[BlueOnyx:25298] Re: BlueOnyx 5209R & Aventurin{e} 6109R AdmServ/Apache issues
Colin Jack
colin at mainline.co.uk
Fri Jan 14 04:19:34 -05 2022
Morning Michael,
I have just messaged you on this so you can ignore me! __
Kind regards
Colin
On 14/01/2022, 09:08, "Blueonyx on behalf of Michael Stauber" <blueonyx-bounces at mail.blueonyx.it on behalf of mstauber at blueonyx.it> wrote:
Hi all,
I just was made aware of a problematic YUM update for BlueOnyx 5209R
(CentOS 7) and Aventurin{e} 6109R (OpenVZ 7):
The recently published OpenSSL 1.0.2k-23 causes Apache and AdmServ to
crash with the following error messages:
*** Error in `/usr/sbin/httpd': double free or corruption (fasttop):
0x00005637ad2df900 ***
*** Error in `/usr/sbin/httpd.admsrv': double free or corruption
(fasttop): 0x00005637ad2df900 ***
According to https://bugzilla.redhat.com/show_bug.cgi?id=2039993 there
are two work arounds until a fixed OpenSSL is released:
1.) Downgrade OpenSSL again:
yum downgrade openssl openssl-libs openssl-devel
2.) Alternatively turn OSCP-Stapling off.
This can be done by editing two config files:
/etc/admserv/conf.d/ssl.conf
/etc/httpd/conf.d/ssl.conf
In /etc/admserv/conf.d/ssl.conf find the parameter "SSLUseStapling" and
change its value from "on" to "off" and save the changes.
In /etc/httpd/conf.d/ssl.conf simply add the whole line as shown here:
SSLUseStapling off
Save the changes and then you should be able to restart both services:
systemctl restart admserv
systemctl restart httpd
Please note:
=============
At the time of me writing this, OpenSSL-1.0.2k-23 has not yet been
released for CentOS 7 yet. For OpenVZ 7 it's already available, though.
--
With best regards
Michael Stauber
_______________________________________________
Blueonyx mailing list
Blueonyx at mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx
More information about the Blueonyx
mailing list