[Desktop-packages] [Bug 2030685] Re: cups-browsed 2.0~rc1-0ubuntu1.1 high cpu usage
*** This bug is a duplicate of bug 2049315 *** https://bugs.launchpad.net/bugs/2049315 Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: cups-filters (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to cups-filters in Ubuntu. https://bugs.launchpad.net/bugs/2030685 Title: cups-browsed 2.0~rc1-0ubuntu1.1 high cpu usage Status in cups-filters package in Ubuntu: Confirmed Bug description: I exhibited cups-browsed causing high CPU usage upon upgrading to 23.04. This led me to bug #2018504 which seemed to be describing the same behaviour I was experiencing. Bug #2018504 was closed with cups- browsed version 2.0~rc1-0ubuntu1.1 being released which was deemed to have resolved the issue. I have cups-browsed 2.0~rc1-0ubuntu1.1 and I still see the same behaviour, so potentially there is another issue causing the same behaviour. I also note that both bug #2018504 and #2017907 (its duplicate) have been updated with other people who have also upgraded to version 2.0~rc1-0ubuntu1.1 but are still seeing the same behaviour. I'm opening this bug because I'm concerned the other two reports will not be noticed since they were reported after the release of cups- browsed 2.0~rc1-0ubuntu1.1 which was expected to fix this issue 1) The release of Ubuntu you are using No LSB modules are available. Description: Ubuntu 23.04 Release: 23.04 2) The version of the package you are using cups-browsed: Installed: 2.0~rc1-0ubuntu1.1 Candidate: 2.0~rc1-0ubuntu1.1 Version table: *** 2.0~rc1-0ubuntu1.1 500 500 http://nz.archive.ubuntu.com/ubuntu lunar-updates/main amd64 Packages 100 /var/lib/dpkg/status 2.0~rc1-0ubuntu1 500 500 http://nz.archive.ubuntu.com/ubuntu lunar/main amd64 Packages 3) What you expected to happen cups-browsed 2.0~rc1-0ubuntu1.1 would prevent cups-browsed from having high cpu usage 4) What happened instead High CPU usage still happening To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cups-filters/+bug/2030685/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2051478] Re: Typing passphrase pretty quickly using Yubikey fails to unlock a LUKS partition
** Changed in: plymouth Status: New => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to plymouth in Ubuntu. https://bugs.launchpad.net/bugs/2051478 Title: Typing passphrase pretty quickly using Yubikey fails to unlock a LUKS partition Status in Plymouth: Fix Released Status in cryptsetup package in Ubuntu: Invalid Status in plymouth package in Ubuntu: New Bug description: It looks like there are some behavioral changes between 22.02.122 and 23.360.11. I didn't have any issue until recently but after upgrading to 23.360.11 on Ubuntu, the same unlocking method of LUKS partition stopped working. How to reproduce: 1. format Yubikey with a static password ``` $ ykman otp static --generate 2 ``` (it will emit 38 characters and the ENTER event within a moment when a button is long pressed) 2. add the new key to LUKS ``` $ sudo cryptsetup luksAddKey /dev/nvme0n1p3 ``` 3. reboot and use the Yubikey to input the passphrase Actual: it fails to unlock When typing the same passphrase by-hand it works. Furthermore, when not using Plymouth, both by-hand typing and Yubikey work. WORKAROUND: 1. boot into the recovery mode 2. unlock the volume in the console 3. remove "splash" from /etc/default/grub and run `update-grub` 3. reboot ProblemType: Bug DistroRelease: Ubuntu 24.04 Package: cryptsetup 2:2.6.1-6ubuntu1 ProcVersionSignature: Ubuntu 6.6.0-14.14-generic 6.6.3 Uname: Linux 6.6.0-14-generic x86_64 NonfreeKernelModules: zfs ApportVersion: 2.27.0-0ubuntu6 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: ubuntu:GNOME Date: Mon Jan 29 15:41:03 2024 InstallationDate: Installed on 2024-01-08 (21 days ago) InstallationMedia: Ubuntu 24.04 LTS "Noble Numbat" - Daily amd64 (20240104) ProcEnviron: LANG=en_US.UTF-8 PATH=(custom, no user) SHELL=/bin/bash TERM=xterm-256color XDG_RUNTIME_DIR= SourcePackage: cryptsetup UpgradeStatus: No upgrade log present (probably fresh install) cmdline: BOOT_IMAGE=/vmlinuz-6.6.0-14-generic root=/dev/mapper/ubuntu--vg-ubuntu--lv ro quiet splash crypttab: dm_crypt-0 UUID=cfd8c295-9988-4934-a91a-460a9d16d80f none luks To manage notifications about this bug go to: https://bugs.launchpad.net/plymouth/+bug/2051478/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2052672] Re: soffice.bin crashed with SIGSEGV in rtl_uString_release()
*** This bug is a duplicate of bug 2052384 *** https://bugs.launchpad.net/bugs/2052384 Thank you for taking the time to report this crash and helping to make this software better. This particular crash has already been reported and is a duplicate of bug #2052384, so is being marked as such. Please look at the other bug report to see if there is any missing information that you can provide, or to see if there is a workaround for the bug. Additionally, any further discussion regarding the bug should occur in the other report. Please continue to report any other bugs you may find. ** Attachment removed: "CoreDump.gz" https://bugs.launchpad.net/bugs/2052672/+attachment/5745168/+files/CoreDump.gz ** Attachment removed: "Disassembly.txt" https://bugs.launchpad.net/bugs/2052672/+attachment/5745170/+files/Disassembly.txt ** Attachment removed: "ProcMaps.txt" https://bugs.launchpad.net/bugs/2052672/+attachment/5745173/+files/ProcMaps.txt ** Attachment removed: "ProcStatus.txt" https://bugs.launchpad.net/bugs/2052672/+attachment/5745174/+files/ProcStatus.txt ** Attachment removed: "Registers.txt" https://bugs.launchpad.net/bugs/2052672/+attachment/5745175/+files/Registers.txt ** Attachment removed: "Stacktrace.txt" https://bugs.launchpad.net/bugs/2052672/+attachment/5745176/+files/Stacktrace.txt ** Attachment removed: "ThreadStacktrace.txt" https://bugs.launchpad.net/bugs/2052672/+attachment/5745177/+files/ThreadStacktrace.txt ** This bug has been marked a duplicate of private bug 2052384 ** Information type changed from Private to Public ** Tags removed: need-amd64-retrace -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libreoffice in Ubuntu. https://bugs.launchpad.net/bugs/2052672 Title: soffice.bin crashed with SIGSEGV in rtl_uString_release() Status in libreoffice package in Ubuntu: New Bug description: soffice.bin crashed with SIGSEGV in rtl_uString_release() ProblemType: Crash DistroRelease: Ubuntu 24.04 Package: libreoffice-core 4:24.2.0~rc1-0ubuntu1 ProcVersionSignature: Ubuntu 6.6.0-14.14-generic 6.6.3 Uname: Linux 6.6.0-14-generic x86_64 ApportVersion: 2.27.0-0ubuntu6 Architecture: amd64 CasperMD5CheckResult: pass CrashCounter: 1 CurrentDesktop: XFCE Date: Wed Feb 7 23:39:38 2024 ExecutablePath: /usr/lib/libreoffice/program/soffice.bin InstallationDate: Installed on 2024-02-03 (5 days ago) InstallationMedia: Xubuntu 24.04 LTS "Noble Numbat" - Daily amd64 (20240202) JournalErrors: -- No entries -- ProcAttrCurrent: libreoffice-soffice (complain) ProcCmdline: /usr/lib/libreoffice/program/soffice.bin --calc file:///home/username/Dropbox/Dropbox%20Raiz%20Pogorelsky/Docpog/02-Docpog%20Backup/Contas/A%C3%A7%C3%B5es.ods --splash-pipe=5 SegvAnalysis: Segfault happened at: 0x7de961325c64 :mov (%rdi),%eax PC (0x7de961325c64) ok source "(%rdi)" (0x7de9398324c0) not located in a known VMA region (needed readable region)! destination "%eax" ok SegvReason: reading unknown VMA Signal: 11 SourcePackage: libreoffice StacktraceTop: rtl_uString_release () from /usr/lib/libreoffice/program/libuno_sal.so.3 ?? () from /usr/lib/libreoffice/program/libmergedlo.so ?? () from /usr/lib/libreoffice/program/libmergedlo.so __run_exit_handlers (status=0, listp=0x7de95bbfe680 <__exit_funcs>, run_list_atexit=run_list_atexit@entry=true, run_dtors=run_dtors@entry=true) at ./stdlib/exit.c:111 __GI_exit (status=) at ./stdlib/exit.c:141 Title: soffice.bin crashed with SIGSEGV in rtl_uString_release() UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: adm cdrom dialout dip fax floppy lpadmin plugdev sambashare sudo tape users video separator: To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2052672/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
Re: [Desktop-packages] [Bug 2052624] Re: Stop using --video-capture-use-gpu-memory-buffer flag in beta/edge builds
Sure. And in case you are interested, you can always test "after-build time" changes such as this using snap try[1]. Chromium's launcher script would be in bin/chromium.launcher. [1] https://snapcraft.io/docs/snap-try Am 07/02/2024 um 17:53 schrieb Kevin Keijzer: > Sure, no problem. > > Could you by any chance do a new build for the beta channel with this > fix included? Then I can test if the webcam still works in the default > configuration, without the ~/.chromium-browser.init file. > -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/2052624 Title: Stop using --video-capture-use-gpu-memory-buffer flag in beta/edge builds Status in chromium-browser package in Ubuntu: Fix Committed Bug description: Looking at https://discourse.ubuntu.com/t/an-overview-of-hardware- acceleration-in-chromium/36672, a couple of flags are added for beta and edge channel builds of Chromium to enable VAAPI. You may want to remove the flag --video-capture-use-gpu-memory-buffer from the builds, as it completely breaks webcam input: ERROR:video_capture_impl.cc(501)] Failed to open GpuMemoryBuffer handle It can be worked around by creating ~/.chromium-browser.init and adding CHROMIUM_FLAGS="--disable-video-capture-use-gpu-memory-buffer" to it, but that is not exactly user friendly (and rather redundant). Upstream the Chromium developers say that the --video-capture-use-gpu- memory-buffer flag is broken and that packagers should no longer be using it. https://issues.chromium.org/issues/40279468 >> Do the packagers need to be advised to remove this, or should the flags work as intended? > Yes. If you could inform them, please do so. On Chrome M116 that flag got broken, unfortunately. The flag had absolutely no effect before that, actually. In the future it will be enabled automatically when supported. So it's a good idea to remove that flag from the config for all versions. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/2052624/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2052624] Re: Stop using --video-capture-use-gpu-memory-buffer flag in beta/edge builds
Sure, no problem. Could you by any chance do a new build for the beta channel with this fix included? Then I can test if the webcam still works in the default configuration, without the ~/.chromium-browser.init file. