[Bug 1134873] Re: regression in 1.0.1-4ubuntu5.6 causes connection errors

Marc Deslauriers marc.deslauriers at canonical.com
Thu Feb 28 16:05:24 UTC 2013 

I believe this only affects openssl 1.0.1. Has anyone seen a similar
regression on Ubuntu 8.04, 10.04, or 11.10?

** Also affects: openssl (Ubuntu Precise)
   Importance: Undecided
       Status: New

** Also affects: openssl (Ubuntu Quantal)
   Importance: Undecided
       Status: New

** Also affects: openssl (Ubuntu Raring)
   Importance: High
     Assignee: Marc Deslauriers (mdeslaur)
       Status: Confirmed

** Changed in: openssl (Ubuntu Precise)
       Status: New => Confirmed

** Changed in: openssl (Ubuntu Quantal)
       Status: New => Confirmed

** Changed in: openssl (Ubuntu Precise)
     Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: openssl (Ubuntu Quantal)
     Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: openssl (Ubuntu Quantal)
   Importance: Undecided => High

** Changed in: openssl (Ubuntu Precise)
   Importance: Undecided => High

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1134873

Title:
  regression in 1.0.1-4ubuntu5.6 causes connection errors

Status in OpenSSL cryptography and SSL/TLS toolkit:
  Unknown
Status in “openssl” package in Ubuntu:
  Confirmed
Status in “openssl” source package in Precise:
  Confirmed
Status in “openssl” source package in Quantal:
  Confirmed
Status in “openssl” source package in Raring:
  Confirmed

Bug description:
  
  In our workplace we have a subversion repository that is accessed via an apache proxy.  The proxy runs mod_proxy and uses SSL between the SVN client and the proxy (does not use SSL between the proxy and the actual SVN server) on ubuntu 12.04 LTS 64-bit.

  Yesterday some of our developers started getting strange error messages when using SVN, here is an example:
      svn: PROPFIND of '/svn/mike/test-django-tools/trunk/dev-packages': Could not read status line: SSL alert received: Bad record MAC 

  This error did not occur on every request, but if a particular request
  failed then it was generally reproducible.

  Since nothing in our environment had changed, I checked our
  unnattended-upgrades logfiles and saw that openssl and libssl had been
  updated to 1.0.1-4ubuntu5.6 on Feb 22.

  After building previous version (1.0.1-4ubuntu5.5) and installing, the
  problem went away.

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssl/+bug/1134873/+subscriptions

More information about the foundations-bugs mailing list