** Changed in: jackd2 (Debian)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to jackd2 in Ubuntu.
https://bugs.launchpad.net/bugs/1833479
Title:
libjack-jackd2-0 double close on a failure to
** Changed in: alsa-plugins (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to jackd2 in Ubuntu.
https://bugs.launchpad.net/bugs/1833479
Title:
libjack-jackd2-0 double close on a failure to connect
This bug was fixed in the package jackd2 - 1.9.12~dfsg-2ubuntu2
---
jackd2 (1.9.12~dfsg-2ubuntu2) focal; urgency=medium
* debian/patches/CVE-2019-13351.patch:
- Set fSocket to -1 after close on an error to prevent a double close,
fix CVE-2019-13351 (lp: #1833479)
--
** Changed in: jackd2 (Ubuntu)
Importance: Low => High
** Changed in: jackd2 (Ubuntu)
Status: Confirmed => Fix Committed
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to jackd2 in Ubuntu.
https://bugs.launchpad.net/bugs/1833479
I currently have the package patched in my PPA to resolve the bug. It is
a difficult to debug problem that has been sending users upstream to
kodi with bug reports and confusing stack traces. This will get more
exposure when focal is released due to the LTS status.
--
You received this bug
Is this going to make it for focal? This bug causes kodi to crash when
turning my TV screen off.
** Tags added: focal
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to jackd2 in Ubuntu.
https://bugs.launchpad.net/bugs/1833479
Title:
I'm marking this as also affects alsa-plugins since that is shipping a
jack plugin by default, and this bug is triggered when jack isn't even
running. Programs that scan for ALSA devices pick up that jack plugin
and trigger the double close.
** Also affects: alsa-plugins (Ubuntu)
Importance:
Can this package get updated to 1.9.13, or at least patched in time for
20.04? The security exploitability of this bug may be low, but the impact
on affected users is high. It causes hard to debug, random crashes of other
programs (e g. Kodi) that are scanning ALSA devices when the jack daemon
Hi,
I am experiencing the same issue with Kodi 18.5 and Xubuntu 19.10 with
similar stack traces to joe-yasi. Is there anyway to install the updated
package via Ubuntu updates?
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to jackd2 in
jackd2 released version 1.9.13 which includes this fix.
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to jackd2 in Ubuntu.
https://bugs.launchpad.net/bugs/1833479
Title:
libjack-jackd2-0 double close on a failure to connect to jackd
** Changed in: jackd2 (Debian)
Status: Unknown => Confirmed
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to jackd2 in Ubuntu.
https://bugs.launchpad.net/bugs/1833479
Title:
libjack-jackd2-0 double close on a failure to connect
** Bug watch added: Debian Bug tracker #931488
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931488
** Changed in: jackd2 (Debian)
Importance: Undecided => Unknown
** Changed in: jackd2 (Debian)
Status: Confirmed => Unknown
** Changed in: jackd2 (Debian)
Remote watch: None =>
** Changed in: jackd2 (Ubuntu)
Status: New => Confirmed
** Changed in: jackd2 (Debian)
Status: New => Confirmed
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to jackd2 in Ubuntu.
https://bugs.launchpad.net/bugs/1833479
I just requested one and received: CVE-2019-13351
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-13351
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to jackd2 in Ubuntu.
https://bugs.launchpad.net/bugs/1833479
Title:
>From a security point of view, it is best if this issue is fixed not
just in Ubuntu but other distributions - and the best way to ensure that
is to get a CVE assigned for it. Has a CVE been applied for for this
issue? If not, could you please submit one to MITRE and when one is
assigned please
Unsubscribing the Sponsors Team as there is no debdiff to sponsor. Poked
the Security Team.
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to jackd2 in Ubuntu.
https://bugs.launchpad.net/bugs/1833479
Title:
libjack-jackd2-0 double close
** Changed in: jackd2 (Ubuntu)
Importance: Undecided => High
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to jackd2 in Ubuntu.
https://bugs.launchpad.net/bugs/1833479
Title:
libjack-jackd2-0 double close on a failure to connect to
** Description changed:
After upgrading to Ubuntu 19.04, I started experiencing sporadic crashes
in kodi when turning my AV receiver on. Ubuntu 19.04 upgraded alsa-
- plugins to 1.1.8. For alsa-plugins >= 1.1.8, the ALSA jack plugin is
+ plugins to 1.1.8. For alsa-plugins >= 1.1.7, the ALSA
The attachment "Set-fSocket-to--1-after-close-on-an-error-to-prevent-a
-double-close.patch" seems to be a patch. If it isn't, please remove
the "patch" flag from the attachment, remove the "patch" tag, and if you
are a member of the ~ubuntu-reviewers, unsubscribe the team.
[This is an automated
I'm marking this a security bug, since all double close bugs can
potentially be security bugs in multithreaded programs depending on the
close interleaving.
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to jackd2 in Ubuntu.
** Patch added:
"Set-fSocket-to--1-after-close-on-an-error-to-prevent-a-double-close.patch"
https://bugs.launchpad.net/ubuntu/+source/jackd2/+bug/1833479/+attachment/5271631/+files/Set-fSocket-to--1-after-close-on-an-error-to-prevent-a-double-close.patch
** Information type changed from
See kodi issue with stack traces:
https://github.com/xbmc/xbmc/issues/16258
** Also affects: jackd2 (Debian)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to jackd2 in Ubuntu.
22 matches
Mail list logo