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/2052624 Title: Stop using --video-capture-use-gpu-memory-buffer flag in beta/edge builds Status in chromium-browser package in Ubuntu: Fix Committed Bug description: Looking at https://discourse.ubuntu.com/t/an-overview-of-hardware- acceleration-in-chromium/36672, a couple of flags are added for beta and edge channel builds of Chromium to enable VAAPI. You may want to remove the flag --video-capture-use-gpu-memory-buffer from the builds, as it completely breaks webcam input: ERROR:video_capture_impl.cc(501)] Failed to open GpuMemoryBuffer handle It can be worked around by creating ~/.chromium-browser.init and adding CHROMIUM_FLAGS="--disable-video-capture-use-gpu-memory-buffer" to it, but that is not exactly user friendly (and rather redundant). Upstream the Chromium developers say that the --video-capture-use-gpu- memory-buffer flag is broken and that packagers should no longer be using it. https://issues.chromium.org/issues/40279468 >> Do the packagers need to be advised to remove this, or should the flags work as intended? > Yes. If you could inform them, please do so. On Chrome M116 that flag got broken, unfortunately. The flag had absolutely no effect before that, actually. In the future it will be enabled automatically when supported. So it's a good idea to remove that flag from the config for all versions. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/2052624/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2052652] [NEW] [MIR] gnome-snapshot
Public bug reported: [Availability] The package gnome-snapshot is already in Ubuntu universe. The package gnome-snapshot build for the architectures it is designed to work on. It currently builds and works for architectures: amd64 arm64 armhf ppc64el riscv64 s390x Link to package https://launchpad.net/ubuntu/+source/gnome-snapshot [Rationale] - The package gnome-snapshot is required in Ubuntu main to replace cheese (which is unmaintained) as our default camera application. Cheese will go to universe as part of the transition. - The package gnome-snapshot is required in Ubuntu main no later than February 29th due to the Noble feature freeze. [Security] - No CVEs/security issues in this software in the past - no `suid` or `sgid` binaries - no executables in `/sbin` and `/usr/sbin` - Package does not install services, timers or recurring jobs - Packages does not open privileged ports (ports < 1024). - Package does not expose any external endpoints - Packages does not contain extensions to security-sensitive software [Quality assurance - function/usage] - The package works well right after install [Quality assurance - maintenance] - The package is maintained well in Debian/Ubuntu/Upstream and does not have important issues listed - Ubuntu https://bugs.launchpad.net/ubuntu/+source/gnome-snapshot/+bug - Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=gnome-snapshot - Upstream's bug tracker, https://gitlab.gnome.org/GNOME/snapshot/-/issues - The package does not deal with exotic hardware we cannot support [Quality assurance - testing] - The package runs a test suite on build time, if it fails it makes the build fail, link to build log TBD - The package does not run an autopkgtest because it's a graphical application dealing with hardware and we don't have a proper way to include those in the autopkgtest infra today. Instead we have a manual testplan that we will use to validate updates before uploading: https://wiki.ubuntu.com/DesktopTeam/TestPlans/GnomeSnapshot [Quality assurance - packaging] - debian/watch is present and works - debian/control defines a correct Maintainer - This package has only one minor lintian warning - Please link to a recent build log of the package https://launchpadlibrarian.net/711198400/buildlog_ubuntu-noble- amd64.gnome-snapshot_45.2-2_BUILDING.txt.gz - Log of `lintian --pedantic` # lintian --pedantic gnome-snapshot_45.2-2_amd64.changes W: snapshot: no-manual-page [usr/bin/snapshot] - Lintian overrides are not present - This package does not rely on obsolete or about to be demoted packages. - This package has no python2 or GTK2 dependencies - The package will be installed by default, but does not ask debconf questions - Packaging and build is easy, link to debian/rules https://salsa.debian.org/gnome- team/snapshot/-/blob/debian/latest/debian/rules [UI standards] - Application is end-user facing, Translation is present, via standard gettext - End-user applications that ships a standard conformant desktop file [Dependencies] - No further depends or recommends dependencies that are not yet in main [Standards compliance] - This package correctly follows FHS and Debian Policy [Maintenance/Owner] - The owning team will be desktop-packages and I have their acknowledgement for that commitment - The future owning team is already subscribed to the package - This package is rust based and vendors all non language-runtime dependencies - The package has been built in the archive more recently than the last test rebuild [Background information] The Package description explains the package well Upstream Name is snapshot Link to upstream project https://gitlab.gnome.org/GNOME/snapshot ** Affects: gnome-snapshot (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-snapshot in Ubuntu. https://bugs.launchpad.net/bugs/2052652 Title: [MIR] gnome-snapshot Status in gnome-snapshot package in Ubuntu: New Bug description: [Availability] The package gnome-snapshot is already in Ubuntu universe. The package gnome-snapshot build for the architectures it is designed to work on. It currently builds and works for architectures: amd64 arm64 armhf ppc64el riscv64 s390x Link to package https://launchpad.net/ubuntu/+source/gnome-snapshot [Rationale] - The package gnome-snapshot is required in Ubuntu main to replace cheese (which is unmaintained) as our default camera application. Cheese will go to universe as part of the transition. - The package gnome-snapshot is required in Ubuntu main no later than February 29th due to the Noble feature freeze. [Security] - No CVEs/security issues in this software in the past - no `suid` or `sgid` binaries - no executables in `/sbin` and `/usr/sbin` - Package does not install services, timers or recurring jobs - Packages does not open privileged ports (ports < 1024).
