** Description changed: The recent openssl update to 3.0.2-0ubuntu1.2 in jammy included some buggy changes related to OPENSSL_strcasecmp. Briefly, it's possible for OPENSSL_strcasecmp to be called before the global locale_t object has - been initialized, causing a crash. For example, this bug can be - trivially triggered with the program below. + been initialized, causing a crash in strcasecmp_l. For example, this bug + can be trivially triggered with the program below. #include <openssl/evp.h> int main() { - EVP_PKEY_Q_keygen(NULL, NULL, "EC", "P-256"); + EVP_PKEY_Q_keygen(NULL, NULL, "EC", "P-256"); } The problem is already fixed in the openssl-3.0 branch. Please consider backporting this PR https://github.com/openssl/openssl/pull/18293 or updating the ubuntu package to a more recent commit of that branch that includes the fixes.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1975347 Title: Backport OPENSSL_strcasecmp fixes from 3.0 branch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1975347/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs