Ubuntu
openssl package

libssl 1.0.2g-1ubuntu4.4 may cause Apache2 with libapache2-mod-php7.0 to crash

Bug #1626886 reported by Olli Salli
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apache2 (Ubuntu)
New
Medium
Unassigned
openssl (Ubuntu)
New
Undecided
Unassigned
php7.0 (Ubuntu)
New
Undecided
Unassigned

Bug Description

I started getting apache2 crashes at the same time as I started getting PHP 7.0 CLI crashes, after my openssl packages were updated to the latest xenial-security version by unattended-upgrades.

I traced the PHP CLI crashes to server cert validation starting to crash after updating to libssl1.0.0 1.0.2g-1ubuntu4.4 here https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1626883

Not sure if this crash is the exact same thing or something else, but the web server starting to crash after an automatic security update is very troublesome in any case...

ProblemType: Crash
DistroRelease: Ubuntu 16.04
Package: apache2-bin 2.4.18-2ubuntu3.1
ProcVersionSignature: Ubuntu 4.4.0-36.55-generic 4.4.16
Uname: Linux 4.4.0-36-generic x86_64
ApportVersion: 2.20.1-0ubuntu2.1
Architecture: amd64
Date: Fri Sep 23 06:47:30 2016
ExecutablePath: /usr/sbin/apache2
InstallationDate: Installed on 2016-05-18 (127 days ago)
InstallationMedia: Ubuntu-Server 16.04 LTS "Xenial Xerus" - Release amd64 (20160420.3)
ProcCmdline: /usr/sbin/apache2 -k start
ProcEnviron:
 PATH=(custom, no user)
 LANG=C
SegvAnalysis: Skipped: missing required field "Disassembly"
Signal: 11
SourcePackage: apache2
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups:

Revision history for this message
Olli Salli (ollisa) wrote :
information type: Private → Public
Revision history for this message
Apport retracing service (apport) wrote :

StacktraceTop:
 strlen () at ../sysdeps/x86_64/strlen.S:106
 add_assoc_string_ex (arg=arg@entry=0x7f6ebb412ce0, key=key@entry=0x7f6ebfe3c799 "serialNumber", key_len=key_len@entry=12, str=0x0) at /build/php7.0-lPMnpS/php7.0-7.0.8/Zend/zend_API.c:1390
 zif_openssl_x509_parse (execute_data=<optimized out>, return_value=0x7f6ebb412ce0) at /build/php7.0-lPMnpS/php7.0-7.0.8/ext/openssl/openssl.c:2017
 dtrace_execute_internal (execute_data=<optimized out>, return_value=<optimized out>) at /build/php7.0-lPMnpS/php7.0-7.0.8/Zend/zend_dtrace.c:107
 ZEND_DO_FCALL_SPEC_HANDLER () at /build/php7.0-lPMnpS/php7.0-7.0.8/Zend/zend_vm_execute.h:844

Revision history for this message
Apport retracing service (apport) wrote : Stacktrace.txt
Revision history for this message
Apport retracing service (apport) wrote : StacktraceSource.txt
Revision history for this message
Apport retracing service (apport) wrote : ThreadStacktrace.txt
Changed in apache2 (Ubuntu):
importance: Undecided → Medium
tags: removed: need-amd64-retrace
Revision history for this message
Olli Salli (ollisa) wrote :

Yeah judging from the stack trace, this is indeed the same thing as https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1626883.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.