Bug#770091: marked as done (xca: Segmentation fault when viewing a certificate with certain extensions)

Debian Bug Tracking System Mon, 24 Nov 2014 13:51:54 -0800

Your message dated Mon, 24 Nov 2014 21:50:18 +0000
with message-id <[email protected]>
and subject line Bug#770091: fixed in xca 1.0.0-2
has caused the Debian Bug report #770091,
regarding xca: Segmentation fault when viewing a certificate with certain 
extensions
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
770091: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770091
Debian Bug Tracking System
Contact [email protected] with problems

--- Begin Message ---

Package: xca
Version: 1.0.0-1
Severity: important
Tags: upstream patch

Viewing the attached certificate causes a segmentation fault.

It was discovered by Red Hat and a fix was provided by upstream.

Steps to reproduce:

1. $ xca crash_cert.pem
2. select the certificate
3. click on 'Details'

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.1-05396-g5a81495 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages xca depends on:
ii  libc6        2.19-11
ii  libgcc1      1:4.9.1-18
ii  libltdl7     2.4.2-1.11
ii  libqtcore4   4:4.8.6+git64-g5dc8b2b+dfsg-2+b1
ii  libqtgui4    4:4.8.6+git64-g5dc8b2b+dfsg-2+b1
ii  libssl1.0.0  1.0.1j-1
ii  libstdc++6   4.9.1-18

xca recommends no packages.

xca suggests no packages.

-- no debconf information

>From 0baa9173eac0ebe568539e892792921b9ecf7279 Mon Sep 17 00:00:00 2001
From: Christian Hohnstaedt <[email protected]>
Date: Mon, 17 Nov 2014 16:15:42 +0100
Subject: [PATCH] RedHat Bug #1164340 - segfault when viewing a RHEL entitlement certificate

...in X509V3_EXT_get v3_lib.c:15

Fix the x509v3ext copy constructor
---
 lib/x509v3ext.cpp |    7 +++----
 1 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/lib/x509v3ext.cpp b/lib/x509v3ext.cpp
index d94cbda..87bfc63 100644
--- a/lib/x509v3ext.cpp
+++ b/lib/x509v3ext.cpp
@@ -26,10 +26,9 @@ x509v3ext::x509v3ext(const X509_EXTENSION *n)
 
 x509v3ext::x509v3ext(const x509v3ext &n)
 {
-	ext = NULL;
-	if (!n.isValid())
-		return;
-	set(n.ext);
+	ext = X509_EXTENSION_new();
+	if (n.ext && n.ext->value && n.ext->value->length > 0)
+		set(n.ext);
 }
 
 x509v3ext::~x509v3ext()
-- 
1.7.2.5

--- End Message ---

--- Begin Message ---

Source: xca
Source-Version: 1.0.0-2

We believe that the bug you reported is fixed in the latest version of
xca, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Tino Mettler <[email protected]> (supplier of updated xca package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 18 Nov 2014 22:09:55 +0100
Source: xca
Binary: xca
Architecture: source
Version: 1.0.0-2
Distribution: unstable
Urgency: medium
Maintainer: Tino Mettler <[email protected]>
Changed-By: Tino Mettler <[email protected]>
Description:
 xca        - x509 Certification Authority management tool based on QT4
Closes: 770091
Changes:
 xca (1.0.0-2) unstable; urgency=medium
 .
   * RedHat Bug #1164340 - segfault when viewing a RHEL entitlement certificate
     (Closes: #770091)
Checksums-Sha1:
 8a23b5d7a12444656f35edeb1d68a0f06cb89fb9 1139 xca_1.0.0-2.dsc
 b231a8e20a598bb8c00f224975ddce7841583077 4884 xca_1.0.0-2.debian.tar.xz
Checksums-Sha256:
 0482064cd51a6993d496e8c39a16dcc0e9d98d5934643db786cfaf779ac6380d 1139 
xca_1.0.0-2.dsc
 2716f5a5277b8aa10b5d0f7c3da74333fb7f5d689999b05f7afe78e796f37e0f 4884 
xca_1.0.0-2.debian.tar.xz
Files:
 39f1644bf7b75f2748fbd51b45e8c144 1139 x11 optional xca_1.0.0-2.dsc
 4b802e6f4b0245f2bd87fcc51b691f7a 4884 x11 optional xca_1.0.0-2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlRyIIkACgkQGJoyQbxwpv9rbACeNATZxAPlJqTvDVleiVw7e+9O
hgAAnRmQuoMmk7j+MC3atqFzUHKczXXr
=w/OI
-----END PGP SIGNATURE-----

--- End Message ---

Bug#770091: marked as done (xca: Segmentation fault when viewing a certificate with certain extensions)

Reply via email to