On Thu, Jun 25, 2026 at 08:54:01PM +0200, Sebastian Andrzej Siewior wrote:
> Control: reassign -1 apt 3.0.3
> 
> On 2026-06-19 09:37:09 [+0200], Julian Andres Klode wrote:
> > This seems to be a bug in OpenSSL, and the proposed workaround is
> > wholly inappropriate. This also points out there is _another_ bug
> > somewhere, as we _should_ have raised this error _before_ we enter
> > the Read/Write functions.
> 
> Moving back to apt after consulting with upstream, the details are in
>       https://github.com/openssl/openssl/issues/31624
> 
> There is:
> | The correct fix is for the application (apt in this case), to do what
> | postgresql did, and call ERR_clear_error(), prior to a subsequent SSL
> | call.
> 
> and 

That is not a fix and not acceptable. We must not ignore random
errors. I will not accept quick hacks that can fundamentally break
security.

PostgreSQL's work around is a potential security issue and should
be treated as such. It is not acceptable in production code to silently
discard the error queue, errors need to be raised at the appropriate
point in time (or discarded - with safety checks - at the appropriate
point in time).

We should treat this as a release critical bug in postgresql tbh.

> 
> | I want to add one nuance after checking the source code of 3.5: I'm not
> | convinced that upstream libssl 3.5.6 is the source of the stale
> | MD5/MD5-SHA1 error described here. In the code, the optional digest
> | fetch helper ssl_evp_md_fetch uses ERR_set_mark / ERR_pop_to_mark, and
> | the sigalg probing code is also protected.
> | 
> | Apt source code also uses OpenSSL EVP digest code outside the TLS path,
> | including MD5 hashing, so there may be more than one possible source of
> | a stale FIPS/provider error before the later TLS I/O.
> 
> > Thanks!
> 
> Sebastian

Right so the error is that the context is not correctly cleared where
an optional MD5 operation failed.

The fix for that is identifying the failing MD5 operation, asserting
that the error queue is empty before the call, and then discarding the
error generated by the call after it.

-- 
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer                              i speak de, en

Reply via email to