[Desktop-packages] [Bug 1991553] Re: can't add a private PPA
** Also affects: software-properties (Ubuntu Jammy) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to software-properties in Ubuntu. https://bugs.launchpad.net/bugs/1991553 Title: can't add a private PPA Status in software-properties package in Ubuntu: Fix Released Status in software-properties source package in Jammy: New Bug description: As per today's discussion in ~is : add-apt-repository has a bug when adding a private PPA. Quoting ~cjwatson : === It asks Launchpad for all your personal archive subscriptions _that have tokens_. But `Person:+archivesubscriptions` also shows subscriptions without tokens - the token is generated when you click on Viewt here for the first time. Instead, `add-apt-repository` should call `getArchiveSubscriptionURL` (not `getArchiveSubscriptionURLs`) for the archive it's interested in. That generates tokens on-demand. Either it will get an HTTP 401, or it will get a URL which it can parse for the username and password. === Thanks ! To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1991553/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2043640] Re: amdgpu: GPU Recovery fails, frequent hangs
linux-oem-22.04d 6.5.0.1013.15 in jammy-updates contains the fix.
https://changelogs.ubuntu.com/changelogs/pool/main/l/linux-
oem-6.5/linux-oem-6.5_6.5.0-1013.14/changelog
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/2043640
Title:
amdgpu: GPU Recovery fails, frequent hangs
Status in Mesa:
Fix Released
Status in linux package in Ubuntu:
Confirmed
Status in mesa package in Ubuntu:
Fix Released
Status in linux source package in Jammy:
Confirmed
Status in mesa source package in Jammy:
New
Status in linux source package in Lunar:
Confirmed
Status in mesa source package in Lunar:
New
Bug description:
I've been using 23.04 for a few months, and experienced a total system
hang occasionally when sharing my screen over Zoom or Google Meet
(running on Google Chrome).
At first it hangs and then it periodically flashes like it's trying
(unsuccessfully) to recover; I've got 3 screens (including the
laptop's internal one) and each attempt shows something different (at
first it tries to recover the contents of all 3 screens, then it shows
only one of them, and then it shows the same content on all 3, but it
never gets responsive).
I've recently upgraded to 23.10, hoping a new kernel would help the
situation. It's only gotten considerably worse now; it hangs sometimes
just when opening Zoom; it's somehow easier to reproduce with Google
Chrome. Interestingly, it fails quickly and reliably now when enabling
my webcam (with special effects). It started hanging badly when using
Google Maps as well.
For all these behaviors, I suspect amdgpu is to blame (I'm running on
Renoir, 4750U Pro); `dmesg` and `journalctl` didn't seem to show
anything interesting.
Any tips about debugging this further?
ProblemType: Bug
DistroRelease: Ubuntu 23.10
Package: linux-generic 6.5.0.10.12
ProcVersionSignature: Ubuntu 6.5.0-10.10-generic 6.5.3
Uname: Linux 6.5.0-10-generic x86_64
ApportVersion: 2.27.0-0ubuntu5
Architecture: amd64
CRDA: N/A
CasperMD5CheckResult: pass
CurrentDesktop: GNOME
Date: Thu Nov 16 02:27:45 2023
InstallationDate: Installed on 2023-07-02 (137 days ago)
InstallationMedia: Ubuntu 23.04 "Lunar Lobster" - Release amd64 (20230418)
MachineType: {report['dmi.sys.vendor']} {report['dmi.product.name']}
ProcEnviron:
LANG=en_US.UTF-8
PATH=(custom, no user)
SHELL=/bin/bash
TERM=xterm-256color
XDG_RUNTIME_DIR=
ProcFB: 0 amdgpudrmfb
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-6.5.0-10-generic
root=/dev/mapper/ubuntu--vg-ubuntu--lv ro quiet splash vt.handoff=7
PulseList: Error: command ['pacmd', 'list'] failed with exit code 1: No
PulseAudio daemon running, or not running as session daemon.
RelatedPackageVersions:
linux-restricted-modules-6.5.0-10-generic N/A
linux-backports-modules-6.5.0-10-generic N/A
linux-firmware20230919.git3672ccab-0ubuntu2.1
SourcePackage: linux
UpgradeStatus: Upgraded to mantic on 2023-11-14 (2 days ago)
dmi.bios.date: 06/13/2023
dmi.bios.release: 1.44
dmi.bios.vendor: LENOVO
dmi.bios.version: R1BET75W(1.44 )
dmi.board.asset.tag: Not Available
dmi.board.name: 20UD000GUS
dmi.board.vendor: LENOVO
dmi.board.version: SDK0J40697 WIN
dmi.chassis.asset.tag: No Asset Information
dmi.chassis.type: 10
dmi.chassis.vendor: LENOVO
dmi.chassis.version: None
dmi.ec.firmware.release: 1.44
dmi.modalias:
dmi:bvnLENOVO:bvrR1BET75W(1.44):bd06/13/2023:br1.44:efr1.44:svnLENOVO:pn20UD000GUS:pvrThinkPadT14Gen1:rvnLENOVO:rn20UD000GUS:rvrSDK0J40697WIN:cvnLENOVO:ct10:cvrNone:skuLENOVO_MT_20UD_BU_Think_FM_ThinkPadT14Gen1:
dmi.product.family: ThinkPad T14 Gen 1
dmi.product.name: 20UD000GUS
dmi.product.sku: LENOVO_MT_20UD_BU_Think_FM_ThinkPad T14 Gen 1
dmi.product.version: ThinkPad T14 Gen 1
dmi.sys.vendor: LENOVO
X-HWE-Bug: Bug #2047389
To manage notifications about this bug go to:
https://bugs.launchpad.net/mesa/+bug/2043640/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2012388] Re: X11 window (usually AnyDesk) at top-right of the screen is invisible and steals mouse clicks
