Bug#506842: marked as done (ssh: All SSH functionality segfaults with libcrypto)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Sun, 30 Nov 2008 10:11:03 +0000
with message-id <20081130101103.GA10222@riva.ucam.org>
and subject line Re: False Alarm
has caused the Debian Bug report #506842,
regarding ssh: All SSH functionality segfaults with libcrypto
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
506842: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506842
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: ssh: All SSH functionality segfaults with libcrypto
• From: Nach <joecool22us@yahoo.com>
• Date: Tue, 25 Nov 2008 11:03:13 +0200
• Message-id: <[🔎] 20081125090313.7448.64890.reportbug@localhost>

Package: ssh
Version: 1:5.1p1-4
Severity: grave
Justification: renders package unusable


Trying to login to my SSH server from another computer running any SSH program fails
Trying to login to other computers from SSH fails
SCP fails
ssh-vulnkey fails during dist-upgrade

dmesg says:
[  865.824769] sshd[5071] general protection ip:7fef41d74451 sp:7fff4ab4df30 error:252 in libcrypto.so.0.9.8[7fef41cf5000+171000]
[  912.388460] sshd[5100] general protection ip:7f8eec701451 sp:7ffff54dc8b0 error:252 in libcrypto.so.0.9.8[7f8eec682000+171000]
[  959.652628] sshd[5105] general protection ip:7f49bc7c7451 sp:7fffc55a2980 error:252 in libcrypto.so.0.9.8[7f49bc748000+171000]
[ 1173.094032] ssh[5325] general protection ip:7f305aee1451 sp:7fff6346d120 error:252 in libcrypto.so.0.9.8[7f305ae62000+171000]
[ 1189.367692] ssh[5328] general protection ip:7ff7ec2b4451 sp:7ffff483e4f0 error:252 in libcrypto.so.0.9.8[7ff7ec235000+171000]
[ 1205.735998] ssh[5331] general protection ip:7f76a7d85451 sp:7fffb030f050 error:252 in libcrypto.so.0.9.8[7f76a7d06000+171000]
[ 1331.877289] ssh[5666] general protection ip:7fd5afc7a451 sp:7fffb8203e00 error:252 in libcrypto.so.0.9.8[7fd5afbfb000+171000]
[ 1403.024208] ssh[5939] general protection ip:7f5d9ab4e451 sp:7fffa30d7d80 error:252 in libcrypto.so.0.9.8[7f5d9aacf000+171000]
[ 1416.969779] sshd[5942] general protection ip:7fb1676e6451 sp:7fff704bf7f0 error:252 in libcrypto.so.0.9.8[7fb167667000+171000]
[ 1563.283901] ssh-vulnkey[6354] general protection ip:7f1ba67fd451 sp:7fffaed48f60 error:252 in libcrypto.so.0.9.8[7f1ba677e000+171000]
[ 1563.358776] sshd[6383] general protection ip:7f4afc66e451 sp:7fff05449790 error:252 in libcrypto.so.0.9.8[7f4afc5ef000+171000]
[ 1638.746895] sshd[6507] general protection ip:7fb55134c451 sp:7fff5a125460 error:252 in libcrypto.so.0.9.8[7fb5512cd000+171000]
[ 1642.715031] sshd[6510] general protection ip:7fe4e453e451 sp:7fffed319860 error:252 in libcrypto.so.0.9.8[7fe4e44bf000+171000]
[ 1667.120219] ssh[6513] general protection ip:7f6dd0f07451 sp:7fffd9493140 error:252 in libcrypto.so.0.9.8[7f6dd0e88000+171000]
[ 1780.140507] ssh-vulnkey[7062] general protection ip:7f2b7fe94451 sp:7fff883df600 error:252 in libcrypto.so.0.9.8[7f2b7fe15000+171000]

The server rejects incoming connections
Trying to connect to other SSH Servers says: ssh_exchange_identification: Connection closed by remote host
SCP to another computer says: lost connection


-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages ssh depends on:
ii  openssh-client                1:5.1p1-4  secure shell client, an rlogin/rsh
ii  openssh-server                1:5.1p1-4  secure shell server, an rshd repla

ssh recommends no packages.

ssh suggests no packages.

-- no debconf information

--- End Message ---

--- Begin Message ---

• To: "NSRT Mail account." <joecool22us@yahoo.com>
• Cc: 506842-done@bugs.debian.org
• Subject: Re: False Alarm
• From: Colin Watson <cjwatson@debian.org>
• Date: Sun, 30 Nov 2008 10:11:03 +0000
• Message-id: <20081130101103.GA10222@riva.ucam.org>
• In-reply-to: <[🔎] 355959.31076.qm@web38901.mail.mud.yahoo.com>
• References: <[🔎] 355959.31076.qm@web38901.mail.mud.yahoo.com>

On Wed, Nov 26, 2008 at 11:26:49PM -0800, NSRT Mail account. wrote:
> I was working on one of my programs yesterday, and I was getting a lot
> of segfaults, which debugging showed to not make much sense. Even
> stranger was that my software was working fine on my other test
> machines.
> 
> I decided to run MemTest86+, and lo and behold, it found one of my RAM
> sticks wasn't storing every bit sent to it.
> 
> After removing the offending stick of RAM, my program, as well as all
> SSH/SSL applications are working properly with the -14 version of
> libssl.
> 
> I guess that one version loaded part of itself into a region of bad
> RAM. Sorry for the false alarm.

Thanks for the note; closing this bug.

-- 
Colin Watson                                       [cjwatson@debian.org]

--- End Message ---