pg_dump: Error message from server: SSL error: ccs received early
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenSSL |
Fix Released
|
Unknown
|
|||
openssl (Debian) |
Fix Released
|
Unknown
|
|||
openssl (Ubuntu) |
Fix Released
|
Undecided
|
Marc Deslauriers | ||
Lucid |
Fix Released
|
Undecided
|
Marc Deslauriers | ||
Precise |
Fix Released
|
Undecided
|
Marc Deslauriers | ||
Saucy |
Fix Released
|
Undecided
|
Marc Deslauriers | ||
Trusty |
Fix Released
|
Undecided
|
Marc Deslauriers | ||
Utopic |
Fix Released
|
Undecided
|
Marc Deslauriers |
Bug Description
See Debian bug #751093
Extra commit is needed on top of openssl_
https:/
Reproduction instructions
1. Take a large postgres DB (~200GiB here),
2. require hostssl in pg_hba to connect.
3. pg_dump over that hostssl connection.
4. fail out somewhere between 74MiB and 190GiB with:
pg_dump: Error message from server: SSL error: ccs received early
ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: openssl 1.0.1f-1ubuntu2.3
ProcVersionSign
Uname: Linux 3.13.0-27-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.2
Architecture: amd64
Date: Fri Jun 20 17:27:02 2014
InstallationDate: Installed on 2014-03-21 (91 days ago)
InstallationMedia: Ubuntu-Server 13.10 "Saucy Salamander" - Release amd64 (20131016)
ProcEnviron:
TERM=rxvt-unicode
PATH=(custom, no user)
XDG_RUNTIME_
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: openssl
UpgradeStatus: Upgraded to trusty on 2014-04-03 (78 days ago)
Changed in openssl (Ubuntu Lucid): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in openssl (Ubuntu Saucy): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in openssl (Ubuntu Trusty): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in openssl (Ubuntu Precise): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in openssl (Ubuntu Utopic): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in openssl (Ubuntu Lucid): | |
status: | New → Confirmed |
Changed in openssl (Ubuntu Precise): | |
status: | New → Confirmed |
Changed in openssl (Ubuntu Saucy): | |
status: | New → Confirmed |
Changed in openssl (Ubuntu Trusty): | |
status: | New → Confirmed |
Changed in openssl (Ubuntu Utopic): | |
status: | New → Confirmed |
Changed in openssl: | |
status: | Unknown → Fix Released |
Changed in openssl (Debian): | |
status: | Unknown → Fix Released |
This bug was fixed in the package openssl - 1.0.1-4ubuntu5.16
---------------
openssl (1.0.1-4ubuntu5.16) precise-security; urgency=medium
* SECURITY UPDATE: regression with certain renegotiations (LP: #1332643) patches/ CVE-2014- 0224-regression 2.patch: accept CCS after
- debian/
sending finished ssl/s3_clnt.c.
-- Marc Deslauriers <email address hidden> Fri, 20 Jun 2014 13:57:48 -0400