[php-maint] Bug#838710: php5: segfault when calling openssl_x509_parse on a valid certificate

Salvatore Bonaccorso carnil at debian.org
Fri Sep 23 20:12:30 UTC 2016

Control: reassign -1 openssl 1.0.1t-1+deb8u4


On Fri, Sep 23, 2016 at 03:57:02PM -0300, Jean-Paul Deveaux wrote:
> Package: php5
> Version: 5.6.24+dfsg-0+deb8u1
> Severity: normal
> Dear Maintainer,
> Upgraded PHP5 using Debian stable repo today; code that parsed client certificate for user authentication stopped working.
> $cert = openssl_x509_parse($_SERVER['SSL_CLIENT_CERT']);
> In previous versions of PHP5 (5.6.22-0+deb8u1), this call works without any problems (returning associative array of cert guts)
> In current version, seg fault.
> For the time being, my work around involves an 'exec' call to openssl to extract cert details for authentication. I could probably also do it at the apache level.

I think this is the regression in the recent openssl DSA, and should
be fixed soon with the followup update 1.0.1t-1+deb8u5.


More information about the pkg-php-maint mailing list