Package: evolution-data-server Version: 3.56.2-8+b1 Severity: normal X-Debbugs-Cc: [email protected]
Dear Maintainer, After upgrading microsoft-identity-broker to version 3.0.1, when launching Evolution the evolution-source-registry crashes (see crash log below) >From what I see, the crash seems to occur in e_ms_oapxbc_acquire_prt_sso_cookie_sync() in libedataserver, which passes the return value of the PRT SSO cookie acquisition directly to soup_cookie_set_secure() without a NULL guard. With the new broker returning a different response shape, a NULL cookie is returned, and the unguarded call causes SIGSEGV. I raised this bug upstream as well [1], as this is not a regression introduced by evolution-data-server itself, but rather triggered by an external change: the microsoft-identity-broker package (from Microsoft's official Linux package repository) was updated on April 8, 2026 (for Ubuntu Noble at least) from its previous Java-based architecture to a fully rewritten C++ implementation (version 3.0.1, released 2026-03-31 [2] ). This is a breaking architectural change on Microsoft's side. However, given the Evolution version in Debian seems to be 1 release behind upstream, they indicated the issue would not be fixed upstream (at least not in this version) [1] https://gitlab.gnome.org/GNOME/evolution-data-server/-/issues/635 [2] https://learn.microsoft.com/en-us/entra/identity/devices/whats-new-linux This could be seen as a defensive coding issue (a missing NULL check), which would affect any version of evolution-data-server that includes the OAPXBC/broker SSO path, including presumably current upstream (but I haven't checked). I will try to work on creating a patch, but I am not that familiar with Evolution so I might not be successful and, even if it seems to work for me (e.g. the crash no longer happens), I believe it should be checked by someone familiar with the codebase to make sure it does not introduce any other problems, stability or security issues. Thank you very much in advance for looking into this! ---- crash log: PID: 6290 (evolution-sourc) UID: 1000 (jonas) GID: 1000 (jonas) Signal: 11 (SEGV) Timestamp: Fri 2026-04-10 08:04:29 CEST (6s ago) Command Line: /usr/libexec/evolution-source-registry Executable: /usr/libexec/evolution-source-registry Control Group: /user.slice/user-1000.slice/[email protected]/app.slice/evolution-source- registry.service Unit: [email protected] User Unit: evolution-source-registry.service Slice: user-1000.slice Owner UID: 1000 (jonas) Boot ID: dcc161391e9b4325b87681648e2e9340 Machine ID: de349e699e0b4f76aedbb25bea0fab21 Hostname: darkstar Storage: /var/lib/systemd/coredump/core.evolution- sourc.1000.dcc161391e9b4325b87681648e2e9340.6290.1775801069000000.zst (present) Size on Disk: 2.4M Message: Process 6290 (evolution-sourc) of user 1000 dumped