Your message dated Fri, 29 Dec 2023 20:49:54 +0000
with message-id <[email protected]>
and subject line Bug#1057855: fixed in curl 8.5.0-2
has caused the Debian Bug report #1057855,
regarding curl: segmentation fault when connecting to LDAP server
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1057855: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057855
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: curl
Version: 8.5.0-1
Severity: important
X-Debbugs-Cc: Daniel Stenberg <[email protected]>, Tianyu Chen 
<[email protected]>

When using curl 8.5.0-1 performing a request to ldap://db.debian.org, curl
received signal SIGSEGV, Segmentation fault.

Backtrace:

        (gdb) bt
        #0  0x0000000000000000 in ?? ()
        #1  0x00007ffff7f2f33c in ldapsb_tls_write (sbiod=<optimized out>,
buf=<optimized out>, len=<optimized out>) at ./debian/build/lib/openldap.c:1192
        #2  0x00007ffff7546f68 in sb_debug_write (sbiod=0x5555555f14e0,
buf=0x5555555f2650, len=39) at ../../../../libraries/liblber/sockbuf.c:854
        #3  0x00007ffff7548181 in ber_int_sb_write (sb=sb@entry=0x5555555f1330,
buf=0x5555555f2650, len=len@entry=39) at
../../../../libraries/liblber/sockbuf.c:445
        #4  0x00007ffff7544a63 in ber_flush2 (sb=0x5555555f1330,
ber=0x5555555f1730, freeit=freeit@entry=0) at
../../../../libraries/liblber/io.c:249
        #5  0x00007ffff7575b43 in ldap_int_flush_request
(ld=ld@entry=0x5555555eee00, lr=lr@entry=0x5555555f17b0) at
../../../../libraries/libldap/request.c:186
        #6  0x00007ffff7575e30 in ldap_send_server_request
(ld=ld@entry=0x5555555eee00, ber=ber@entry=0x5555555f1730, msgid=msgid@entry=2,
parentreq=parentreq@entry=0x0, srvlist=srvlist@entry=0x0,
                        lc=<optimized out>, lc@entry=0x0, bind=0x0, m_noconn=0,
m_res=0) at ../../../../libraries/libldap/request.c:412
        #7  0x00007ffff7576211 in ldap_send_initial_request
(ld=ld@entry=0x5555555eee00, msgtype=msgtype@entry=99,
dn=dn@entry=0x5555555f1710 "", ber=0x5555555f1730, msgid=2)
                        at ../../../../libraries/libldap/request.c:169
        #8  0x00007ffff75645ec in ldap_pvt_search (ld=0x5555555eee00,
base=0x5555555f1710 "", scope=0, filter=0x0, attrs=0x0,
attrsonly=attrsonly@entry=0, sctrls=0x0, cctrls=0x0, timeout=0x0,
                        sizelimit=0, deref=-1, msgidp=0x7fffffffd9c4) at
../../../../libraries/libldap/search.c:128
        #9  0x00007ffff75646d0 in ldap_search_ext (ld=<optimized out>,
base=<optimized out>, scope=<optimized out>, filter=<optimized out>,
attrs=<optimized out>, attrsonly=attrsonly@entry=0,
                        sctrls=0x0, cctrls=0x0, timeout=0x0, sizelimit=0,
msgidp=0x7fffffffd9c4) at ../../../../libraries/libldap/search.c:69
        #10 0x00007ffff7f30b66 in oldap_do (data=0x5555555d2390,
done=0x7fffffffda14) at ./debian/build/lib/openldap.c:895
        #11 0x00007ffff7f2cd7f in multi_do (done=0x7fffffffda14,
data=<optimized out>) at ./debian/build/lib/multi.c:1558
        #12 multi_runsingle (multi=multi@entry=0x5555555ce130,
nowp=nowp@entry=0x7fffffffda90, data=data@entry=0x5555555d2390) at
./debian/build/lib/multi.c:2156
        #13 0x00007ffff7f2de46 in curl_multi_perform
(multi=multi@entry=0x5555555ce130,
running_handles=running_handles@entry=0x7fffffffdb98) at
./debian/build/lib/multi.c:2702
        #14 0x00007ffff7f006bb in easy_transfer (multi=<optimized out>) at
./debian/build/lib/easy.c:671
        #15 easy_perform (events=false, data=0x5555555d2390) at
./debian/build/lib/easy.c:761
        #16 curl_easy_perform (data=0x5555555d2390) at
./debian/build/lib/easy.c:780
        #17 0x0000555555570b20 in serial_transfers (share=0x5555555cabb0,
global=0x7fffffffdd40) at ./debian/build/src/tool_operate.c:2500
        #18 run_all_transfers (result=CURLE_OK, share=0x5555555cabb0,
global=0x7fffffffdd40) at ./debian/build/src/tool_operate.c:2691
        #19 operate (global=global@entry=0x7fffffffdd40, argc=argc@entry=2,
argv=argv@entry=0x7fffffffdef8) at ./debian/build/src/tool_operate.c:2807
        #20 0x000055555555f9f8 in main (argc=2, argv=0x7fffffffdef8) at
./debian/build/src/tool_main.c:273

ci.debian.net also complains so:
https://ci.debian.net/packages/c/curl/testing/amd64/

Best regrads,
Tianyu Chen


-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.5.0-5-amd64 (SMP w/12 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages curl depends on:
ii  libc6     2.37-13
ii  libcurl4  8.5.0-1
ii  zlib1g    1:1.3.dfsg-3

curl recommends no packages.

curl suggests no packages.

