The bug itself was known since one day after this release (11th of May this year).
OpenSSL bug report: http://rt.openssl.org/Ticket/Display.html?id=2813&user=guest&pass=guest
Commit that fixes the issue in OpenSSL 1.0.1: http://cvs.openssl.org/chngview?cn=22570
For now, we're distributing a modified version of the OpenSSL packages for Ubuntu, but of course we're not the only ones with this bug. |
|
2013-03-08 13:13:17 |
Marc Deslauriers |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2013-03-08 15:31:35 |
Dimitri John Ledkov |
openssl (Ubuntu Quantal): status |
Confirmed |
In Progress |
|
2013-03-08 15:31:37 |
Dimitri John Ledkov |
openssl (Ubuntu Precise): status |
Confirmed |
In Progress |
|
2013-04-15 14:56:59 |
Brian Murray |
openssl (Ubuntu Quantal): status |
In Progress |
Fix Committed |
|
2013-04-15 14:57:02 |
Brian Murray |
bug |
|
|
added subscriber SRU Verification |
2013-04-15 14:57:09 |
Brian Murray |
tags |
|
verification-needed |
|
2013-04-15 15:23:55 |
Brian Murray |
openssl (Ubuntu Precise): status |
In Progress |
Fix Committed |
|
2013-04-25 15:38:07 |
Felix Geyer |
tags |
verification-needed |
verification-done-precise verification-needed |
|
2013-04-29 16:50:42 |
Dimitri John Ledkov |
tags |
verification-done-precise verification-needed |
verification-done-precise verification-done-quantal verification-needed |
|
2013-04-29 16:50:50 |
Dimitri John Ledkov |
tags |
verification-done-precise verification-done-quantal verification-needed |
verification-done-precise verification-done-quantal |
|
2013-05-06 19:33:55 |
Adam Conrad |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
2013-05-06 19:34:13 |
Launchpad Janitor |
openssl (Ubuntu Precise): status |
Fix Committed |
Fix Released |
|
2013-05-06 19:34:21 |
Launchpad Janitor |
openssl (Ubuntu Quantal): status |
Fix Committed |
Fix Released |
|
2013-12-11 06:21:11 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/openssl |
|