core. Module libudev.so.1 from deb systemd-260.1-1.amd64 Module libsystemd.so.0 from deb systemd-260.1-1.amd64 Module libblkid.so.1 from deb util-linux-2.42-2.amd64 Module libatomic.so.1 from deb gcc-16-16-20260322-1.amd64 Module libmount.so.1 from deb util-linux-2.42-2.amd64 Module libgcc_s.so.1 from deb gcc-16-16-20260322-1.amd64 Module libstdc++.so.6 from deb gcc-16-16-20260322-1.amd64 Module libuuid.so.1 from deb util-linux-2.42-2.amd64 Stack trace of thread 6388: #0 0x00007f2358a3c604 soup_cookie_set_secure (libsoup-3.0.so.0 + 0x2f604) #1 0x00007f235928caaa e_ms_oapxbc_acquire_prt_sso_cookie_sync (libedataserver-1.2.so.27 + 0x4baaa) #2 0x00007f2354f6e931 e_ms_oapxbc_util_get_prt_sso_cookie_sync (libevolution-ews-common.so + 0x4931) #3 0x00007f233a3f306c n/a (libevolution-ews.so + 0x4a06c) #4 0x00007f233a3f3133 n/a (libevolution-ews.so + 0x4a133) #5 0x00007f235928e39c e_oauth2_service_refresh_and_store_token_sync (libedataserver-1.2.so.27 + 0x4d39c) #6 0x00007f2359292bde e_oauth2_service_get_access_token_sync (libedataserver-1.2.so.27 + 0x51bde) #7 0x00007f2359385584 n/a (module-oauth2-services.so + 0x1584) #8 0x00007f2359360145 n/a (libebackend-1.2.so.11 + 0x34145) #9 0x00007f2359296d57 n/a (libedataserver-1.2.so.27 + 0x55d57) #10 0x00007f2359298835 n/a (libedataserver-1.2.so.27 + 0x57835) #11 0x00007f2359298a14 e_soup_session_prepare_message_send_sync (libedataserver-1.2.so.27 + 0x57a14) #12 0x00007f233a3d49c9 n/a (libevolution-ews.so + 0x2b9c9) #13 0x00007f233a3d8d79 e_ews_connection_get_folder_sync (libevolution-ews.so + 0x2fd79) #14 0x00007f233a3d91ac e_ews_connection_try_credentials_sync (libevolution-ews.so + 0x301ac) #15 0x00007f235270cc95 e_ews_backend_ref_connection_sync (module-ews-backend.so + 0x8c95) #16 0x00007f235270ce7e n/a (module-ews-backend.so + 0x8e7e) #17 0x00007f23593451a5 n/a (libebackend-1.2.so.11 + 0x191a5) #18 0x00007f2358f184f6 n/a (libglib-2.0.so.0 + 0x924f6) #19 0x00007f2358b43da9 start_thread (libc.so.6 + 0x95da9) #20 0x00007f2358bc2e08 __clone3 (libc.so.6 + 0x114e08) Stack trace of thread 6304: #0 0x00007f2358bc0c69 syscall (libc.so.6 + 0x112c69) #1 0x00007f2358f17d72 g_cond_wait (libglib-2.0.so.0 + 0x91d72) #2 0x00007f2358eabae4 n/a (libglib-2.0.so.0 + 0x25ae4) #3 0x00007f2358f187b4 n/a (libglib-2.0.so.0 + 0x927b4) #4 0x00007f2358f184f6 n/a (libglib-2.0.so.0 + 0x924f6) #5 0x00007f2358b43da9 start_thread (libc.so.6 + 0x95da9) #6 0x00007f2358bc2e08 __clone3 (libc.so.6 + 0x114e08) Stack trace of thread 6306: #0 0x00007f2358b4bffe __syscall_cancel_arch (libc.so.6 + 0x9dffe) #1 0x00007f2358b407a4 __internal_syscall_cancel (libc.so.6 + 0x927a4) #2 0x00007f2358b407ed __syscall_cancel (libc.so.6 + 0x927ed) #3 0x00007f2358bb629e __GI_ppoll (libc.so.6 + 0x10829e) #4 0x00007f2358ee5aa4 n/a (libglib-2.0.so.0 + 0x5faa4) #5 0x00007f2358ee6190 g_main_context_iteration (libglib-2.0.so.0 + 0x60190) #6 0x00007f235503d0cd n/a (libdconfsettings.so + 0xc0cd) #7 0x00007f2358f184f6 n/a (libglib-2.0.so.0 + 0x924f6) #8 0x00007f2358b43da9 start_thread (libc.so.6 + 0x95da9) #9 0x00007f2358bc2e08 __clone3 (libc.so.6 + 0x114e08) Stack trace of thread 6305: #0 0x00007f2358b4bffe __syscall_cancel_arch (libc.so.6 + 0x9dffe) #1 0x00007f2358b407a4 __internal_syscall_cancel (libc.so.6 + 0x927a4) #2 0x00007f2358b407ed __syscall_cancel (libc.so.6 + 0x927ed) #3 0x00007f2358bb629e __GI_ppoll (libc.so.6 + 0x10829e) #4 0x00007f2358ee5aa4 n/a (libglib-2.0.so.0 + 0x5faa4) #5 0x00007f2358ee6190 g_main_context_iteration (libglib-2.0.so.0 + 0x60190) #6 0x00007f2358ee61e1 n/a (libglib-2.0.so.0 + 0x601e1) #7 0x00007f2358f184f6 n/a (libglib-2.0.so.0 + 0x924f6) #8 0x00007f2358b43da9 start_thread (libc.so.6 + 0x95da9) #9 0x00007f2358bc2e08 __clone3 (libc.so.6 + 0x114e08) Stack trace of thread 6361: #0 0x00007f2358b4bffe __syscall_cancel_arch (libc.so.6 + 0x9dffe) #1 0x00007f2358b407a4 __internal_syscall_cancel (libc.so.6 + 0x927a4) #2 0x00007f2358b40dbc __futex_abstimed_wait_common64 (libc.so.6 + 0x92dbc) #3 0x00007f2358b4350d __pthread_cond_wait_common (libc.so.6 + 0x9550d) #4 0x00007f233ddcf498 n/a (libjavascriptcoregtk-4.1.so.0 + 0x19cf498) #5 0x00007f2358b43da9 start_thread (libc.so.6 + 0x95da9) #6 0x00007f2358bc2e08 __clone3 (libc.so.6 + 0x114e08) Stack trace of thread 6367: #0 0x00007f2358bc0c69 syscall (libc.so.6 + 0x112c69) #1 0x00007f2358f1824c g_cond_wait_until (libglib-2.0.so.0 + 0x9224c) #2 0x00007f2358eabaad n/a (libglib-2.0.so.0 + 0x25aad) #3 0x00007f2358f18d02 n/a (libglib-2.0.so.0 + 0x92d02) #4 0x00007f2358f184f6 n/a (libglib-2.0.so.0 + 0x924f6) #5 0x00007f2358b43da9 start_thread (libc.so.6 + 0x95da9) #6 0x00007f2358bc2e08 __clone3 (libc.so.6 + 0x114e08) Stack trace of thread 6290: #0 0x00007f2358b4bffe __syscall_cancel_arch (libc.so.6 + 0x9dffe) #1 0x00007f2358b407a4 __internal_syscall_cancel (libc.so.6 + 0x927a4) #2 0x00007f2358b407ed __syscall_cancel (libc.so.6 + 0x927ed) #3 0x00007f2358bb629e __GI_ppoll (libc.so.6 + 0x10829e) #4 0x00007f2358ee5aa4 n/a (libglib-2.0.so.0 + 0x5faa4) #5 0x00007f2358ee648f g_main_loop_run (libglib-2.0.so.0 + 0x6048f) #6 0x00007f235934fe6d n/a (libebackend-1.2.so.11 + 0x23e6d) #7 0x00007f2358412056 n/a (libffi.so.8 + 0x9056) #8 0x00007f2358410eb0 n/a (libffi.so.8 + 0x7eb0) #9 0x00007f23584116ce ffi_call (libffi.so.8 + 0x86ce) #10 0x00007f2358ff9ac7 g_cclosure_marshal_generic_va (libgobject-2.0.so.0 + 0x18ac7) #11 0x00007f2358ff8cb1 n/a (libgobject-2.0.so.0 + 0x17cb1) #12 0x00007f235900fa78 n/a (libgobject-2.0.so.0 + 0x2ea78) #13 0x00007f2359015568 g_signal_emit_valist (libgobject-2.0.so.0 + 0x34568) #14 0x00007f2359015623 g_signal_emit (libgobject-2.0.so.0 + 0x34623) #15 0x00007f235935149f e_dbus_server_run (libebackend-1.2.so.11 + 0x2549f) #16 