On Fri, Apr 06, 2018 at 01:58:03PM +0100, Simon McVittie wrote: > Package: osc > Version: 0.162.1-1 > Severity: grave > Justification: osc tool becomes mostly unusable > > This is probably a bug in libssl1.1 or in python-m2crypto, but I'm > reporting it against osc for now, because that's the only place I know > how to reproduce it at the moment. X-Debbugs-Cc'd to the lower-level > packages' maintainers. > > Steps to reproduce: > > * have an account on any OBS instance (I used <https://build.opensuse.org/>: > anyone can register there, but an account is required to use the API) > * be in a temporary directory > * rm -fr binaries > * osc -A https://api.opensuse.org getbinaries openSUSE:Leap:15.0 \ > hello standard x86_64 > (or some project/package combination that exists on your OBS) > > Expected result: osc downloads hello into ./binaries > > Actual result: osc usually segfaults in glibc malloc-related functions, > probably due to memory corruption; sometimes glibc detects the memory > corruption itself and aborts instead. > > Workaround: Downgrading libssl1.1 to 1.1.0f-3+deb9u2 from stable-security > makes osc work correctly, so presumably this is a behaviour change > between 1.1.0f and 1.1.0h, either a regression or something that triggers > a pre-existing bug in python-m2crypto (or possibly osc).
Can you run it under valgrind? Kurt