The issue is not limited to Ubuntu 16.04 and PHP 7. We experience a similar issue on Ubuntu 14.04 using PHP 5.5 (se exact system info below).
Tonight's unattended openssl update from 1.0.1f-1ubuntu2.19 to 1.0.1f- 1ubuntu2.20 (http://www.ubuntu.com/usn/usn-3087-1/, http://changelogs.ubuntu.com/changelogs/pool/main/o/openssl/openssl_1.0 .1f-1ubuntu2.20/changelog) causes our Satis installation (https://github.com/composer/satis) to segfault on trying to establish HTTPS connections; Start-Date: 2016-09-23 04:45:30 Upgrade: libssl1.0.0:amd64 (1.0.1f-1ubuntu2.19, 1.0.1f-1ubuntu2.20), libssl-dev:amd64 (1.0.1f-1ubuntu2.19, 1.0.1f-1ubuntu2.20), libssl-doc:amd64 (1.0.1f-1ubuntu2.19, 1.0.1f-1ubuntu2.20), openssl:amd64 (1.0.1f-1ubuntu2.19, 1.0.1f-1ubuntu2.20) End-Date: 2016-09-23 04:45:34 We have isolated it to this simple php command trying to parse the openssl provided ca-certs also triggering the issue; # php -r "openssl_x509_parse(file_get_contents('/etc/ssl/certs/ca-certificates.crt'));" Segmentation fault (core dumped) Downgrading is only possible to 1.0.1f-1ubuntu2, which causes some dependencies to be uninstalled which seems counterproductive; # apt-get install libssl1.0.0=1.0.1f-1ubuntu2.19 Reading package lists... Done Building dependency tree Reading state information... Done E: Version '1.0.1f-1ubuntu2.19' for 'libssl1.0.0' was not found # apt-get install libssl1.0.0=1.0.1f-1ubuntu2 ... The following packages will be REMOVED: libssl-dev node-gyp nodejs-dev npm php5-dev The following packages will be DOWNGRADED: libssl1.0.0 0 upgraded, 0 newly installed, 1 downgraded, 5 to remove and 1 not upgraded. Why would those dependencies be removed and why can't I pinpoint that I want 1.0.1f-1ubuntu2.19 installed? # php -v PHP 5.5.9-1ubuntu4.19 (cli) (built: Jul 28 2016 19:31:33) Copyright (c) 1997-2014 The PHP Group Zend Engine v2.5.0, Copyright (c) 1998-2014 Zend Technologies with Zend OPcache v7.0.3, Copyright (c) 1999-2014, by Zend Technologies with Xdebug v2.2.3, Copyright (c) 2002-2013, by Derick Rethans # lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 14.04.5 LTS Release: 14.04 Codename: trusty -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1626883 Title: libssl 1.0.2g-1ubuntu4.4 causes PHP7 SSL cert validation to segfault To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1626883/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
