[BlueOnyx:25297] BlueOnyx 5209R & Aventurin{e} 6109R AdmServ/Apache issues
Michael Stauber
mstauber at blueonyx.it
Fri Jan 14 04:00:32 -05 2022
Hi all,
I just was made aware of a problematic YUM update for BlueOnyx 5209R
(CentOS 7) and Aventurin{e} 6109R (OpenVZ 7):
The recently published OpenSSL 1.0.2k-23 causes Apache and AdmServ to
crash with the following error messages:
*** Error in `/usr/sbin/httpd': double free or corruption (fasttop):
0x00005637ad2df900 ***
*** Error in `/usr/sbin/httpd.admsrv': double free or corruption
(fasttop): 0x00005637ad2df900 ***
According to https://bugzilla.redhat.com/show_bug.cgi?id=2039993 there
are two work arounds until a fixed OpenSSL is released:
1.) Downgrade OpenSSL again:
yum downgrade openssl openssl-libs openssl-devel
2.) Alternatively turn OSCP-Stapling off.
This can be done by editing two config files:
/etc/admserv/conf.d/ssl.conf
/etc/httpd/conf.d/ssl.conf
In /etc/admserv/conf.d/ssl.conf find the parameter "SSLUseStapling" and
change its value from "on" to "off" and save the changes.
In /etc/httpd/conf.d/ssl.conf simply add the whole line as shown here:
SSLUseStapling off
Save the changes and then you should be able to restart both services:
systemctl restart admserv
systemctl restart httpd
Please note:
=============
At the time of me writing this, OpenSSL-1.0.2k-23 has not yet been
released for CentOS 7 yet. For OpenVZ 7 it's already available, though.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list