[Pkg-openssl-devel] Bug#665836: openssh-client: segfault error 4 in libcrypto.so.1.0.0

Matias Bellone matiasbellone+debian at gmail.com
Fri Mar 30 21:23:35 UTC 2012 

Package: libssl1.0.0
Version: 1.0.1-2
Followup-For: Bug #665836

Dear Maintainer,

After upgrading libssl1.0.0 today I stopped being able to make ssh connections.
Every time I try to SSH to another server I get a segfault after entering the
password.

~$ ssh matias at XXX.XXX.XXX.XXX
matias at XXX.XXX.XXX.XXX's password:
Segmentation fault

/var/log/messages shows a line as follows:
Mar 30 18:11:09 eternia kernel: [  115.864335] ssh[2264]: segfault at b83ed008
ip b75300cd sp bf8fd7cc error 4 in libcrypto.so.1.0.0[b74c7000+1a3000]

This also happens with other applications that use libssl, like remmina:

~$ remmina
Remmina plugin RDP (type=Protocol) registered.
Remmina plugin RDPF (type=File) registered.
Remmina plugin RDPS (type=Preference) registered.
Remmina plugin SFTP (type=Protocol) registered.
Remmina plugin SSH (type=Protocol) registered.
Segmentation fault

/var/log/messages shows a line as follows:
Mar 30 18:14:22 eternia kernel: [  309.380815] remmina[2692]: segfault at 4 ip
0806522b sp bfe71d60 error 4 in remmina[8048000+4d000]

If I install the libssl1.0.0-dbg and run said programs in GDB a backtrace shows
exactly the same thing as Karl Chen which isn't of much help. Same thing with
strace, it segfaults after a read.

I can reproduce this issue every time when running libssl1.0.0 version 1.0.1-2,
even after a re-start, but it starts working immediately after downgrading to
1.0.0h-1

Just in case, server is running:

(remote-server) $ ssh -V
OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090701f

Let me know if I can be of any assistance to keep debugging this issue



-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (900, 'testing'), (100, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-2-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libssl1.0.0 depends on:
ii  debconf [debconf-2.0]  1.5.42
ii  libc6                  2.13-27
ii  multiarch-support      2.13-27
ii  zlib1g                 1:1.2.6.dfsg-2

libssl1.0.0 recommends no packages.

libssl1.0.0 suggests no packages.

-- debconf information:
  libssl1.0.0/restart-failed:
  libssl1.0.0/restart-services:

More information about the Pkg-openssl-devel mailing list