[Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

** Changed in: jackd2 (Debian) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to jackd2 in Ubuntu. https://bugs.launchpad.net/bugs/1833479 Title: libjack-jackd2-0 double close on a failure to

[Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

** Changed in: alsa-plugins (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to jackd2 in Ubuntu. https://bugs.launchpad.net/bugs/1833479 Title: libjack-jackd2-0 double close on a failure to connect

[Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

This bug was fixed in the package jackd2 - 1.9.12~dfsg-2ubuntu2 --- jackd2 (1.9.12~dfsg-2ubuntu2) focal; urgency=medium * debian/patches/CVE-2019-13351.patch: - Set fSocket to -1 after close on an error to prevent a double close, fix CVE-2019-13351 (lp: #1833479) --

[Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

** Changed in: jackd2 (Ubuntu) Importance: Low => High ** Changed in: jackd2 (Ubuntu) Status: Confirmed => Fix Committed -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to jackd2 in Ubuntu. https://bugs.launchpad.net/bugs/1833479

[Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

I currently have the package patched in my PPA to resolve the bug. It is a difficult to debug problem that has been sending users upstream to kodi with bug reports and confusing stack traces. This will get more exposure when focal is released due to the LTS status. -- You received this bug

[Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

Is this going to make it for focal? This bug causes kodi to crash when turning my TV screen off. ** Tags added: focal -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to jackd2 in Ubuntu. https://bugs.launchpad.net/bugs/1833479 Title:

[Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

I'm marking this as also affects alsa-plugins since that is shipping a jack plugin by default, and this bug is triggered when jack isn't even running. Programs that scan for ALSA devices pick up that jack plugin and trigger the double close. ** Also affects: alsa-plugins (Ubuntu) Importance:

Re: [Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

Can this package get updated to 1.9.13, or at least patched in time for 20.04? The security exploitability of this bug may be low, but the impact on affected users is high. It causes hard to debug, random crashes of other programs (e g. Kodi) that are scanning ALSA devices when the jack daemon

[Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

Hi, I am experiencing the same issue with Kodi 18.5 and Xubuntu 19.10 with similar stack traces to joe-yasi. Is there anyway to install the updated package via Ubuntu updates? -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to jackd2 in

[Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

jackd2 released version 1.9.13 which includes this fix. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to jackd2 in Ubuntu. https://bugs.launchpad.net/bugs/1833479 Title: libjack-jackd2-0 double close on a failure to connect to jackd

[Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

** Changed in: jackd2 (Debian) Status: Unknown => Confirmed -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to jackd2 in Ubuntu. https://bugs.launchpad.net/bugs/1833479 Title: libjack-jackd2-0 double close on a failure to connect

[Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

** Bug watch added: Debian Bug tracker #931488 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931488 ** Changed in: jackd2 (Debian) Importance: Undecided => Unknown ** Changed in: jackd2 (Debian) Status: Confirmed => Unknown ** Changed in: jackd2 (Debian) Remote watch: None =>

[Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

** Changed in: jackd2 (Ubuntu) Status: New => Confirmed ** Changed in: jackd2 (Debian) Status: New => Confirmed -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to jackd2 in Ubuntu. https://bugs.launchpad.net/bugs/1833479

[Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

I just requested one and received: CVE-2019-13351 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-13351 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to jackd2 in Ubuntu. https://bugs.launchpad.net/bugs/1833479 Title:

[Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

>From a security point of view, it is best if this issue is fixed not just in Ubuntu but other distributions - and the best way to ensure that is to get a CVE assigned for it. Has a CVE been applied for for this issue? If not, could you please submit one to MITRE and when one is assigned please

[Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

Unsubscribing the Sponsors Team as there is no debdiff to sponsor. Poked the Security Team. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to jackd2 in Ubuntu. https://bugs.launchpad.net/bugs/1833479 Title: libjack-jackd2-0 double close

[Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

** Changed in: jackd2 (Ubuntu) Importance: Undecided => High -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to jackd2 in Ubuntu. https://bugs.launchpad.net/bugs/1833479 Title: libjack-jackd2-0 double close on a failure to connect to

[Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

** Description changed: After upgrading to Ubuntu 19.04, I started experiencing sporadic crashes in kodi when turning my AV receiver on. Ubuntu 19.04 upgraded alsa- - plugins to 1.1.8. For alsa-plugins >= 1.1.8, the ALSA jack plugin is + plugins to 1.1.8. For alsa-plugins >= 1.1.7, the ALSA

[Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

The attachment "Set-fSocket-to--1-after-close-on-an-error-to-prevent-a -double-close.patch" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team. [This is an automated

[Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

I'm marking this a security bug, since all double close bugs can potentially be security bugs in multithreaded programs depending on the close interleaving. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to jackd2 in Ubuntu.

[Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

** Patch added: "Set-fSocket-to--1-after-close-on-an-error-to-prevent-a-double-close.patch" https://bugs.launchpad.net/ubuntu/+source/jackd2/+bug/1833479/+attachment/5271631/+files/Set-fSocket-to--1-after-close-on-an-error-to-prevent-a-double-close.patch ** Information type changed from

[Desktop-packages] [Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

See kodi issue with stack traces: https://github.com/xbmc/xbmc/issues/16258 ** Also affects: jackd2 (Debian) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to jackd2 in Ubuntu.