-- no debconf information

--- End Message ---
--- Begin Message ---
Source: curl
Source-Version: 8.5.0-2
Done: Samuel Henrique <[email protected]>

We believe that the bug you reported is fixed in the latest version of
curl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Samuel Henrique <[email protected]> (supplier of updated curl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 29 Dec 2023 15:34:11 -0300
Source: curl
Architecture: source
Version: 8.5.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Curl Maintainers <[email protected]>
Changed-By: Samuel Henrique <[email protected]>
Closes: 1057855
Changes:
 curl (8.5.0-2) unstable; urgency=medium
 .
   * d/p/openldap_fix_an_LDAP_crash.patch: New patch to fix ldap segfault
     (closes: #1057855)
Checksums-Sha1:
 0946ef695ceca9df79d669bebc97529d79ff0358 3117 curl_8.5.0-2.dsc
 d7877b39b6efda66e9ac5f9c28b8b28d8c0b7b7e 4372979 curl_8.5.0.orig.tar.gz
 288c3b1cd5819ca35f1659677bdc746c712fc4fb 488 curl_8.5.0.orig.tar.gz.asc
 d20b09ac99a4c6f87d7b2d9c447e6c96ee1ada49 47912 curl_8.5.0-2.debian.tar.xz
 27c8ccb6d06622a953700fd78e8ad9a870d65185 11896 curl_8.5.0-2_amd64.buildinfo
Checksums-Sha256:
 64ac1de3cabae24dcc1d403977cae690b902db3585b540ff0bd9ac9a83e2d052 3117 
curl_8.5.0-2.dsc
 05fc17ff25b793a437a0906e0484b82172a9f4de02be5ed447e0cab8c3475add 4372979 
curl_8.5.0.orig.tar.gz
 e5c4311a86b03daea93290de17cf0e3b46e468a1d99bd5b9934d91af5409d378 488 
curl_8.5.0.orig.tar.gz.asc
 5e398fc2d420bfc3fedc4d3cdedfad8bc4eadf5445bf59905af0e6f2602fcb66 47912 
curl_8.5.0-2.debian.tar.xz
 b75b85c579428c7a8704842a49e5efc2c131c09a8676ff39acea811febdb6889 11896 
curl_8.5.0-2_amd64.buildinfo
Files:
 18e5782d6bcfbac3a3f8f0d7f2f2e54d 3117 web optional curl_8.5.0-2.dsc
 0bc69288b20ae165ff4b7d6d7bbe70d2 4372979 web optional curl_8.5.0.orig.tar.gz
 436599fb65f4bd57b741a7be077314eb 488 web optional curl_8.5.0.orig.tar.gz.asc
 a079022360f6a18b766f46124766d044 47912 web optional curl_8.5.0-2.debian.tar.xz
 e5e37a9951c656f87ef95aea05930aaa 11896 web optional 
curl_8.5.0-2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEBdtqg34QX0sdAsVfu6n6rcz7RwcFAmWPJnkACgkQu6n6rcz7
Rwe8bw/+K5DSMEhLOwRL5n7+pylkjz+hfU3BJbm8lUsVzTy0gx00v64Un0Byz01C
6zJNMAX3FgqRGwSLyzmtvp2vZmwVq8QgwMPPlktjL0qk6IS/4a7iCYSxOQQzVx0R
WS3sL0NpxDqWID7wZDP4toaer/lKUYTHq6dLDEIGaVEh9ZtQNACLttquWF0iPGdr
vzNJWXZCLwZTxgxvBWiqCZLhzkuUVVFDJuqvVORIU6WSfqPRcPHBQ/sQWnzgjWZF
ctb4xLimemOAipsVSjBHmhD+NB69nXOCK4kAYtZ3GsVqAGi7RaI7ls67S/Wh+qPR
O1hTbSk9lJa4ms5Wk69XW2rVu1rkU+32vPI7dBzrJq/B/mzcMAnEv6Kh5RHUH3vp
WcVKYFLtaO7eyZOjReIbht57BxkQa5RKW4beeRb3FxSOjOdk58XGH6SpUPqMaZxC
4H1GJgQpmRyI3ivf+LUb/XPRGvEgqALKG4ywgR0qv9KEHAOp8NccJlafXElqvUOS
tZPaeuHQuOEh/5guGqhdKtGWdpoK3x5hhRYxk0/J51nEfW6UtCVybbI/eT5NyoR9
VwPcCW/2quxx/51x49+ILBdtWf27hy6QBfs0LfPdgDNPnhmyqaVB/BfT3396Re32
lSFv14sYEVvDJ5bFPTJ5s2hPR8mj6NZmONxFhiv8z4unaTJeaVY=
=JM7G
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to