2022-05-18 13:52:32 |
Simon Chopin |
bug |
|
|
added bug |
2022-05-18 13:52:34 |
Simon Chopin |
bug watch added |
|
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010958 |
|
2022-05-18 13:52:34 |
Simon Chopin |
openssl (Debian): remote watch |
|
Debian Bug tracker #1010958 |
|
2022-05-18 13:55:00 |
Simon Chopin |
summary |
sscg FTBFS with OpenSSL 3.0.3 |
openssl: EVP_EC_gen() segfault without init |
|
2022-05-18 13:55:47 |
Simon Chopin |
description |
Imported from Debian bug http://bugs.debian.org/1010958:
Source: sscg
Version: 3.0.2-1
Severity: serious
Tags: ftbfs
https://buildd.debian.org/status/logs.php?pkg=sscg&ver=3.0.2-1%2Bb1
...
1/10 generate_rsa_key_test FAIL 0.01s killed by signal 11 SIGSEGV
04:32:21 MALLOC_PERTURB_=87 /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/generate_rsa_key_test
...
Summary of Failures:
1/10 generate_rsa_key_test FAIL 0.01s killed by signal 11 SIGSEGV
Ok: 9
Expected Fail: 0
Fail: 1
Unexpected Pass: 0
Skipped: 0
Timeout: 0
dh_auto_test: error: cd obj-x86_64-linux-gnu && LC_ALL=C.UTF-8 MESON_TESTTHREADS=4 ninja test returned exit code 1
make: *** [debian/rules:6: binary-arch] Error 25
|
Imported from Debian bug http://bugs.debian.org/1010958:
Source: sscg
Version: 3.0.2-1
Severity: serious
Tags: ftbfs
https://buildd.debian.org/status/logs.php?pkg=sscg&ver=3.0.2-1%2Bb1
...
1/10 generate_rsa_key_test FAIL 0.01s killed by signal 11 SIGSEGV
04:32:21 MALLOC_PERTURB_=87 /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/generate_rsa_key_test
...
Summary of Failures:
1/10 generate_rsa_key_test FAIL 0.01s killed by signal 11 SIGSEGV
Ok: 9
Expected Fail: 0
Fail: 1
Unexpected Pass: 0
Skipped: 0
Timeout: 0
dh_auto_test: error: cd obj-x86_64-linux-gnu && LC_ALL=C.UTF-8 MESON_TESTTHREADS=4 ninja test returned exit code 1
make: *** [debian/rules:6: binary-arch] Error 25
This has also been reported on the openssl-users mailing list:
https://www.mail-archive.com/openssl-users@openssl.org/msg90830.html |
|
2022-05-18 13:58:14 |
Simon Chopin |
openssl (Ubuntu): status |
New |
Confirmed |
|
2022-05-18 13:58:25 |
Simon Chopin |
nominated for series |
|
Ubuntu Kinetic |
|
2022-05-18 13:58:25 |
Simon Chopin |
bug task added |
|
openssl (Ubuntu Kinetic) |
|
2022-05-18 13:58:25 |
Simon Chopin |
nominated for series |
|
Ubuntu Jammy |
|
2022-05-18 13:58:25 |
Simon Chopin |
bug task added |
|
openssl (Ubuntu Jammy) |
|
2022-05-18 13:58:31 |
Simon Chopin |
openssl (Ubuntu Jammy): status |
New |
Confirmed |
|
2022-05-18 13:58:36 |
Simon Chopin |
openssl (Ubuntu Jammy): importance |
Undecided |
High |
|
2022-05-18 13:58:39 |
Simon Chopin |
openssl (Ubuntu Kinetic): importance |
Undecided |
High |
|
2022-05-18 14:08:31 |
Bug Watch Updater |
openssl (Debian): status |
New |
Fix Released |
|
2022-05-18 14:08:31 |
Bug Watch Updater |
openssl (Debian): importance |
Undecided |
Unknown |
|
2022-05-23 10:15:53 |
Simon Chopin |
merge proposal linked |
|
https://code.launchpad.net/~schopin/ubuntu/+source/openssl/+git/openssl/+merge/423153 |
|
2022-05-24 08:56:13 |
Simon Chopin |
openssl (Ubuntu Kinetic): status |
Confirmed |
In Progress |
|
2022-05-24 16:48:23 |
Simon Chopin |
attachment added |
|
openssl.debdiff https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1974037/+attachment/5592652/+files/openssl.debdiff |
|
2022-05-24 17:00:34 |
Simon Chopin |
description |
Imported from Debian bug http://bugs.debian.org/1010958:
Source: sscg
Version: 3.0.2-1
Severity: serious
Tags: ftbfs
https://buildd.debian.org/status/logs.php?pkg=sscg&ver=3.0.2-1%2Bb1
...
