Dear sirs,

There are a bug in Certificate Request generation, that was introduced in
OpenSSL-0.9.8h. In previous version of OpenSSL, i.e. 0.9.8g, this problem
wasn't verified. I verified this problem in Linux Slackware 12.0 and 12.1, but
compiling OpenSSL-0.9.8h in non-Slackware Linux I catch the same problem.

I found other people that catch this same problem:

http://www.mail-archive.com/openssl-.../msg53601.html

Thanks in advance,

--
Respectfully,
Rafael Jorge Csura Szendrodi
Network Administrator - PADS/COPPE/UFRJ
E-mail: szendro@pads.ufrj.br


----------------------- Bug Output Begins --------------------------------
heres: szendro:~/temp3:[1126]> /usr/local/ssl/bin/openssl req -new -keyout
newreq.pem -out newreq.pem -days 3650 -passin pass:xxxx -passout pass:xxxx
Generating a 1024 bit RSA private key
........++++++
.....................................++++++
writing new private key to 'newreq.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:
Email Address []:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:xxxxxxx
Error adding attribute
31055:error:0D0BF041:asn1 encoding routines:ASN1_item_dup:malloc
failure:a_dup.c:104:
problems making Certificate Request
Segmentation fault (core dumped)

----------------------- Bug Output End ----------------------------------

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org