OpenSSL 1.1.1f raise a segmentation faults on Arm64 builds
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenSSL |
Fix Released
|
Unknown
|
|||
openssl (Debian) |
Fix Released
|
Unknown
|
|||
openssl (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Focal |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Description
-----------
It seems that current Ubuntu 20.04 (Focal) distribution for Arm64/Aarch64 raise a segmentation fault when certain validates some certificates.
This issue affects only to Arm64/Aarch64 all the tools statically or dynamically linked with this version of the library are affected (Libcurl4, Curl, Wget, OpenJDK, Curl-PHP, etc).
Environment and platform
-------
Linux 5.4.0-89-generic #100-Ubuntu SMP Fri Sep 24 14:29:20 UTC 2021 aarch64 aarch64 aarch64 GNU/Linux
Steps to reproduce
------------------
1. Run:
curl -v https:/
or
wget https:/
Result received
---------------
Segmentation fault (core dumped)
Notes
-----
This bug was found by the Curl users:
See: https:/
I believe that this bug is related to https:/
Actually there isn't any replacement for OpenSSL 1.1.1f for Focal (Arm64), so it makes difficult to use Ubuntu 20.04 in a production environment.
Changed in openssl: | |
status: | Unknown → Fix Released |
Changed in openssl (Debian): | |
status: | Unknown → New |
Changed in openssl (Ubuntu): | |
status: | Confirmed → Fix Released |
importance: | Undecided → Medium |
Changed in openssl (Ubuntu Focal): | |
importance: | Undecided → Medium |
Changed in openssl (Debian): | |
status: | New → Fix Released |
I observed that many users are affected by this bug. (See: https:/ /github. com/curl/ curl/issues/ 8024)