Package: dovecot-imapd
Version: 1:2.2.13-11
Severity: important
Hi,
dovecot-imapd 1:2.2.13-11 (jessie) segfaults when an old openssl release
(at least a client based on 0.9.8n [yes, I should update...]) tries to
connect to it. Connecting with newer openssl versions does not result in
a segfault.
Here is a backtrace:
(gdb) bt
#0 0x00007fdfa63694f3 in SSL_accept () from
/usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
#1 0x00007fdfa6c22f40 in ssl_handshake (proxy=0x7fdfa8546550) at
ssl-proxy-openssl.c:480
#2 ssl_step (proxy=0x7fdfa8546550) at ssl-proxy-openssl.c:544
#3 0x00007fdfa6c228fa in ssl_proxy_flush (proxy=0x7fdfa8546550) at
ssl-proxy-openssl.c:815
#4 ssl_proxy_destroy (proxy=0x7fdfa8546550) at ssl-proxy-openssl.c:823
#5 0x00007fdfa6c22a54 in ssl_handle_error (proxy=0x7fdfa8546550, ret=-1,
func_name=0x7fdfa6c25a79 "SSL_accept()") at ssl-proxy-openssl.c:464
#6 0x00007fdfa6c23011 in ssl_handshake (proxy=0x7fdfa8546550) at
ssl-proxy-openssl.c:482
#7 ssl_step (proxy=0x7fdfa8546550) at ssl-proxy-openssl.c:544
#8 0x00007fdfa6c1f9ca in client_connected_finish (conn=0x7fffed9b7eb0) at
main.c:147
#9 0x00007fdfa695e7a3 in master_service_listen (l=0x7fdfa8540290) at
master-service.c:834
#10 0x00007fdfa69b2d0f in io_loop_call_io (io=0x7fdfa85403d0) at ioloop.c:441
#11 0x00007fdfa69b3d09 in io_loop_handler_run_internal
(ioloop=ioloop@entry=0x7fdfa85147b0) at ioloop-epoll.c:220
#12 0x00007fdfa69b2d79 in io_loop_handler_run
(ioloop=ioloop@entry=0x7fdfa85147b0) at ioloop.c:488
#13 0x00007fdfa69b2df8 in io_loop_run (ioloop=0x7fdfa85147b0) at ioloop.c:465
#14 0x00007fdfa695ddc3 in master_service_run (service=0x7fdfa8514640,
callback=callback@entry=0x7fdfa6c1fb20 <client_connected>)
at master-service.c:566
#15 0x00007fdfa6c2012b in login_binary_run (binary=<optimized out>, argc=2,
argv=0x7fdfa8514390) at main.c:421
#16 0x00007fdfa65aeb45 in __libc_start_main () from
/lib/x86_64-linux-gnu/libc.so.6
#17 0x00007fdfa7051dea in _start ()
-- Sebastian
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