1/10 generate_rsa_key_test FAIL 0.01s killed by signal 11 SIGSEGV
04:32:21 MALLOC_PERTURB_=87 /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/generate_rsa_key_test
...
Summary of Failures:
1/10 generate_rsa_key_test FAIL 0.01s killed by signal 11 SIGSEGV
Ok: 9
Expected Fail: 0
Fail: 1
Unexpected Pass: 0
Skipped: 0
Timeout: 0
dh_auto_test: error: cd obj-x86_64-linux-gnu && LC_ALL=C.UTF-8 MESON_TESTTHREADS=4 ninja test returned exit code 1
make: *** [debian/rules:6: binary-arch] Error 25
This has also been reported on the openssl-users mailing list:
https://www.mail-archive.com/openssl-users@openssl.org/msg90830.html |
[Impact]
The fix for https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1968997 has broken some code paths as the new string comparison functions now need initialization, triggering segafults.
The provided debdiff fixes the immediate issue and also settles on a new implementation not requiring the initialization in the first place.
[Test Plan]
Since this is a regression fix, we first need to check that the original bug hasn't cropped up again:
sudo locale-gen tr_TR.UTF-8
LANG=C curl https://ubuntu.com/ > /dev/null # This work
LANG=tr_TF.UTF-8 curl https://ubuntu.com/ > /dev/null # This should work as well
For the regression itself:
sudo apt install libssl-dev
cat <<EOF > openssl_test.c
#include <openssl/evp.h>
int main()
{
EVP_PKEY_Q_keygen(NULL, NULL, "EC", "P-256");
}
EOF
gcc openssl_test.c -lcrypto -lssl -o openssl_test
./openssl_test
[Where problems could occur]
This new patch set is relatively massive, on top of another massive one.
Some new regressions could crop up of a similar kind. Furthermore, the
homegrown string comparison function could be buggy, leading to algorithm name mismatches.
[Other info]
The patches all come from upstream and have been merged on their 3.0 maintenance branch.
[Original report]
Source: sscg
Version: 3.0.2-1
Severity: serious
Tags: ftbfs
https://buildd.debian.org/status/logs.php?pkg=sscg&ver=3.0.2-1%2Bb1
...
1/10 generate_rsa_key_test FAIL 0.01s killed by signal 11 SIGSEGV
04:32:21 MALLOC_PERTURB_=87 /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/generate_rsa_key_test
...
Summary of Failures:
1/10 generate_rsa_key_test FAIL 0.01s killed by signal 11 SIGSEGV
Ok: 9
Expected Fail: 0
Fail: 1
Unexpected Pass: 0
Skipped: 0
Timeout: 0
dh_auto_test: error: cd obj-x86_64-linux-gnu && LC_ALL=C.UTF-8 MESON_TESTTHREADS=4 ninja test returned exit code 1
make: *** [debian/rules:6: binary-arch] Error 25
This has also been reported on the openssl-users mailing list:
https://www.mail-archive.com/openssl-users@openssl.org/msg90830.html |
|
2022-05-24 20:21:14 |
Ubuntu Foundations Team Bug Bot |
tags |
|
patch |
|
2022-06-04 11:26:20 |
Launchpad Janitor |
openssl (Ubuntu Kinetic): status |
In Progress |
Fix Released |
|
2022-06-08 15:34:15 |
Łukasz Zemczak |
openssl (Ubuntu Jammy): status |
Confirmed |
Fix Committed |
|
2022-06-08 15:34:17 |
Łukasz Zemczak |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2022-06-08 15:34:18 |
Łukasz Zemczak |
bug |
|
|
added subscriber SRU Verification |
2022-06-08 15:34:20 |
Łukasz Zemczak |
tags |
patch |
patch verification-needed verification-needed-jammy |
|
2022-06-14 11:16:45 |
Simon Chopin |
tags |
patch verification-needed verification-needed-jammy |
patch verification-done verification-done-jammy |
|
2022-06-20 14:32:33 |
Launchpad Janitor |
openssl (Ubuntu Jammy): status |
Fix Committed |
Fix Released |
|
2022-06-20 14:32:47 |
Łukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|