ubuntu-phone team mailing list archive

Thread
Date

Re: SEGFAULT in silos - Was Re: Landing team 09.06.15

To: Jason DeRose <jason@xxxxxxxxxxxx>, Rodney Dawes <rodney.dawes@xxxxxxxxxxxxx>
From: Marc Deslauriers <marc.deslauriers@xxxxxxxxxxxxx>
Date: Wed, 10 Jun 2015 11:34:12 -0400
Cc: Ubuntu Phone <ubuntu-phone@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <1673049246.750490.1433950493687.JavaMail.zimbra@system76.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0

On 2015-06-10 11:34 AM, Jason DeRose wrote:
> I noticed a (seemingly) related build failure over the weekend:
> 
> https://launchpadlibrarian.net/208521008/buildlog_ubuntu-wily-amd64.degu_0.14.0~alpha~bzr339~ubuntu15.10.1_BUILDING.txt.gz
> 
> As this is a failure (seemingly) caused by an independent SSL implementation (openssl), I wonder if the underlying problem might be in ca-certificates rather than gnutls.
> 
> Of course, no matter how broken ca-certificates might/might-not be in Wily, I reckon a SEGFAULT from gnutls could be indicative of some "very bad things", possibly even an exploitable attack vector.
> 

That build failure is unrelated, and is most likely caused by the openssl in
wily no longer supporting SSLv3.

Marc.

Follow ups

Re: SEGFAULT in silos - Was Re: Landing team 09.06.15
From: Jason DeRose, 2015-06-10

References

Landing team 09.06.15
From: Łukasz 'sil2100' Zemczak, 2015-06-09
SEGFAULT in silos - Was Re: Landing team 09.06.15
From: Rodney Dawes, 2015-06-10
Re: SEGFAULT in silos - Was Re: Landing team 09.06.15
From: Jason DeRose, 2015-06-10