Control: affects -1 firewalld On Sat, 27 Jun 2020 19:46:57 +0200 Guilhem Moulin <guil...@debian.org> wrote: > Control: reassign -1 libmount1 > Control: found -1 2.35.2-6 > Control: retitle -1 libmount1 pulls in libssl 1.1 and breaks software > statically linked against libcrypto 1.0 > > On Sat, 27 Jun 2020 at 01:08:49 -0400, Christian Weeks wrote: > >> Unless there is a reproducer involving a targeted libcryptsetup12 > >> upgrade I don't think this belong here :-P Aside from documentation > >> files, the only thing libcryptsetup12 (2:2.1.0-5+deb10u2 and 2:2.3.3-1) > >> ships is libcryptsetup.so.12*. It doesn't touch libssl. > > > > It seems that libcryptsetup + the new libmount1 dependency on same are > > the root cause somehow. Sorry for the confusion. > > To the util-linux maintainers: the following link from #message26 appears > relevant: > https://github.com/ValveSoftware/steam-for-linux/issues/6861#issuecomment-584379611 > > Starting with 2.1 cryptsetup upstream started using libssl as > cryptographic backend for LUKS header processing; this is already the > case in Buster and while other backends are supported I'm very reluctant > to diverge from upstream's sane defaults here. > > So software dynamically linked against libmount ≥2.35.2-5 will > transitively pull in libssl.so.1.1, which due to symbol clashes appears > to crash software statically linked against libssl1.0. Unfortunately > I've not been able to find a standalone reproducer using a PoC > executable and I didn't look further. > > I'm not sure this bug should be RC, or if it's even valid in the first > place (it's arguably a steam bug). Reassigning to libmount1 anyway as > the regression follows #951048.
Fwiw, I ran into weird issues with firewalld (a python application) which suddenly started to segfault like this: [16014.637459] traps: firewalld[35622] general protection fault ip:7f981342d7b2 sp:7ffe6abe4ed0 error:0 in libjansson.so.4.11.1[7f981342c000+8000] Tracing this back (which cost quite a bit of time) showed that the libmount1 package upgrade (from -4 to -6) was the culprit. I think this bug should very much be RC until this has been figured out. Regards, Michael
signature.asc
Description: OpenPGP digital signature