Seems to be similar to [1], although cause in [1] to end up at the very same position might due to another problem also in transmission.
[1] https://bugs.launchpad.net/ubuntu/+source/transmission/+bug/1304004 ** Also affects: curl (Ubuntu) Importance: Undecided Status: New ** Also affects: zabbix (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to transmission in Ubuntu. https://bugs.launchpad.net/bugs/1368099 Title: libcurl3-gnutls application crashes with NULL-pointer deref Status in “curl” package in Ubuntu: New Status in “transmission” package in Ubuntu: New Status in “zabbix” package in Ubuntu: New Bug description: Bug occurs when interacting with some but not all SSL-webservers, so it seems to be triggered by the remote side, crashing a zabbix monitoring system when connecting to a problematic Apache 2.4 server in my case. Program received signal SIGSEGV, Segmentation fault. gnutls_x509_crt_import (cert=0xb8c9bc30, data=0x0, format=GNUTLS_X509_FMT_DER) at x509.c:176 176 x509.c: No such file or directory. (gdb) bt #0 gnutls_x509_crt_import (cert=0xb8c9bc30, data=0x0, format=GNUTLS_X509_FMT_DER) at x509.c:176 #1 0xb6ea253a in ?? () from /usr/lib/i386-linux-gnu/libcurl-gnutls.so.4 #2 0xb6ea3209 in ?? () from /usr/lib/i386-linux-gnu/libcurl-gnutls.so.4 #3 0xb6ea3e18 in ?? () from /usr/lib/i386-linux-gnu/libcurl-gnutls.so.4 #4 0xb6e6511c in ?? () from /usr/lib/i386-linux-gnu/libcurl-gnutls.so.4 #5 0xb6e74328 in ?? () from /usr/lib/i386-linux-gnu/libcurl-gnutls.so.4 #6 0xb6e87b7a in ?? () from /usr/lib/i386-linux-gnu/libcurl-gnutls.so.4 #7 0xb6e888a0 in curl_multi_perform () from /usr/lib/i386-linux-gnu/libcurl-gnutls.so.4 #8 0xb6e7f6fb in curl_easy_perform () from /usr/lib/i386-linux-gnu/libcurl-gnutls.so.4 #9 0xb76be6aa in process_httptests () #10 0xb76bca56 in main_httppoller_loop () #11 0xb76979a9 in MAIN_ZABBIX_ENTRY () #12 0xb76ef49b in daemon_start () #13 0xb7690abf in main () According to [1], calling the function with data=NULL seems forbidden. It seems, that [2] is a similar report for curl. The upstream patch seems to be announced in [3] as "gtls: fix NULL pointer dereference", date "Fixed in 7.37.0 - May 21 2014". Also the packages in Unicorn should already include the patch but adding it on Trusty (production) seems not a good idea due to change in package dependencies. # lsb_release -rd Description: Ubuntu 14.04.1 LTS Release: 14.04 # apt-cache policy libcurl3-gnutls libcurl3-gnutls: Installed: 7.35.0-1ubuntu2 Candidate: 7.35.0-1ubuntu2 Version table: *** 7.35.0-1ubuntu2 0 500 http://debarchive-ehealth.d03.arc.local/ubuntu/ trusty/main i386 Packages 100 /var/lib/dpkg/status [1] http://manned.org/gnutls_x509_crt_import/a0fb5c1f [2] http://curl.haxx.se/mail/lib-2014-04/0145.html [3] http://curl.haxx.se/changes.html To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/curl/+bug/1368099/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
