CentOS 7 freerdp-libs 2.1.1-5.el7_9 openssl-devel 1.0.2k-26.el7_9 -Nick
On Wed, Jan 24, 2024 at 3:35 PM Weston Thayer <[email protected]> wrote: > I am repro'ing with the Docker image (slightly customized, otherwise I > would've shared repro steps, working on that), so that helps. > > I did some research. alpine:3.17.6 through alpine:3.18.5 appear to all > have the same version of openssl1.1-compat-dev > <https://github.com/apache/guacamole-server/blob/a575af63ef5b4c8b1804999f211ebeb270992b5a/Dockerfile#L45> > (1.1.1u-r1). I'm checking with `apk add --no-cache --simulate > openssl1.1-compat-dev`, let me know if that's not to be trusted for some > reason. No surprise that it repros when the image is built with something > older, like alpine:3.18.2. > > Nick, even though you can't reproduce it, could you share your openssl > version? > > On Wed, Jan 24, 2024 at 11:00 AM Barnhart, Steven <[email protected]> > wrote: > >> Would be worth using the docker versions and seeing if is present in them >> as that is then easy to point to dependencies not being updated. >> >> –Steve >> ------------------------------ >> *From:* Weston Thayer <[email protected]> >> *Sent:* Wednesday, January 24, 2024 1:58:14 PM >> *To:* [email protected] <[email protected]> >> *Subject:* Re: Major bug message log in guacd 1.5.4 >> >> Running with Nick's theory that it could be something to do with OpenSSL, >> could folks who have reproduced it by upgrading ONLY guacd from 1. 5. 3 to >> 1. 5. 4 share their OpenSSL versions? Since I can easily reproduce this, I >> can employ some >> Running with Nick's theory that it could be something to do with OpenSSL, >> could folks who have reproduced it by upgrading ONLY guacd from 1.5.3 to >> 1.5.4 share their OpenSSL versions? Since I can easily reproduce this, I >> can employ some trial & error testing to try and identify the key variable. >> >> On Wed, Jan 24, 2024 at 9:15 AM Vieri <[email protected]> >> wrote: >> >> >> >> On Wednesday, January 24, 2024 at 04:01:52 PM GMT+1, Nick Couchman < >> [email protected]> wrote: >> >> > When I say "underlying system" - I mean that I'm not running Docker >> containers, I'm installing natively on CentOS7, >> > and when I upgraded from 1.5.3 to 1.5.4, I did not update any of the >> other dependencies (FreeRDP, SSH, kernel, openSSL, etc.). >> > This indicates that the issue isn't guacd itself, but some issue >> between guacd + FreeRDP and possibly some >> > underlying library (OpenSSL) that is causing the leakage. >> >> Same here. >> I am NOT using docker containers. >> As I said, absolutely nothing has changed except for guacd 1.5.4 -> >> 1.5.3. No other dependency has been updated or changed. OpenSSL is exactly >> the same. All other libs are exactly the same. FreeRDP is left untouched. >> >> So it could be what you mentioned earlier: guacd 1.5.4 might be using >> something in FreeRDP that 1.5.3 wasn't. >> Assuming it's FreeRDP that's leaking. >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> >>