@JSigma thanks a lot for your script! Works on Fedora. I added "sleep 5" before the window_id line, added a menu entry so I can add the script to startup applications in Tweaks. Anydesk gets killed on startup, excellent! -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-shell-extension-appindicator in Ubuntu. https://bugs.launchpad.net/bugs/2012388 Title: X11 window (usually AnyDesk) at top-right of the screen is invisible and steals mouse clicks Status in Ubuntu AppIndicators: Unknown Status in gnome-shell-extension-appindicator package in Ubuntu: Triaged Bug description: Hardware Model: Dell Inc. Inspiron 16 Plus 7620 Firmware version: 1.5.1 CPU i7-12700H x20 GPU: Nvidia RTX3060 / MaxQ GPU: Intel Alder Lake-P Release: Lunar Lobster Architecture: AMD64 Kernel: 6.1.0-16-generic GNOME version: 44.rc Using Latest daily image of Ubuntu Lunar Lobster, I noticed an issue with window focus when windows are placed under the top-right system tray. Since it is hard to explain, I am attaching a screenshot. I am unable to click or interact with anything in the area within green rectangle. Applications affected: - Firefox (snap) - Chromium (snap) - Vivaldi Browser (deb) - Mattermost (snap) ProblemType: Bug DistroRelease: Ubuntu 23.04 Package: gnome-shell 44~rc-1ubuntu2 ProcVersionSignature: Ubuntu 6.1.0-16.16-generic 6.1.6 Uname: Linux 6.1.0-16-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.26.0-0ubuntu2 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: ubuntu:GNOME Date: Tue Mar 21 20:35:05 2023 DisplayManager: gdm3 InstallationDate: Installed on 2023-01-23 (56 days ago) InstallationMedia: Ubuntu 22.10 "Kinetic Kudu" - Release amd64 (20221020) RelatedPackageVersions: mutter-common 44~rc-1ubuntu3 SourcePackage: gnome-shell UpgradeStatus: Upgraded to lunar on 2023-03-02 (19 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-shell-extension-appindicator/+bug/2012388/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2052624] Re: Stop using --video-capture-use-gpu-memory-buffer flag in beta/edge builds
Thanks for bringing that to our attention. ** Changed in: chromium-browser (Ubuntu) Status: New => Fix Committed -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/2052624 Title: Stop using --video-capture-use-gpu-memory-buffer flag in beta/edge builds Status in chromium-browser package in Ubuntu: Fix Committed Bug description: Looking at https://discourse.ubuntu.com/t/an-overview-of-hardware- acceleration-in-chromium/36672, a couple of flags are added for beta and edge channel builds of Chromium to enable VAAPI. You may want to remove the flag --video-capture-use-gpu-memory-buffer from the builds, as it completely breaks webcam input: ERROR:video_capture_impl.cc(501)] Failed to open GpuMemoryBuffer handle It can be worked around by creating ~/.chromium-browser.init and adding CHROMIUM_FLAGS="--disable-video-capture-use-gpu-memory-buffer" to it, but that is not exactly user friendly (and rather redundant). Upstream the Chromium developers say that the --video-capture-use-gpu- memory-buffer flag is broken and that packagers should no longer be using it. https://issues.chromium.org/issues/40279468 >> Do the packagers need to be advised to remove this, or should the flags work as intended? > Yes. If you could inform them, please do so. On Chrome M116 that flag got broken, unfortunately. The flag had absolutely no effect before that, actually. In the future it will be enabled automatically when supported. So it's a good idea to remove that flag from the config for all versions. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/2052624/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2052624] [NEW] Stop using --video-capture-use-gpu-memory-buffer flag in beta/edge builds
Public bug reported: Looking at https://discourse.ubuntu.com/t/an-overview-of-hardware- acceleration-in-chromium/36672, a couple of flags are added for beta and edge channel builds of Chromium to enable VAAPI. You may want to remove the flag --video-capture-use-gpu-memory-buffer from the builds, as it completely breaks webcam input: ERROR:video_capture_impl.cc(501)] Failed to open GpuMemoryBuffer handle It can be worked around by creating ~/.chromium-browser.init and adding CHROMIUM_FLAGS="--disable-video-capture-use-gpu-memory-buffer" to it, but that is not exactly user friendly (and rather redundant). Upstream the Chromium developers say that the --video-capture-use-gpu- memory-buffer flag is broken and that packagers should no longer be using it. https://issues.chromium.org/issues/40279468 >> Do the packagers need to be advised to remove this, or should the flags work as intended? > Yes. If you could inform them, please do so. On Chrome M116 that flag got broken, unfortunately. The flag had absolutely no effect before that, actually. In the future it will be enabled automatically when supported. So it's a good idea to remove that flag from the config for all versions. ** Affects: chromium-browser (Ubuntu) Importance: Undecided Status: New ** Description changed: Looking at https://discourse.ubuntu.com/t/an-overview-of-hardware- acceleration-in-chromium/36672, a couple of flags are added for beta and edge channel builds of Chromium to enable VAAPI. - You may want to remove the flag `--video-capture-use-gpu-memory-buffer` + You may want to remove the flag --video-capture-use-gpu-memory-buffer from the builds, as it completely breaks webcam input: ERROR:video_capture_impl.cc(501)] Failed to open GpuMemoryBuffer handle It can be worked around by creating ~/.chromium-browser.init and adding CHROMIUM_FLAGS="--disable-video-capture-use-gpu-memory-buffer" to it, but that is not exactly user friendly (and rather redundant). Upstream the Chromium developers say that the --video-capture-use-gpu- memory-buffer flag is broken and that packagers should no longer be using it. https://issues.chromium.org/issues/40279468 >> Do the packagers need to be advised to remove this, or should the flags work as intended? > Yes. If you could inform them, please do so. On Chrome M116 that flag got broken, unfortunately. The flag had absolutely no effect before that, actually. In the future it will be enabled automatically when supported. So it's a good idea to remove that flag from the config for all versions. