On Thu, Oct 20, 2005 at 05:11:14PM -0700, Kees Cook wrote:
> Package: libssl0.9.8
> Version: 0.9.8a-2
> Severity: grave
> Justification: renders package unusable
>
>
> There is a seg fault when using Perl LWP to access https sites:
>
> #0 0xb7dc3942 in SSL_CTX_ctrl () from /usr/lib/i686/cmov/libssl.so.0.9.8
> #1 0xb7de07de in XS_Crypt__SSLeay__CTX_new ()
> from /usr/lib/perl5/auto/Crypt/SSLeay/SSLeay.so
> #2 0x080c0ad0 in Perl_pp_entersub ()
> #3 0x080b95ba in Perl_runops_standard ()
> #4 0x08064e43 in perl_run ()
> #5 0x0805fd4f in main ()
>
> For example:
>
> $ perl -MHTTP::Request -MLWP::UserAgent -e '
> $agent = LWP::UserAgent->new();
> $request = HTTP::Request->new("GET" => "https://www.osdl.org/";);
> $response = $agent->request($request);
> '
> Segmentation fault
I can reproduce this, and it alteast doesn't look like a case of
2 versions of libssl loaded together. Will take a closer look
later.
Kurt
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
