Re: [exim] Exim 4.95-RC2 released

Hello.

On Tue, Aug 24, 2021 at 05:12:12PM +0200, Heiko Schlittermann via Exim-users wrote:
> The Exim 4.95-RC2 is available
>

> - as tarball:        https://ftp.exim.org/pub/exim/exim4/test
> - directly from Git: https://git.exim.org
>                      tag exim-4.95-RC2

After last night upgrade from 4.94.2 to 4.95~RC2 (on Debian/testing 32bit)
several segfaults were recorded. All were generated after MAIL FROM, and
some ACLs for MAIL have been run, then segfault: no records for RCPT TO.

I enabled coredumps for suid binaries, and the result is below.

------------------------------------------------------------------------
2021-09-05 17:04:45.806 [30203] SIGSEGV (maybe attempt to write to immutable memory)

# gdb -c core.30203 -f /usr/sbin/exim4
[...]
Core was generated by `/usr/sbin/exim4 -bd -q1m'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0xf71d5b0d in ?? () from /usr/lib/i386-linux-gnu/libgnutls.so.30
(gdb) bt full
#0 0xf71d5b0d in ?? () from /usr/lib/i386-linux-gnu/libgnutls.so.30
No symbol table info available.
#1 0xf71d5be6 in gnutls_x509_trust_list_get_issuer ()
from /usr/lib/i386-linux-gnu/libgnutls.so.30
No symbol table info available.
#2 0xf71d6613 in gnutls_x509_trust_list_verify_crt2 ()
from /usr/lib/i386-linux-gnu/libgnutls.so.30
No symbol table info available.
#3 0xf7161647 in ?? () from /usr/lib/i386-linux-gnu/libgnutls.so.30
No symbol table info available.
#4 0xf7161f3f in gnutls_certificate_verify_peers ()
from /usr/lib/i386-linux-gnu/libgnutls.so.30
No symbol table info available.
#5 0xf7161fd0 in gnutls_certificate_verify_peers2 ()
from /usr/lib/i386-linux-gnu/libgnutls.so.30
No symbol table info available.
#6 0x5663599b in ?? ()
No symbol table info available.
#7 0x56637c2b in ?? ()
No symbol table info available.
#8 0x566696c6 in ?? ()
No symbol table info available.
#9 0x56643e56 in ?? ()
No symbol table info available.
#10 0x565a6642 in ?? ()
No symbol table info available.
#11 0x565a868e in ?? ()
No symbol table info available.
#12 0x565abcb1 in ?? ()
No symbol table info available.
#13 0x56623fd1 in ?? ()
No symbol table info available.
#14 0x565afe00 in ?? ()
No symbol table info available.
#15 0x565a0116 in ?? ()
No symbol table info available.
#16 0xf7335e46 in __libc_start_main () from /lib/i386-linux-gnu/libc.so.6
No symbol table info available.
#17 0x565a3ce1 in _start ()
No symbol table info available.

------------------------------------------------------------------------

2021-09-05 18:30:08.969 [38991] SIGSEGV (maybe attempt to write to immutable memory)

# gdb -c core.38991 -f /usr/sbin/exim4
[...]
Core was generated by `/usr/sbin/exim4 -bd -q1m'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0xf71d5b0d in ?? () from /usr/lib/i386-linux-gnu/libgnutls.so.30
(gdb) bt full
#0 0xf71d5b0d in ?? () from /usr/lib/i386-linux-gnu/libgnutls.so.30
No symbol table info available.
#1 0xf71d5be6 in gnutls_x509_trust_list_get_issuer ()
from /usr/lib/i386-linux-gnu/libgnutls.so.30
No symbol table info available.
#2 0xf71d6613 in gnutls_x509_trust_list_verify_crt2 ()
from /usr/lib/i386-linux-gnu/libgnutls.so.30
No symbol table info available.
#3 0xf7161647 in ?? () from /usr/lib/i386-linux-gnu/libgnutls.so.30
No symbol table info available.
#4 0xf7161f3f in gnutls_certificate_verify_peers ()
from /usr/lib/i386-linux-gnu/libgnutls.so.30
No symbol table info available.
#5 0xf7161fd0 in gnutls_certificate_verify_peers2 ()
from /usr/lib/i386-linux-gnu/libgnutls.so.30
No symbol table info available.
#6 0x5663599b in ?? ()
No symbol table info available.
#7 0x56637c2b in ?? ()
No symbol table info available.
#8 0x566696c6 in ?? ()
No symbol table info available.
#9 0x56643e56 in ?? ()
No symbol table info available.
#10 0x565a6642 in ?? ()
No symbol table info available.
#11 0x565a868e in ?? ()
No symbol table info available.
#12 0x565abcb1 in ?? ()
No symbol table info available.
#13 0x56623fd1 in ?? ()
No symbol table info available.
#14 0x565afe00 in ?? ()
No symbol table info available.
#15 0x565a0116 in ?? ()
No symbol table info available.
#16 0xf7335e46 in __libc_start_main () from /lib/i386-linux-gnu/libc.so.6
No symbol table info available.
#17 0x565a3ce1 in _start ()
No symbol table info available.
------------------------------------------------------------------------

FYI: Exim (from Debian package exim4-daemon-heavy) was upgraded 04.09.2021.
Packages libgnutls30 and libgnutls-dane0 were upgraded 01.09.2021
from 3.7.1-5 to 3.7.2-2, but there were no segfaults in time period
bitween those upgrades. So its seems problem is not in libgnutls.
Maybe in last version of Exim sometimes happen corruption of data
passed to gnutls_x509_trust_list_get_issuer().
--
Eugene Berdnikov