Date: Sat, 8 Oct 2005 09:02:15 GMT From: "Jukka A. Ukkonen" <jau@iki.fi> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/87113: OpenSSL-0.9.8 crashes OpenSSH-portable-4.2.0.0,1 Message-ID: <200510080902.j9892FCR093757@www.freebsd.org> Resent-Message-ID: <200510080910.j989AHKb020872@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 87113 >Category: ports >Synopsis: OpenSSL-0.9.8 crashes OpenSSH-portable-4.2.0.0,1 >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat Oct 08 09:10:17 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Jukka A. Ukkonen >Release: 4.11-STABLE >Organization: private citizen >Environment: FreeBSD mjolnir 4.11-STABLE FreeBSD 4.11-STABLE #0: Wed Sep 21 07:56:19 EET DST 2005 jau@mjolnir:/home/src/sys/compile/Mjolnir i386 >Description: When linked against OpenSSL-0.9.8 OpenSSH-portable-4.2.0.0,1 crashes as follows... Plain command line example: --------------------------- # /usr/local/sbin/sshd Segmentation fault When started inside gdb: ------------------------ (gdb) run Starting program: /usr/local/sbin/sshd (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... Program received signal SIGSEGV, Segmentation fault. 0x281299e1 in bn_mul_add_words () from /usr/local/lib/libcrypto.so.4 With older OpenSSL-0.9.7g there are no problems with OpenSSL-4.2p1. I classified this bug as *critical/high* because both OpenSSL and OpenSSH are these days very widely used and important elements of overall system security, and everybody should be able to update ASAP there are new stable versions available. OTOH I assume the roots of this problem lie in some little incompatibility which both OpenSSL and OpenSSH maintainers or ports admins have completely overlooked. >How-To-Repeat: Try the same versions of OpenSSL and OpenSSH on FreeBSD-4.11-STABLE. Supposedly neither OpenSSL ports admin nor OpenSSH-portable ports admin has really tested this combination before publishing the latest ports. >Fix: No fix or explanation known yet. There are a couple of good guesses though... 1) Either the call API to bn_mul_add_words() has changed in 0.9.8 or 2) the OpenSSH-4.2p1 port has always been using that function in an improper manner. >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200510080902.j9892FCR093757>