Thanks @ollisa. I had the same thoughts about 1.0.1f-1ubuntu2 so I found a downloadable build at https://launchpad.net/ubuntu/+source/openssl/1.0.1f- 1ubuntu2.19. Installing just the ubuntu2.19 version of libssl1.0.0 solved the issue;
wget https://launchpad.net/~ubuntu-security/+archive/ubuntu/ppa/+build/9679884/+files/libssl1.0.0_1.0.1f-1ubuntu2.19_amd64.deb dpkg -i libssl1.0.0_1.0.1f-1ubuntu2.19_amd64.deb Now the certs can be parsed without segfault; # php -r "echo gettype(openssl_x509_parse(file_get_contents('/etc/ssl/certs/ca-certificates.crt')));" array A good idea would be to put the package on hold to prevent further automatic upgrades. Though you'd then need to manually verify and unhold when a fix is out # apt-mark hold libssl1.0.0 libssl1.0.0 set on hold. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1626883 Title: libssl 1.0.2g-1ubuntu4.4 and 1.0.1f-1ubuntu2.20 cause PHP SSL cert validation to segfault To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1626883/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
