One of the commits for the security fix for CVE-2023-28408 will now attempt to mmap the library and search for the "C_GetFunctionList" symbol before doing the dlopen. Unfortunately, dlopen allows specifying just the library name and the dynamic linker will search for it, but the new code just tries to open the filename directly.
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-28408 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/2028774 Title: ssh fails to load opensc-pkcs11.so Status in openssh package in Ubuntu: New Bug description: I have PKCS11Provider opensc-pkcs11.so in my ~/.ssh/config After the last update of openssh-client I now get: $ strace -o slogin.log slogin host lib_contains_symbol: open opensc-pkcs11.so: No such file or directory provider opensc-pkcs11.so is not a PKCS11 library (uwe@host) Password for uwe@host: $ grep -i pkcs11 slogin.log read(3, "PKCS11Provider opensc-pkcs11.so\n"..., 4096) = 1603 openat(AT_FDCWD, "opensc-pkcs11.so", O_RDONLY) = -1 ENOENT (No such file or directory) write(2, "provider opensc-pkcs11.so is not"..., 51) = 51 $ dpkg-query --listfiles opensc-pkcs11 | grep opensc-pkcs11.so /usr/lib/x86_64-linux-gnu/onepin-opensc-pkcs11.so /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so /usr/lib/x86_64-linux-gnu/pkcs11/onepin-opensc-pkcs11.so /usr/lib/x86_64-linux-gnu/pkcs11/opensc-pkcs11.so ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: openssh-client 1:8.9p1-3ubuntu0.3 ProcVersionSignature: Ubuntu 5.19.0-50.50-generic 5.19.17 Uname: Linux 5.19.0-50-generic x86_64 ApportVersion: 2.20.11-0ubuntu82.5 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: ubuntu:GNOME Date: Wed Jul 26 15:46:30 2023 InstallationDate: Installed on 2022-08-25 (334 days ago) InstallationMedia: Ubuntu 22.04 LTS "Jammy Jellyfish" - Release amd64 (20220419) RelatedPackageVersions: ssh-askpass 1:1.2.4.1-13 libpam-ssh N/A keychain N/A ssh-askpass-gnome N/A SSHClientVersion: OpenSSH_8.9p1 Ubuntu-3ubuntu0.3, OpenSSL 3.0.2 15 Mar 2022 SourcePackage: openssh UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2028774/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