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/2052624 Title: Stop using --video-capture-use-gpu-memory-buffer flag in beta/edge builds Status in chromium-browser package in Ubuntu: New Bug description: Looking at https://discourse.ubuntu.com/t/an-overview-of-hardware- acceleration-in-chromium/36672, a couple of flags are added for beta and edge channel builds of Chromium to enable VAAPI. You may want to remove the flag --video-capture-use-gpu-memory-buffer from the builds, as it completely breaks webcam input: ERROR:video_capture_impl.cc(501)] Failed to open GpuMemoryBuffer handle It can be worked around by creating ~/.chromium-browser.init and adding CHROMIUM_FLAGS="--disable-video-capture-use-gpu-memory-buffer" to it, but that is not exactly user friendly (and rather redundant). Upstream the Chromium developers say that the --video-capture-use-gpu- memory-buffer flag is broken and that packagers should no longer be using it. https://issues.chromium.org/issues/40279468 >> Do the packagers need to be advised to remove this, or should the flags work as intended? > Yes. If you could inform them, please do so. On Chrome M116 that flag got broken, unfortunately. The flag had absolutely no effect before that, actually. In the future it will be enabled automatically when supported. So it's a good idea to remove that flag from the config for all versions. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/2052624/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2046844] Re: AppArmor user namespace creation restrictions cause many applications to crash with SIGTRAP
** Also affects: marble (Ubuntu) Importance: Undecided Status: New ** Changed in: marble (Ubuntu) Importance: Undecided => High ** Changed in: marble (Ubuntu) Status: New => In Progress ** Changed in: marble (Ubuntu) Milestone: None => ubuntu-24.04-feature-freeze ** Changed in: marble (Ubuntu) Assignee: (unassigned) => Scarlett Gately Moore (scarlettmoore) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to bubblewrap in Ubuntu. https://bugs.launchpad.net/bugs/2046844 Title: AppArmor user namespace creation restrictions cause many applications to crash with SIGTRAP Status in akregator package in Ubuntu: In Progress Status in angelfish package in Ubuntu: In Progress Status in apparmor package in Ubuntu: Confirmed Status in bubblewrap package in Ubuntu: Confirmed Status in cantor package in Ubuntu: In Progress Status in devhelp package in Ubuntu: Confirmed Status in digikam package in Ubuntu: In Progress Status in epiphany-browser package in Ubuntu: Confirmed Status in evolution package in Ubuntu: Confirmed Status in falkon package in Ubuntu: In Progress Status in freecad package in Ubuntu: Confirmed Status in ghostwriter package in Ubuntu: In Progress Status in gnome-packagekit package in Ubuntu: Confirmed Status in goldendict-webengine package in Ubuntu: Confirmed Status in kalgebra package in Ubuntu: In Progress Status in kchmviewer package in Ubuntu: Confirmed Status in kdeplasma-addons package in Ubuntu: Confirmed Status in kiwix package in Ubuntu: Confirmed Status in kmail package in Ubuntu: In Progress Status in konqueror package in Ubuntu: In Progress Status in kontact package in Ubuntu: In Progress Status in marble package in Ubuntu: In Progress Status in notepadqq package in Ubuntu: Confirmed Status in opam package in Ubuntu: Confirmed Status in pageedit package in Ubuntu: Confirmed Status in plasma-desktop package in Ubuntu: Confirmed Status in privacybrowser package in Ubuntu: Confirmed Status in qmapshack package in Ubuntu: Confirmed Status in qutebrowser package in Ubuntu: Confirmed Status in rssguard package in Ubuntu: Confirmed Status in steam package in Ubuntu: Confirmed Status in supercollider package in Ubuntu: Confirmed Status in tellico package in Ubuntu: In Progress Bug description: Hi, I run Ubuntu development branch 24.04 and I have a problem with Epiphany browser 45.1-1 (Gnome Web): program doesn't launch, and I get this error $ epiphany bwrap: Creating new namespace failed: Permission denied ** (epiphany:12085): ERROR **: 14:44:35.023: Failed to fully launch dbus-proxy: Le processus fils s’est terminé avec le code 1 Trappe pour point d'arrêt et de trace (core dumped) $ epiphany bwrap: Creating new namespace failed: Permission denied ** (epiphany:30878): ERROR **: 22:22:26.926: Failed to fully launch dbus-proxy: Le processus fils s’est terminé avec le code 1 Trappe pour point d'arrêt et de trace (core dumped) Thanks for your help! To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/akregator/+bug/2046844/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2051570] Re: [Vostro 3400, Cirrus Logic CS8409/CS42L42, Speaker, Internal] Underruns, dropouts or crackling sound
** Attachment added: "IMG_20240207_111005_968.jpg" https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/2051570/+attachment/5745035/+files/IMG_20240207_111005_968.jpg -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to alsa-driver in Ubuntu. https://bugs.launchpad.net/bugs/2051570 Title: [Vostro 3400, Cirrus Logic CS8409/CS42L42, Speaker, Internal] Underruns, dropouts or crackling sound Status in alsa-driver package in Ubuntu: New Bug description: Since the last three weeks' updates, I have encountered several challenges with the audio functionality on my system. Primarily, upon starting my laptop, the audio often fails to work, displaying "Dummy Output." To resolve this, I find myself needing to restart the laptop two or three times before the audio becomes functional. Even when the audio is working, I've noticed a recurring issue where, after playing video or audio for approximately 2-3 minutes, the sound starts crackling and buzzing. The intensity of these distortions gradually increases, resembling the static interference on a radio station with a weak signal. This issue persists even when using 3.5mm headphones, requiring the use of a USB headset or Bluetooth headphones to enjoy distortion-free audio. Furthermore, I have observed that, regardless of the Ubuntu version (ranging from 22.04 to 22.04.3), I face difficulties changing the microphone output settings when an external audio peripheral, such as a USB headset, 3.5mm headphones, or Bluetooth headphones, is connected. The OS appears to exclusively utilize the microphone from the connected peripheral, making it impossible to switch to the laptop's built-in microphone. For your reference, here are the specifications of my laptop and the Ubuntu version I am currently using: Laptop: Dell Vostro 3400 CPU: 11th Gen Intel i5-1135G7 GPU: Intel TigerLake-LP GT2 Iris Xe Memory: 2490MiB / 19720MiB Resolution: 1920x1080 OS: Ubuntu 22.04.3 LTS x86_64 Kernel: 6.5.0-14-generic DE: GNOME 42.9 Shell: bash 5.1.16 Sound Card: Card: HDA Intel PCH, Chip: Cirrus Logic CS8409/CS42L42 UPDATE 29-01-2024 After the latest Linux kernel update to "6.5.0-15-generic." Following the update, I observed a significant reduction in crackling sound (approximately 80%) after disabling C-states from the BIOS. However, this improvement came at the cost of higher CPU temperatures, with the fan constantly running. Conversely, with C-states enabled, the crackling sound occurs only when the fan starts working. Additionally, I am still encountering the "Dummy Output" audio issue consistently on a fresh start, necessitating a reboot to resolve. I want to emphasize that I receive updates from the Tunisia Ubuntu server. ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: alsa-base 1.0.25+dfsg-0ubuntu7 ProcVersionSignature: Ubuntu 6.5.0-15.15~22.04.1-generic 6.5.3 Uname: Linux 6.5.0-15-generic x86_64 ApportVersion: 2.20.11-0ubuntu82.5 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: galxy-a10 1437 F pulseaudio CasperMD5CheckResult: pass CurrentDesktop: ubuntu:GNOME Date: Mon Jan 29 17:50:44 2024 InstallationDate: Installed on 2024-01-16 (13 days ago) InstallationMedia: Ubuntu 22.04.3 LTS "Jammy Jellyfish" - Release amd64 (20230807.2) PackageArchitecture: all SourcePackage: alsa-driver Symptom: audio Symptom_AlsaPlaybackTest: ALSA playback test through plughw:PCH successful Symptom_Card: Built-in Audio - HDA Intel PCH Symptom_Jack: Speaker, Internal Symptom_PulseAudioLog: جانفي 29 17:49:49 galxya10-VR whoopsie-upload-all[712]: INFO:root:/var/crash/_usr_bin_pulseaudio.1000.crash already marked for upload, skipping Symptom_PulsePlaybackTest: PulseAudio playback test successful Symptom_Type: Underruns, dropouts, or "crackling" sound Title: [Vostro 3400, Cirrus Logic CS8409/CS42L42, Speaker, Internal] Underruns, dropouts or crackling sound UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 10/03/2023 dmi.bios.release: 1.27 dmi.bios.vendor: Dell Inc. dmi.bios.version: 1.27.1 dmi.board.name: 0GGCMJ dmi.board.vendor: Dell Inc. dmi.board.version: A02 dmi.chassis.type: 10 dmi.chassis.vendor: Dell Inc. dmi.modalias: dmi:bvnDellInc.:bvr1.27.1:bd10/03/2023:br1.27:svnDellInc.:pnVostro3400:pvr:rvnDellInc.:rn0GGCMJ:rvrA02:cvnDellInc.:ct10:cvr:sku0A23: dmi.product.family: Vostro dmi.product.name: Vostro 3400 dmi.product.sku: 0A23 dmi.sys.vendor: Dell Inc. mtime.conffile..etc.modprobe.d.alsa-base.conf: 2024-01-28T08:52:28.427855 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/2051570/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe :
[Desktop-packages] [Bug 2046844] Re: AppArmor user namespace creation restrictions cause many applications to crash with SIGTRAP
** Also affects: kmail (Ubuntu) Importance: Undecided Status: New ** Changed in: kmail (Ubuntu) Importance: Undecided => High ** Changed in: kmail (Ubuntu) Status: New => In Progress ** Changed in: kmail (Ubuntu) Milestone: None => ubuntu-24.04-feature-freeze ** Changed in: kmail (Ubuntu) Assignee: (unassigned) => Scarlett Gately Moore (scarlettmoore) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to bubblewrap in Ubuntu. https://bugs.launchpad.net/bugs/2046844 Title: AppArmor user namespace creation restrictions cause many applications to crash with SIGTRAP Status in akregator package in Ubuntu: In Progress Status in angelfish package in Ubuntu: In Progress Status in apparmor package in Ubuntu: Confirmed Status in bubblewrap package in Ubuntu: Confirmed Status in cantor package in Ubuntu: In Progress Status in devhelp package in Ubuntu: Confirmed Status in digikam package in Ubuntu: In Progress Status in epiphany-browser package in Ubuntu: Confirmed Status in evolution package in Ubuntu: Confirmed Status in falkon package in Ubuntu: In Progress Status in freecad package in Ubuntu: Confirmed Status in ghostwriter package in Ubuntu: In Progress Status in gnome-packagekit package in Ubuntu: Confirmed Status in goldendict-webengine package in Ubuntu: Confirmed Status in kalgebra package in Ubuntu: In Progress Status in kchmviewer package in Ubuntu: Confirmed Status in kdeplasma-addons package in Ubuntu: Confirmed Status in kiwix package in Ubuntu: Confirmed Status in kmail package in Ubuntu: In Progress Status in konqueror package in Ubuntu: In Progress Status in kontact package in Ubuntu: In Progress Status in notepadqq package in Ubuntu: Confirmed Status in opam package in Ubuntu: Confirmed Status in pageedit package in Ubuntu: Confirmed Status in plasma-desktop package in Ubuntu: Confirmed Status in privacybrowser package in Ubuntu: Confirmed Status in qmapshack package in Ubuntu: Confirmed Status in qutebrowser package in Ubuntu: Confirmed Status in rssguard package in Ubuntu: Confirmed Status in steam package in Ubuntu: Confirmed Status in supercollider package in Ubuntu: Confirmed Status in tellico package in Ubuntu: In Progress Bug description: Hi, I run Ubuntu development branch 24.04 and I have a problem with Epiphany browser 45.1-1 (Gnome Web): program doesn't launch, and I get this error $ epiphany bwrap: Creating new namespace failed: Permission denied ** (epiphany:12085): ERROR **: 14:44:35.023: Failed to fully launch dbus-proxy: Le processus fils s’est terminé avec le code 1 Trappe pour point d'arrêt et de trace (core dumped) $ epiphany bwrap: Creating new namespace failed: Permission denied ** (epiphany:30878): ERROR **: 22:22:26.926: Failed to fully launch dbus-proxy: Le processus fils s’est terminé avec le code 1 Trappe pour point d'arrêt et de trace (core dumped) Thanks for your help! To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/akregator/+bug/2046844/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2047912] Re: There is a heap buffer overflow in texlive-bin
I have marked this bug as public because the public domain already
contains information about this TeX Live issue (as seen in the GitHub
issue and upstream changelog).
@dongzhuo, could you please contact the upstream (either in the existing
PR or via their mailing list) to confirm that they (1) recognize this
issue as a vulnerability impacting the security of their software (and
not just a functional bug), and (2) do not have any other CVE ID
assignment process already established? The latter is important because
some projects prefer contacting MITRE for the assignment.
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to texlive-bin in Ubuntu.
https://bugs.launchpad.net/bugs/2047912
Title:
There is a heap buffer overflow in texlive-bin
Status in texlive-bin package in Ubuntu:
New
Bug description:
Hello,
I found a heap-buffer overflow in function ttfLoadHDMX; ttfdump can install
by apt-get texlive-binaries. I compile lastest texlive-source by clone
https://github.com/TeX-Live/texlive-source/ on unbuntu for debugging.
The overflow content and size are controlled by input. Exploiting this
issue can achive any code excuted
The steps for reproducing the vul on unbuntu:
(1) sudo apt-get iunstall texlive-binaries
(2) ttfdump -i poc.ttf
The poc.ttf can view the attachment .ttfdump aborted and prompt "malloc():
corrupted top size" due memory corrupt.
The issue exist in function ttfLoadHDMX :
/***function ttfLoadHDMX begin ***/
static void ttfLoadHDMX (FILE *fp,HDMXPtr hdmx,ULONG offset)
{
int i;
xfseek(fp, offset, SEEK_SET, "ttfLoadHDMX");
hdmx->version = ttfGetUSHORT(fp);
hdmx->numDevices = ttfGetUSHORT(fp);
hdmx->size = ttfGetLONG(fp);
hdmx->Records = XCALLOC (hdmx->numDevices, DeviceRecord);
for (i=0;inumDevices;i++)
{
hdmx->Records[i].PixelSize = ttfGetBYTE(fp);
hdmx->Records[i].MaxWidth = ttfGetBYTE(fp);
hdmx->Records[i].Width = XCALLOC (hdmx->size, BYTE); (1)
fread ((hdmx->Records+i)->Width, sizeof(BYTE),
hdmx->numGlyphs+1,fp); (2)
}
}
/***function ttfLoadHDMX end ***/
At above code (1) ,allocte heap buffer for Width according to the parsed
hdmx width. And at above code (2) , copy Width content from file and copy size
decided by controlled hdmx->numGlyphs. In the poc , hdmx->size eaqual to 1216
and hdmx->numGlyphs+1 is 4155,which get heap buffer overflow.
/*** debug info ***/
(gdb) p hdmx->numGlyphs+1
$23 = 4155
(gdb) p hdmx->size
$24 = 1216
/*** debug info end ***/
From :
Dongzhuo zhao working with ADLab of Venustech
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/texlive-bin/+bug/2047912/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2047912] Re: There is a heap buffer overflow in texlive-bin
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to texlive-bin in Ubuntu.
https://bugs.launchpad.net/bugs/2047912
Title:
There is a heap buffer overflow in texlive-bin
Status in texlive-bin package in Ubuntu:
New
Bug description:
Hello,
I found a heap-buffer overflow in function ttfLoadHDMX; ttfdump can install
by apt-get texlive-binaries. I compile lastest texlive-source by clone
https://github.com/TeX-Live/texlive-source/ on unbuntu for debugging.
The overflow content and size are controlled by input. Exploiting this
issue can achive any code excuted
The steps for reproducing the vul on unbuntu:
(1) sudo apt-get iunstall texlive-binaries
(2) ttfdump -i poc.ttf
The poc.ttf can view the attachment .ttfdump aborted and prompt "malloc():
corrupted top size" due memory corrupt.
The issue exist in function ttfLoadHDMX :
/***function ttfLoadHDMX begin ***/
static void ttfLoadHDMX (FILE *fp,HDMXPtr hdmx,ULONG offset)
{
int i;
xfseek(fp, offset, SEEK_SET, "ttfLoadHDMX");
hdmx->version = ttfGetUSHORT(fp);
hdmx->numDevices = ttfGetUSHORT(fp);
hdmx->size = ttfGetLONG(fp);
hdmx->Records = XCALLOC (hdmx->numDevices, DeviceRecord);
for (i=0;inumDevices;i++)
{
hdmx->Records[i].PixelSize = ttfGetBYTE(fp);
hdmx->Records[i].MaxWidth = ttfGetBYTE(fp);
hdmx->Records[i].Width = XCALLOC (hdmx->size, BYTE); (1)
fread ((hdmx->Records+i)->Width, sizeof(BYTE),
hdmx->numGlyphs+1,fp); (2)
}
}
/***function ttfLoadHDMX end ***/
At above code (1) ,allocte heap buffer for Width according to the parsed
hdmx width. And at above code (2) , copy Width content from file and copy size
decided by controlled hdmx->numGlyphs. In the poc , hdmx->size eaqual to 1216
and hdmx->numGlyphs+1 is 4155,which get heap buffer overflow.
/*** debug info ***/
(gdb) p hdmx->numGlyphs+1
$23 = 4155
(gdb) p hdmx->size
$24 = 1216
/*** debug info end ***/
From :
Dongzhuo zhao working with ADLab of Venustech
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/texlive-bin/+bug/2047912/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
