Bug 1909037 - got undefined symbol: EVP_md2, version OPENSSL_1_1_0 after upgrading from openldap-2.4.46-11 to openldap-2.4.46-15
Summary: got undefined symbol: EVP_md2, version OPENSSL_1_1_0 after upgrading from ope...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: openldap
Version: 8.4
Hardware: x86_64
OS: Linux
medium
high
Target Milestone: rc
: 8.0
Assignee: LDAP Maintainers
QA Contact: RHDS QE
URL:
Whiteboard:
: 1972204 (view as bug list)
Depends On:
Blocks: 1972742
TreeView+ depends on / blocked
 
Reported: 2020-12-18 08:39 UTC by Paul Nyheim
Modified: 2021-11-10 09:21 UTC (History)
7 users (show)

Fixed In Version: openldap-2.4.46-17.el8
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1972742 (view as bug list)
Environment:
Last Closed: 2021-11-09 19:49:50 UTC
Type: Bug
Target Upstream Version:

Attachments (Terms of Use)
pkgdiff report between openldap-2.4.46-11.el8_1 and openldap-2.4.46-15.el8 (101.29 KB, application/gzip)
2020-12-18 08:39 UTC, Paul Nyheim 		no flags Details
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2021:4449 0 None None None 2021-11-09 19:49:54 UTC

Description Paul Nyheim 2020-12-18 08:39:36 UTC 
Created attachment 1740171 [details]
pkgdiff report between openldap-2.4.46-11.el8_1 and openldap-2.4.46-15.el8

Created attachment 1740171 [details]
pkgdiff report between openldap-2.4.46-11.el8_1 and openldap-2.4.46-15.el8

Description of problem:
We are running an installation of apache httpd (2.4.46) where we compile it and bundle compiled versions of openssl (1.1.1i) and modsecurity (2.9.3). 
It has been running fine in several different environments on both RHEL 7 and 8 as well as CentOS 7 and 8.

The other day, it suddenly started failing with the following error message when loading modsecurity:

    httpd: Syntax error on line 251 of httpd.conf: Cannot load modules/mod_security2.so into server: /lib64/libldap-2.4.so.2: undefined symbol: EVP_md2, version OPENSSL_1_1_0

Our investigations shows that this started happening when openldap was bumped from openldap-2.4.46-11 to openldap-2.4.46-15 during a regular system update.

I'm not competent enough in these matters to say if this is a bug with the release of the package or not, just hoping that you might be able to shed some light on it.


Version-Release number of selected component (if applicable):
openldap-2.4.46-15.el8

How reproducible:
Always


Steps to Reproduce:
1. System running with our httpd package
2. Upgrade openldap-2.4.46 from release 11 to 15

Actual results:
httpd syntax error on startup

    httpd: Syntax error on line 251 of httpd.conf: Cannot load modules/mod_security2.so into server: /lib64/libldap-2.4.so.2: undefined symbol: EVP_md2, version OPENSSL_1_1_0

Expected results:
No syntax error on startup and a running system


Additional info:
Not sure if useful, but I've attached the output of pkgdiff between the mentioned releases.
Comment 8 Simon Pichugin 2021-06-16 12:31:17 UTC 
*** Bug 1972204 has been marked as a duplicate of this bug. ***
Comment 14 bsmejkal 2021-07-14 09:18:50 UTC 
Build tested:
openldap-2.4.46-17.el8.x86_64

# strings /usr/lib64/libldap* | grep -c EVP_md2
0

Marking as Verified.
Comment 16 errata-xmlrpc 2021-11-09 19:49:50 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (openldap bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:4449
Note You need to log in before you can comment on or make changes to this bug.