0x0000562dd5926f14 main (/usr/libexec/evolution-source- registry + 0x6f14) #17 0x00007f2358ad7f77 __libc_start_call_main (libc.so.6 + 0x29f77) #18 0x00007f2358ad8027 __libc_start_main_impl (libc.so.6 + 0x2a027) #19 0x0000562dd59270a1 _start (/usr/libexec/evolution-source- registry + 0x70a1) Stack trace of thread 6307: #0 0x00007f2358b4bffe __syscall_cancel_arch (libc.so.6 + 0x9dffe) #1 0x00007f2358b407a4 __internal_syscall_cancel (libc.so.6 + 0x927a4) #2 0x00007f2358b407ed __syscall_cancel (libc.so.6 + 0x927ed) #3 0x00007f2358bb629e __GI_ppoll (libc.so.6 + 0x10829e) #4 0x00007f2358ee5aa4 n/a (libglib-2.0.so.0 + 0x5faa4) #5 0x00007f2358ee648f g_main_loop_run (libglib-2.0.so.0 + 0x6048f) #6 0x00007f235917412a n/a (libgio-2.0.so.0 + 0x12f12a) #7 0x00007f2358f184f6 n/a (libglib-2.0.so.0 + 0x924f6) #8 0x00007f2358b43da9 start_thread (libc.so.6 + 0x95da9) #9 0x00007f2358bc2e08 __clone3 (libc.so.6 + 0x114e08) Stack trace of thread 6389: #0 0x00007f2358b4bffe __syscall_cancel_arch (libc.so.6 + 0x9dffe) #1 0x00007f2358b407a4 __internal_syscall_cancel (libc.so.6 + 0x927a4) #2 0x00007f2358b407ed __syscall_cancel (libc.so.6 + 0x927ed) #3 0x00007f2358bb629e __GI_ppoll (libc.so.6 + 0x10829e) #4 0x00007f2358ee5aa4 n/a (libglib-2.0.so.0 + 0x5faa4) #5 0x00007f2358ee648f g_main_loop_run (libglib-2.0.so.0 + 0x6048f) #6 0x00007f233a3d3527 n/a (libevolution-ews.so + 0x2a527) #7 0x00007f2358f184f6 n/a (libglib-2.0.so.0 + 0x924f6) #8 0x00007f2358b43da9 start_thread (libc.so.6 + 0x95da9) #9 0x00007f2358bc2e08 __clone3 (libc.so.6 + 0x114e08) ELF object binary architecture: AMD x86-64 ----- -- System Information: Debian Release: forky/sid APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'unstable'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.19.11+deb14-amd64 (SMP w/16 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages evolution-data-server depends on: ii evolution-data-server-common 3.56.2-8 ii gnome-keyring 50.0-1 ii libc6 2.42-14 ii libcamel-1.2-64t64 3.56.2-8+b1 ii libcanberra-gtk3-0 0.30-20 ii libcanberra0 0.30-20 ii libdb5.3t64 5.3.28+dfsg2-11 ii libebackend-1.2-11t64 3.56.2-8+b1 ii libebook-1.2-21t64 3.56.2-8+b1 ii libebook-contacts-1.2-4t64 3.56.2-8+b1 ii libecal-2.0-3 3.56.2-8+b1 ii libedata-book-1.2-27t64 3.56.2-8+b1 ii libedata-cal-2.0-2t64 3.56.2-8+b1 ii libedataserver-1.2-27t64 3.56.2-8+b1 ii libedataserverui-1.2-4t64 3.56.2-8+b1 ii libglib2.0-0t64 2.88.0-1 ii libgoa-1.0-0b 3.58.0-1 ii libgtk-3-0t64 3.24.52-1 ii libgweather-4-0t64 4.4.4-4 ii libical3t64 3.0.20-2+b1 ii libjson-glib-1.0-0 1.10.8+ds-2 ii libldap2 2.6.10+dfsg-1+b1 ii libpango-1.0-0 1.57.1-1 ii libsecret-1-0 0.21.7-2 ii libsoup-3.0-0 3.6.6-1 ii libxml2-16 2.15.2+dfsg-0.1 evolution-data-server recommends no packages. Versions of packages evolution-data-server suggests: ii evolution 3.56.2-9 -- debconf-show failed
