Bug#505242: subversion: segfault when fetching external reference
On 2008-11-11 Michael Biebl [EMAIL PROTECTED] wrote: Andreas Metzler wrote: [...] Looks like a dup of #505279 [...] Which is fixed in 2.4.2-3. (Currently in http://incoming.debian.org/) Please give me a short thumbs-up if this fixes the issue for you, too. Then I can do the reassign/forcemerge tango. cu andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#505242: subversion: segfault when fetching external reference
Andreas Metzler wrote: On 2008-11-11 Michael Biebl [EMAIL PROTECTED] wrote: Andreas Metzler wrote: [...] Looks like a dup of #505279 [...] Which is fixed in 2.4.2-3. (Currently in http://incoming.debian.org/) Please give me a short thumbs-up if this fixes the issue for you, too. Then I can do the reassign/forcemerge tango. Looks good. Thumbs up from me. Thanks for the quick fix, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? signature.asc Description: OpenPGP digital signature
Bug#505242: subversion: segfault when fetching external reference
On 2008-11-11 Michael Biebl [EMAIL PROTECTED] wrote: [...] I think the backtrace led me in the correct direction, as it was segfaulting in libgnutls. I checked when libgnutls was last updated, and it was yesterday. I checked the changelog: gnutls26 (2.4.2-2) unstable; urgency=medium * [CVE-2008-4989.diff] Fix man in the middle attack for certificate verification. CVE-2008-4989 GNUTLS-SA-2008-3 -- Andreas Metzler [EMAIL PROTECTED] Mon, 10 Nov 2008 19:42:54 +0100 And indeed, this is the culprit. If I revert to version 2.4.2-1, the crashes in subversion are gone. I don't know the code, so I'm not sure if this is a bug in subversion or gnutls, so If CCed Andreas, maybe he can comment on this and if this bug should be reassigned to gnutls. Is there a self-signed certificate involved? If yes this is probably a duplicate of 505242. A backtrace with libgnutls26-dbg will probably show it clearer. cu andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#505242: subversion: segfault when fetching external reference
Peter Samuelson wrote: [Michael Biebl] Today I did a svn checkout of the kdesupport svn. svn died with a SEGFAULT when fetching the external reference: Could you try 1.5.4dfsg1-1 from experimental? It fixes at least one segfault with externals. I think the experimental build uses only lenny Depends. You will need 'libsvn1' and 'subversion'. I think the backtrace led me in the correct direction, as it was segfaulting in libgnutls. I checked when libgnutls was last updated, and it was yesterday. I checked the changelog: gnutls26 (2.4.2-2) unstable; urgency=medium * [CVE-2008-4989.diff] Fix man in the middle attack for certificate verification. CVE-2008-4989 GNUTLS-SA-2008-3 -- Andreas Metzler [EMAIL PROTECTED] Mon, 10 Nov 2008 19:42:54 +0100 And indeed, this is the culprit. If I revert to version 2.4.2-1, the crashes in subversion are gone. I don't know the code, so I'm not sure if this is a bug in subversion or gnutls, so If CCed Andreas, maybe he can comment on this and if this bug should be reassigned to gnutls. Cheers, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? signature.asc Description: OpenPGP digital signature
Bug#505242: subversion: segfault when fetching external reference
On 2008-11-11 Michael Biebl [EMAIL PROTECTED] wrote: Andreas Metzler wrote: [...] Is there a self-signed certificate involved? If yes this is probably a duplicate of 505242. Dunno if it is a self-signed certificate, but I guess you meant #505279 [...] Indeed, sorry for the c'n'p error. cu andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#505242: subversion: segfault when fetching external reference
Andreas Metzler wrote:
On 2008-11-11 Michael Biebl [EMAIL PROTECTED] wrote:
[...]
I think the backtrace led me in the correct direction, as it was
segfaulting in libgnutls. I checked when libgnutls was last updated, and
it was yesterday.
I checked the changelog:
gnutls26 (2.4.2-2) unstable; urgency=medium
* [CVE-2008-4989.diff] Fix man in the middle attack for certificate
verification. CVE-2008-4989 GNUTLS-SA-2008-3
-- Andreas Metzler [EMAIL PROTECTED] Mon, 10 Nov 2008 19:42:54 +0100
And indeed, this is the culprit. If I revert to version 2.4.2-1, the
crashes in subversion are gone.
I don't know the code, so I'm not sure if this is a bug in subversion or
gnutls, so If CCed Andreas, maybe he can comment on this and if this bug
should be reassigned to gnutls.
Is there a self-signed certificate involved? If yes this is probably a
duplicate of 505242.
Dunno if it is a self-signed certificate, but I guess you meant #505279
A backtrace with libgnutls26-dbg will probably show it clearer.
cu andreas
Looks like a dup of #505279
Fetching external item into 'admin'
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb72b1700 (LWP 3237)]
0xb778aff4 in _gnutls_x509_crt_get_raw_dn2 (cert=0x11,
whom=0xb77c5367 issuer, start=0xbf93db24) at x509.c:1718
1718x509.c: No such file or directory.
in x509.c
(gdb) bt full
#0 0xb778aff4 in _gnutls_x509_crt_get_raw_dn2 (cert=0x11,
whom=0xb77c5367 issuer, start=0xbf93db24) at x509.c:1718
c2 = (ASN1_TYPE) 0x984f598
result = 0
start1 = value optimized out
end1 = value optimized out
signed_data = {data = 0x0, size = 0}
#1 0xb778fc9a in is_issuer (cert=0xb77c3dce, issuer_cert=0x96c4970)
at verify.c:164
dn1 = {data = 0x0, size = 0}
dn2 = {data = 0x0, size = 0}
ret = value optimized out
#2 0xb7790b12 in _gnutls_verify_certificate2 (cert=0x11,
trusted_cas=value optimized out, tcas_size=140, flags=0,
output=0xbf93dbe8) at verify.c:199
cert_signed_data = {data = 0x0, size = 0}
cert_signature = {data = 0x0, size = 0}
issuer = value optimized out
ret = value optimized out
issuer_version = value optimized out
result = value optimized out
#3 0xb7791381 in gnutls_x509_crt_list_verify (cert_list=0x984d168,
cert_list_length=0, CA_list=0x982d580, CA_list_length=140, CRL_list=0x0,
CRL_list_length=0, flags=0, verify=0xbf93dcac) at verify.c:396
No locals.
#4 0xb777364c in _gnutls_x509_cert_verify_peers (session=0x984bd18,
status=0xbf93dcac) at gnutls_x509.c:176
peer_certificate_list = (gnutls_x509_crt_t *) 0x984d168
i = 1
x = 0
ret = 1
#5 0xb7765921 in gnutls_certificate_verify_peers2 (session=0x984bd18,
status=0xbf93dcac) at gnutls_cert.c:606
No locals.
#6 0xb7765959 in gnutls_certificate_verify_peers (session=0x984bd18)
at gnutls_cert.c:639
status = value optimized out
ret = value optimized out
#7 0xb780e5e9 in ?? () from /usr/lib/libneon-gnutls.so.27
No symbol table info available.
#8 0x0984bd18 in ?? ()
No symbol table info available.
#9 0xbf93dcf8 in ?? ()
No symbol table info available.
#10 0x in ?? ()
No symbol table info available.
Cheers,
Michael
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature
Bug#505242: subversion: segfault when fetching external reference
Package: subversion Version: 1.5.1dfsg1-1 Severity: important Today I did a svn checkout of the kdesupport svn. svn died with a SEGFAULT when fetching the external reference: Fetching external item into 'admin' Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb7244700 (LWP 21029)] 0xb771dff4 in ?? () from /usr/lib/libgnutls.so.26 (gdb) bt #0 0xb771dff4 in ?? () from /usr/lib/libgnutls.so.26 #1 0x09b489f8 in ?? () #2 0xb7756dce in ?? () from /usr/lib/libgnutls.so.26 #3 0xbfcd3608 in ?? () #4 0xb7e8018c in ?? () from /lib/i686/cmov/libc.so.6 #5 0x in ?? () Cheers, Michael [1] svn://anonsvn.kde.org/home/kde/trunk/kdesupport -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable'), (300, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.27.5 Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages subversion depends on: ii libapr1 1.2.12-5The Apache Portable Runtime Librar ii libc62.7-16 GNU C Library: Shared libraries ii libsasl2-2 2.1.22.dfsg1-23 Cyrus SASL - authentication abstra ii libsvn1 1.5.1dfsg1-1Shared libraries used by Subversio subversion recommends no packages. Versions of packages subversion suggests: pn db4.6-util none (no description available) ii patch 2.5.9-5 Apply a diff file to an original ii subversion-tools1.5.1dfsg1-1 Assorted tools related to Subversi -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#505242: subversion: segfault when fetching external reference
[Michael Biebl] Today I did a svn checkout of the kdesupport svn. svn died with a SEGFAULT when fetching the external reference: Could you try 1.5.4dfsg1-1 from experimental? It fixes at least one segfault with externals. I think the experimental build uses only lenny Depends. You will need 'libsvn1' and 'subversion'. -- Peter Samuelson | org-tld!p12n!peter | http://p12n.org/ signature.asc Description: Digital signature
Bug#505242: subversion: segfault when fetching external reference
Peter Samuelson schrieb: [Michael Biebl] Today I did a svn checkout of the kdesupport svn. svn died with a SEGFAULT when fetching the external reference: Could you try 1.5.4dfsg1-1 from experimental? It fixes at least one segfault with externals. I think the experimental build uses only lenny Depends. You will need 'libsvn1' and 'subversion'. I also tried the exp version, but the result is the same, svn crashes with a SEGFAULT. Cheers, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? signature.asc Description: OpenPGP digital signature
