Bug 1451321
Summary: | libvncserver blocks gtk-vnc clients >= 0.7.0 | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Jonathan Dieter <jonathan> | ||||
Component: | libvncserver | Assignee: | Rex Dieter <rdieter> | ||||
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
Severity: | unspecified | Docs Contact: | |||||
Priority: | unspecified | ||||||
Version: | rawhide | CC: | ppisar, rdieter | ||||
Target Milestone: | --- | Keywords: | Patch, Upstream | ||||
Target Release: | --- | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Whiteboard: | |||||||
Fixed In Version: | libvncserver-0.9.11-2.fc25.1 libvncserver-0.9.11-2.fc26 | Doc Type: | If docs needed, set a value | ||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2017-05-26 04:03:39 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Jonathan Dieter
2017-05-16 11:50:33 UTC
This patch fixes bug #1421785, but I didn't want to take that bug over as I'm not sure if my approach is what the OP is looking for. This patch also applies cleanly to 0.9.10 and 0.9.11, and, if possible, should be backported to F25 and F26 as they both have had an update to gtk-vnc-0.7.0. Upstream pull request for this patch is at https://github.com/LibVNC/libvncserver/pull/179 I'm tempted to wait for upstream feedback on the pull request before applying downstream at least. On the other hand, if you think the risk is minimal applying anyway, feel free to do so. Yeah, apparently upstream has already fixed the issue almost identically to my fix at https://github.com/LibVNC/libvncserver/commit/75f04c14e49e084e41bdd5491edad8823773a08c Since that patch is upstream and the risk is minimal, I'll go ahead and apply it then. actually, looks like there's an outstanding CVE issue open against libvncserver too, so I'll take the liberty of pulling in both fixes I guess. Ok, great! Thanks so much. libvncserver-0.9.11-2.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-6125002d79 libvncserver-0.9.11-2.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2017-0e08170fd3 libvncserver-0.9.11-2.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2017-dd5d2381e4 Hey Rex, just a heads up that 0.9.11 has a soname bump from 0.9.10, so it's probably not a good idea to update F24 and F25 to 0.9.11. My plan was to apply the upstream patch to 0.9.10 for F24 and F25. Having looked at this closer, it looks like a symbol was removed in 0.9.9, but the soname wasn't bumped until 0.9.11. I'm guessing a rebuild of all the dependent packages against 0.9.11 should fix everything, but I'm not sure if a soname bump goes against the updates policy, even if there are no backwards-incompatible ABI changes. Yes, it goes. People have software built locally or from foreign repositories. In this case, where there's no actual ABI changes (I'm looking at https://abi-laboratory.pro/tracker/timeline/libvncserver/) to go with the soname bump, would it make sense to do a symlink from libvncserver.so.0 to libvncserver.so.1 *only* for F24 and F25? Or would it be better to pull these updates and backport the CVE fixes to 0.9.10? Sorry I didn't realize there was a soname bump here. Symlinks are not a solution for that. That said, there are other fixes I'd like to get included for f24/f25 updates, not just this one, so I'd rather persue rebuilding dependencies if possible. In the meantime, I'll revoke the existing f25/f24 bodhi updates at earliest opportunity (apparently I can't right now, I assume the update is locked for an ongoing push). Re-reading comments, comment #11 in particular, at least strongly implies that 0.9.9 and 0.9.10 should be ABI compatible with 0.9.11. If that is the case, I think one option would be to simply revert the soname change for f24/f25 updates (back to .0). Thoughts? (In reply to Rex Dieter from comment #16) > Re-reading comments, comment #11 in particular, at least strongly implies > that 0.9.9 and 0.9.10 should be ABI compatible with 0.9.11. If that is the > case, I think one option would be to simply revert the soname change for > f24/f25 updates (back to .0). Thoughts? I'd prefer that option over rebuilding dependencies with .1 as RPM Fusion has some packages as well that depend on this (vlc comes to mind). 0.9.10 has no ABI symbol changes from 0.9.9, and 0.9.11 has one added symbol compared to 0.9.10. One of the structs has added a field between 0.9.9 and 0.9.10 and then an additional two fields between 0.9.10 and 0.9.11, but as I understand it, that doesn't break backwards compatibility. We're at the end of the day here, but tomorrow I'll go ahead build 0.9.11 with a .0 soname and see whether it breaks vlc or x11vnc. I did just that, and tested a few apps (krfb, krdc, vlc), and no *obvious* problems, so, https://src.fedoraproject.org/cgit/rpms/libvncserver.git/commit/?id=46fa05c99237813c26dc60a81fa847ad1cc9eab9 libvncserver-0.9.11-2.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-6125002d79 libvncserver-0.9.11-2.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-dd5d2381e4 libvncserver-0.9.11-2.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-0e08170fd3 I've just built 2.fc25.1 and it's working great with x11vnc. Once it ends up in bodhi, I'll add karma. libvncserver-0.9.11-2.fc25.1 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2017-0e08170fd3 libvncserver-0.9.11-2.fc24.1 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2017-dd5d2381e4 libvncserver-0.9.11-2.fc24.1 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-dd5d2381e4 libvncserver-0.9.11-2.fc25.1 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-0e08170fd3 FYI, also gtk-vnc upstream implemented a fix/workaround as well, see also: https://git.gnome.org/browse/gtk-vnc/commit/?id=f5623cbc63bb0a835bc662d451cc5128d683bd5d libvncserver-0.9.11-2.fc24.1 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report. libvncserver-0.9.11-2.fc25.1 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report. libvncserver-0.9.11-2.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report. |