Package: openssl Version: 3.0.7-1 Severity: important Tags: patch X-Debbugs-Cc: i...@valdikss.org.ru
Dear Maintainer, OpenSSL 3.0.7-1 shipped in current Testing has a bug which causes SIGSEGV in different applications if OpenSSL if configured to use engines. People on OpenSSL bug tracker reported issues with devcrypto engine, which causes SSHd crashes and inability to connect, and for me it crashes when using VIA Padlock engine. Upstream fix available, applies cleanly to 3.0.7, tested by me: https://github.com/openssl/openssl/commit/d0f8056c47f7aea40a34815fe459404f14501e81.patch Other bug reports: https://github.com/openssl/openssl/issues/17995 https://github.com/openssl/openssl/issues/18578 -- System Information: Debian Release: bookworm/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 6.0.0-6-686-pae (SMP w/1 CPU thread; PREEMPT)Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages openssl depends on: ii libc6 2.36-7 ii libssl3 3.0.7-1 openssl recommends no packages. Versions of packages openssl suggests: ii ca-certificates 20211016
OpenPGP_signature
Description: OpenPGP digital signature
