Andreas Metzler wrote: > On 2008-11-11 Michael Biebl <[EMAIL PROTECTED]> wrote: > [...] >> I think the backtrace led me in the correct direction, as it was >> segfaulting in libgnutls. I checked when libgnutls was last updated, and >> it was yesterday. >> I checked the changelog: > >> gnutls26 (2.4.2-2) unstable; urgency=medium > >> * [CVE-2008-4989.diff] Fix man in the middle attack for certificate >> verification. CVE-2008-4989 GNUTLS-SA-2008-3 > >> -- Andreas Metzler <[EMAIL PROTECTED]> Mon, 10 Nov 2008 19:42:54 +0100 > >> And indeed, this is the culprit. If I revert to version 2.4.2-1, the >> crashes in subversion are gone. > >> I don't know the code, so I'm not sure if this is a bug in subversion or >> gnutls, so If CCed Andreas, maybe he can comment on this and if this bug >> should be reassigned to gnutls. > > Is there a self-signed certificate involved? If yes this is probably a > duplicate of 505242.
Dunno if it is a self-signed certificate, but I guess you meant #505279 > > A backtrace with libgnutls26-dbg will probably show it clearer. > cu andreas Looks like a dup of #505279 Fetching external item into 'admin' Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb72b1700 (LWP 3237)] 0xb778aff4 in _gnutls_x509_crt_get_raw_dn2 (cert=0x11, whom=0xb77c5367 "issuer", start=0xbf93db24) at x509.c:1718 1718 x509.c: No such file or directory. in x509.c (gdb) bt full #0 0xb778aff4 in _gnutls_x509_crt_get_raw_dn2 (cert=0x11, whom=0xb77c5367 "issuer", start=0xbf93db24) at x509.c:1718 c2 = (ASN1_TYPE) 0x984f598 result = 0 start1 = <value optimized out> end1 = <value optimized out> signed_data = {data = 0x0, size = 0} #1 0xb778fc9a in is_issuer (cert=0xb77c3dce, issuer_cert=0x96c4970) at verify.c:164 dn1 = {data = 0x0, size = 0} dn2 = {data = 0x0, size = 0} ret = <value optimized out> #2 0xb7790b12 in _gnutls_verify_certificate2 (cert=0x11, trusted_cas=<value optimized out>, tcas_size=140, flags=0, output=0xbf93dbe8) at verify.c:199 cert_signed_data = {data = 0x0, size = 0} cert_signature = {data = 0x0, size = 0} issuer = <value optimized out> ret = <value optimized out> issuer_version = <value optimized out> result = <value optimized out> #3 0xb7791381 in gnutls_x509_crt_list_verify (cert_list=0x984d168, cert_list_length=0, CA_list=0x982d580, CA_list_length=140, CRL_list=0x0, CRL_list_length=0, flags=0, verify=0xbf93dcac) at verify.c:396 No locals. #4 0xb777364c in _gnutls_x509_cert_verify_peers (session=0x984bd18, status=0xbf93dcac) at gnutls_x509.c:176 peer_certificate_list = (gnutls_x509_crt_t *) 0x984d168 i = 1 x = 0 ret = 1 #5 0xb7765921 in gnutls_certificate_verify_peers2 (session=0x984bd18, status=0xbf93dcac) at gnutls_cert.c:606 No locals. #6 0xb7765959 in gnutls_certificate_verify_peers (session=0x984bd18) at gnutls_cert.c:639 status = <value optimized out> ret = <value optimized out> #7 0xb780e5e9 in ?? () from /usr/lib/libneon-gnutls.so.27 No symbol table info available. #8 0x0984bd18 in ?? () No symbol table info available. #9 0xbf93dcf8 in ?? () No symbol table info available. #10 0x00000000 in ?? () No symbol table info available. Cheers, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature