Package: ssh Version: 1:4.2p1-5 Severity: normal I get an unreproducible segv in the client with gssapi authentication on (`GSSAPIAuthentication yes', `GSSAPIDelegateCredentials yes') connecting to either Solaris 10 or Debian stable servers. I haven't noticed a crash without gssapi yet. I assume there's an uninitialized variable or similar; it might be in the library, but I can't tell and don't have time to build and debug it currently. I caught one crash:
Program received signal SIGSEGV, Segmentation fault. 0x700cf454 in bn_sub_words () from /usr/lib/v9/libcrypto.so.0.9.8 (gdb) bt #0 0x700cf454 in bn_sub_words () from /usr/lib/v9/libcrypto.so.0.9.8 #1 0x700c8c20 in bn_sub_part_words () from /usr/lib/v9/libcrypto.so.0.9.8 #2 0x700c979c in bn_mul_recursive () from /usr/lib/v9/libcrypto.so.0.9.8 #3 0x700c964c in bn_mul_recursive () from /usr/lib/v9/libcrypto.so.0.9.8 #4 0x700ca50c in BN_mul () from /usr/lib/v9/libcrypto.so.0.9.8 #5 0x700d0a30 in BN_mod_mul_montgomery () from /usr/lib/v9/libcrypto.so.0.9.8 #6 0x700c6cf8 in BN_mod_exp_mont_consttime () from /usr/lib/v9/libcrypto.so.0.9.8 #7 0x700ea4c4 in DH_OpenSSL () from /usr/lib/v9/libcrypto.so.0.9.8 #8 0x700ea28c in DH_generate_key () from /usr/lib/v9/libcrypto.so.0.9.8 #9 0x00039b4c in error () #10 0x00038930 in error () #11 0x00034314 in error () #12 0x00033ab4 in error () #13 0x0001ee6c in ?? () #14 0x0001ee6c in ?? () Previous frame identical to this frame (corrupt stack?) Then another attempt worked. Note that this is on SPARC. -- System Information: Debian Release: 3.1 APT prefers stable APT policy: (900, 'stable') Architecture: sparc (sparc64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.12-1-sparc64 Locale: LANG=en_GB, LC_CTYPE=en_GB (charmap=ISO-8859-1) Versions of packages ssh depends on: ii openssh-client 1:4.2p1-5 Secure shell client, an rlogin/rsh ii openssh-server 1:4.2p1-5 Secure shell server, an rshd repla ssh recommends no packages. -- debconf information: ssh/insecure_rshd: ssh/ssh2_keys_merged: * ssh/user_environment_tell: * ssh/forward_warning: ssh/insecure_telnetd: ssh/new_config: true * ssh/use_old_init_script: true * ssh/protocol2_only: true ssh/encrypted_host_key_but_no_keygen: * ssh/run_sshd: true * ssh/SUID_client: true ssh/disable_cr_auth: false -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]