[Bug 2060880] Re: squid crashes after update to 4.10-1ubuntu1.10
The regression fix has now been published: https://ubuntu.com/security/notices/USN-6728-3 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060880 Title: squid crashes after update to 4.10-1ubuntu1.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid/+bug/2060880/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060880] Re: squid crashes after update to 4.10-1ubuntu1.10
Thanks for testing it, it's much appreciated! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060880 Title: squid crashes after update to 4.10-1ubuntu1.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid/+bug/2060880/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060880] Re: squid crashes after update to 4.10-1ubuntu1.10
Just tried it over the week-end, no crashes detected. Works fine here, thanks for your work! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060880 Title: squid crashes after update to 4.10-1ubuntu1.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid/+bug/2060880/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060880] Re: squid crashes after update to 4.10-1ubuntu1.10
I have located the issue and have prepared an updated package that will reintroduce the fixes for CVE-2023-5824. I have uploaded the updated package to the security team PPA here: https://launchpad.net/~ubuntu-security- proposed/+archive/ubuntu/ppa/+packages Once it has finished building, could you please test it in your environment and comment in this bug? Thanks! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060880 Title: squid crashes after update to 4.10-1ubuntu1.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid/+bug/2060880/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060880] Re: squid crashes after update to 4.10-1ubuntu1.10
https://ubuntu.com/security/notices/USN-6728-2 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060880 Title: squid crashes after update to 4.10-1ubuntu1.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid/+bug/2060880/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060880] Re: squid crashes after update to 4.10-1ubuntu1.10
Thanks for testing everyone, and thanks for the configuration details. I will attempt to reproduce this issue so that I can figure out what exactly caused the regression so that we can get CVE-2023-5824 fixed again soon. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060880 Title: squid crashes after update to 4.10-1ubuntu1.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid/+bug/2060880/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060880] Re: squid crashes after update to 4.10-1ubuntu1.10
This bug was fixed in the package squid - 4.10-1ubuntu1.11 --- squid (4.10-1ubuntu1.11) focal-security; urgency=medium * SECURITY REGRESSION: crashing issue (LP: #2060880) - debian/patches/CVE-2023-5824-*.patch: disable patches until the cause of the crashes has been located. -- Marc Deslauriers Wed, 10 Apr 2024 18:41:23 -0400 ** Changed in: squid (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060880 Title: squid crashes after update to 4.10-1ubuntu1.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid/+bug/2060880/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060880] Re: squid crashes after update to 4.10-1ubuntu1.10
Regarding #3 here is the very simple config we use in /etc/squid/conf.d/local. The rest is just the default. acl localnet src 128.X.0.0/15 acl localnet src 2001:X:X::/48 acl SSL_ports port 8443 acl SSL_ports port 8128 acl SSL_ports port 8090 http_access deny to_localhost cache_dir aufs /srv/squid 8192 16 256 refresh_pattern (\.deb|\.udeb)$ 129600 100% 129600 append_domain .X.ch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060880 Title: squid crashes after update to 4.10-1ubuntu1.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid/+bug/2060880/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060880] Re: squid crashes after update to 4.10-1ubuntu1.10
We also experienced the issue (it was readily reproducible in our case), and the proposed 4.10-1ubuntu1.11 package appears to have resolved it. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060880 Title: squid crashes after update to 4.10-1ubuntu1.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid/+bug/2060880/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060880] Re: squid crashes after update to 4.10-1ubuntu1.10
Just installed the packages from security-proposed, the work fine on our configuration. Same workload triggering the crashes (10 clients doing apt-get update at the same time through the proxy) works fine as it always did before. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060880 Title: squid crashes after update to 4.10-1ubuntu1.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid/+bug/2060880/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060880] Re: squid crashes after update to 4.10-1ubuntu1.10
Testing the new packages now, and have not yet had any segfaults, whereas the 4.10-1ubuntu1.10 started logging faults with a couple of minutes of starting and very regularly (sub-minute) after that. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060880 Title: squid crashes after update to 4.10-1ubuntu1.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid/+bug/2060880/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060880] Re: squid crashes after update to 4.10-1ubuntu1.10
** Information type changed from Public to Public Security ** Changed in: squid (Ubuntu) Assignee: (unassigned) => Marc Deslauriers (mdeslaur) ** Changed in: squid (Ubuntu) Importance: Undecided => Critical -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060880 Title: squid crashes after update to 4.10-1ubuntu1.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid/+bug/2060880/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060880] Re: squid crashes after update to 4.10-1ubuntu1.10
I have prepared an update with the patches for CVE-2023-5824 backed out as they were extensive and are the most likely cause of this regression. I have uploaded it to the security team PPA here: https://launchpad.net/~ubuntu-security- proposed/+archive/ubuntu/ppa/+packages Once the package has finished building, could you please give it a try and see if that is the cause of the frequent crashes? Thanks! ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-5824 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060880 Title: squid crashes after update to 4.10-1ubuntu1.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid/+bug/2060880/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060880] Re: squid crashes after update to 4.10-1ubuntu1.10
Thanks for reporting this issue. What configuration is this squid server used in? I would like to reproduce the issue, but I need more details to set up a similar environment. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060880 Title: squid crashes after update to 4.10-1ubuntu1.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid/+bug/2060880/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060880] Re: squid crashes after update to 4.10-1ubuntu1.10
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: squid (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060880 Title: squid crashes after update to 4.10-1ubuntu1.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid/+bug/2060880/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060880] Re: squid crashes after update to 4.10-1ubuntu1.10
Fruther log messages from dmesg: [ 1541.601143] traps: squid[6442] general protection fault ip:556e32429691 sp:7fffc8cdd2f0 error:0 in squid[556e3239e000+455000] [ 1546.316442] squid[7332]: segfault at 66170483 ip 55c000624691 sp 7ffda1b40ca0 error 4 in squid[55c000599000+455000] [ 1546.316451] Code: eb 0e 0f 1f 80 00 00 00 00 48 8b bb a8 00 00 00 48 8b 83 98 00 00 00 48 89 87 80 00 00 00 48 8b 87 30 04 00 00 48 85 c0 74 14 <48> 8b 40 68 48 85 c0 74 0b 48 8b 40 30 48 89 87 88 00 00 00 48 8b [ 1552.057908] traps: squid[7354] general protection fault ip:7fe7565d46f0 sp:7ffe482e9420 error:0 in libc-2.31.so[7fe75655c000+178000] [ 1562.965429] squid[7375]: segfault at 21 ip 55c5be86f93b sp 7ffcd012d720 error 4 in squid[55c5be7e4000+455000] [ 1562.965440] Code: ff 0f 84 20 07 00 00 83 c0 01 41 89 44 24 08 48 83 7b 18 00 0f 84 86 00 00 00 48 8b 85 38 04 00 00 48 85 c0 0f 84 45 06 00 00 <48> 8b 10 48 03 42 e8 49 89 c4 8b 40 08 85 c0 0f 84 40 06 00 00 83 [ 1566.309689] squid[7396]: segfault at 9b9 ip 7f0ea0d766f0 sp 7ffe77d45a70 error 4 in libc-2.31.so[7f0ea0cfe000+178000] [ 1566.309698] Code: ff 49 89 ec e9 76 fd ff ff 90 f3 0f 1e fa 48 83 ec 18 48 8b 05 19 18 15 00 48 8b 00 48 85 c0 0f 85 7d 00 00 00 48 85 ff 74 70 <48> 8b 47 f8 48 8d 77 f0 a8 02 75 34 48 8b 15 75 16 15 00 64 48 83 [ 1568.543242] traps: squid[7418] general protection fault ip:55cfab1e4691 sp:7fff4ba956c0 error:0 in squid[55cfab159000+455000] [ 1571.521513] traps: squid[7439] general protection fault ip:7efe259b26f0 sp:7ffd2a114770 error:0 in libc-2.31.so[7efe2593a000+178000] [ 1578.157249] squid[7481]: segfault at 1068 ip 55f09cf93691 sp 7ffcbdbd04b0 error 4 in squid[55f09cf08000+455000] [ 1578.157264] Code: eb 0e 0f 1f 80 00 00 00 00 48 8b bb a8 00 00 00 48 8b 83 98 00 00 00 48 89 87 80 00 00 00 48 8b 87 30 04 00 00 48 85 c0 74 14 <48> 8b 40 68 48 85 c0 74 0b 48 8b 40 30 48 89 87 88 00 00 00 48 8b -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060880 Title: squid crashes after update to 4.10-1ubuntu1.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid/+bug/2060880/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs