[Bug 1974037] Re: openssl: EVP_EC_gen() segfault without init

2022-06-04 Thread Launchpad Bug Tracker
This bug was fixed in the package openssl - 3.0.3-5ubuntu2 --- openssl (3.0.3-5ubuntu2) kinetic; urgency=medium * d/p/Set-systemwide-default-settings-for-libssl-users: don't comment out the CipherString string to avoid an empty section. -- Simon Chopin Tue, 31 May 2022 13:02

[Bug 1974037] Re: openssl: EVP_EC_gen() segfault without init

2022-05-24 Thread Ubuntu Foundations Team Bug Bot
** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1974037 Title: openssl: EVP_EC_gen() segfault without init To manage notifications about this bug go to: https://bugs.launchpad.ne

[Bug 1974037] Re: openssl: EVP_EC_gen() segfault without init

2022-05-24 Thread Simon Chopin
** Description changed: - Imported from Debian bug http://bugs.debian.org/1010958: + [Impact] + + The fix for + https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1968997 has + broken some code paths as the new string comparison functions now need + initialization, triggering segafults. + +

[Bug 1974037] Re: openssl: EVP_EC_gen() segfault without init

2022-05-24 Thread Simon Chopin
Attached is a debdiff for the Jammy changes. I'm still working on Kinetic as this will be folded into the merge, but I still need to do some more work as some new patches have surfaced upstream since then, as well as a new Debian revision. I feel the Jammy SRU should still move forward. Note that

[Bug 1974037] Re: openssl: EVP_EC_gen() segfault without init

2022-05-24 Thread Simon Chopin
** Changed in: openssl (Ubuntu Kinetic) Status: Confirmed => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1974037 Title: openssl: EVP_EC_gen() segfault without init To manage no

[Bug 1974037] Re: openssl: EVP_EC_gen() segfault without init

2022-05-23 Thread Simon Chopin
** Merge proposal linked: https://code.launchpad.net/~schopin/ubuntu/+source/openssl/+git/openssl/+merge/423153 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1974037 Title: openssl: EVP_EC_gen()

[Bug 1974037] Re: openssl: EVP_EC_gen() segfault without init

2022-05-18 Thread Bug Watch Updater
** Changed in: openssl (Debian) Status: New => Fix Released ** Changed in: openssl (Debian) Importance: Undecided => Unknown -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1974037 Title: o

[Bug 1974037] Re: openssl: EVP_EC_gen() segfault without init

2022-05-18 Thread Simon Chopin
This issue has been introduced in 3.0.3 upstream but we've backported the patch set to Jammy as well. The cherry-picked fix is in Debian in 3.0.3-4. ** Changed in: openssl (Ubuntu) Status: New => Confirmed ** Also affects: openssl (Ubuntu Kinetic) Importance: Undecided Status: Co