** Description changed: + [Impact] + + * Users report a crash when the revocation plugin is loaded, after a + few rounds of IKE_SA reauthentication. + + * Users do not expect strongswan to crash under valid configurations. + + [Test Case] + + * While not an explicit testcase, the original bug report indicates all + that is needed is a loading of the revocation plugin and several runs of + IKE_SA reauthentication. Upstream strongswan fixed this issue and + referred to multiple reauthentication rounds being the primary culprit. + + [Regression Potential] + + * Currently, the code crashes without this fix. Upstream has accepted + this fix and applied it all versions. I believe the regression potential + is very low, as the bug resulted from a coding error. + + --- + $ lsb_release -rd Description: Ubuntu 14.04.5 LTS Release: 14.04 $ apt-cache policy strongswan strongswan: - Installé : 5.1.2-0ubuntu2.4 - Candidat : 5.1.2-0ubuntu2.4 - Table de version : - *** 5.1.2-0ubuntu2.4 0 - 500 http://eole.ac-dijon.fr/ubuntu/ trusty-security/main amd64 Packages - 500 http://eole.ac-dijon.fr/ubuntu/ trusty-updates/main amd64 Packages - 100 /var/lib/dpkg/status - 5.1.2-0ubuntu2 0 - 500 http://eole.ac-dijon.fr/ubuntu/ trusty/main amd64 Packages + Installé : 5.1.2-0ubuntu2.4 + Candidat : 5.1.2-0ubuntu2.4 + Table de version : + *** 5.1.2-0ubuntu2.4 0 + 500 http://eole.ac-dijon.fr/ubuntu/ trusty-security/main amd64 Packages + 500 http://eole.ac-dijon.fr/ubuntu/ trusty-updates/main amd64 Packages + 100 /var/lib/dpkg/status + 5.1.2-0ubuntu2 0 + 500 http://eole.ac-dijon.fr/ubuntu/ trusty/main amd64 Packages - We have several production servers running with the same configuration. + We have several production servers running with the same configuration. When the plugin revocation is loaded, the daemon crashes in most every IKE_SA reauthentication (not each time). - You can see in this thread[1] what Tobias Brunner answers about our problem. + You can see in this thread[1] what Tobias Brunner answers about our problem. So, we have recompile the source package version including the joined patch (quilt), and all is OK now. We would be grateful if you provide a new package including this patch. Regards, EOLE Team [1] https://lists.strongswan.org/pipermail/users/2016-September/009991.html [2] https://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=8ca9a67f
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1629241 Title: crash strongSwan in Ubuntu Trusty To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1629241/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs