Bug#905786: marked as done (libvncserver1: Use-after-free on shutdown when clients are still connected (causing issue for Virtualbox))

To: Mike Gabriel <sunweaver@debian.org>
Subject: Bug#905786: marked as done (libvncserver1: Use-after-free on shutdown when clients are still connected (causing issue for Virtualbox))
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Sun, 12 Jan 2020 14:42:10 +0000
Message-id: <[🔎] handler.905786.D905786.157883993013103.ackdone@bugs.debian.org>
Reply-to: 905786@bugs.debian.org
References: <E1iqeO7-0004Mr-Lp@fasolo.debian.org> <153382274994.1799.14886863061739684208.reportbug@rick.tetrane.com>

Your message dated Sun, 12 Jan 2020 14:38:47 +0000
with message-id <E1iqeO7-0004Mr-Lp@fasolo.debian.org>
and subject line Bug#905786: fixed in libvncserver 0.9.11+dfsg-1.3+deb10u2
has caused the Debian Bug report #905786,
regarding libvncserver1: Use-after-free on shutdown when clients are still connected (causing issue for Virtualbox)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
905786: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=905786
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: libvncserver1: Use-after-free on shutdown when clients are still connected (causing issue for Virtualbox)
From: Quentin BUATHIER <qbuathier@tetrane.com>
Date: Thu, 09 Aug 2018 15:52:29 +0200
Message-id: <153382274994.1799.14886863061739684208.reportbug@rick.tetrane.com>

Package: libvncserver1
Version: 0.9.11+dfsg-1+deb9u1
Severity: important
Tags: patch

In the upstream source of the project, there is an use-after-free that can lead
to an infinite wait of a non-existing thread during the shutdown of the VNC
server if some clients are still connected.

This causing an issue in Virtualbox which uses this package when a VNC client
is connected and that we shutdown the VM (the VM will be stuck in a buggy
state). See https://www.virtualbox.org/ticket/17396 for the ticket in
Virtualbox's bug tracker for more informations.

There is actually a pull request on upstream fixing this issue
(https://github.com/LibVNC/libvncserver/pull/238). There is also another issue,
a segmentation fault in the same use case when we are using a multi-threaded
VNC server (also fixed by the same pull request).

Virtualbox need both fixes to work correctly without a segmentation fault or a
infinite wait and probably some others packages using libvncserver.

The issue isn't present on Jessie with the version 0.9.9 of the package.



-- System Information:
Debian Release: 9.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-7-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libvncserver1 depends on:
ii  libc6            2.24-11+deb9u3
ii  libgcrypt20      1.7.6-2+deb9u3
ii  libgnutls30      3.5.8-5+deb9u3
ii  libjpeg62-turbo  1:1.5.1-2
ii  zlib1g           1:1.2.8.dfsg-5

libvncserver1 recommends no packages.

libvncserver1 suggests no packages.

--- End Message ---

--- Begin Message ---

To: 905786-close@bugs.debian.org
Subject: Bug#905786: fixed in libvncserver 0.9.11+dfsg-1.3+deb10u2
From: Mike Gabriel <sunweaver@debian.org>
Date: Sun, 12 Jan 2020 14:38:47 +0000
Message-id: <E1iqeO7-0004Mr-Lp@fasolo.debian.org>

Source: libvncserver
Source-Version: 0.9.11+dfsg-1.3+deb10u2

We believe that the bug you reported is fixed in the latest version of
libvncserver, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 905786@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mike Gabriel <sunweaver@debian.org> (supplier of updated libvncserver package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 08 Jan 2020 08:22:51 +0100
Source: libvncserver
Architecture: source
Version: 0.9.11+dfsg-1.3+deb10u2
Distribution: buster
Urgency: medium
Maintainer: Peter Spiess-Knafl <dev@spiessknafl.at>
Changed-By: Mike Gabriel <sunweaver@debian.org>
Closes: 905786
Changes:
 libvncserver (0.9.11+dfsg-1.3+deb10u2) buster; urgency=medium
 .
   * Regression update.
 .
   * debian/patches: Add use-after-free/{4,5,6}.patch. All cherry-picked from
     upstream. Resolves crashing of x11vnc when vncviewer connects. (Closes:
     #905786).
Checksums-Sha1:
 3dfe4d0c79c04cbbbcd6836d3bb4f6b2f59cdfa5 2467 libvncserver_0.9.11+dfsg-1.3+deb10u2.dsc
 dd451454e43c24f536b00514bc51548df49a1b08 23256 libvncserver_0.9.11+dfsg-1.3+deb10u2.debian.tar.xz
 f6da69afd01de617832c49e13518ba0af767e155 7216 libvncserver_0.9.11+dfsg-1.3+deb10u2_source.buildinfo
Checksums-Sha256:
 834145bf6d4c053b1cd30899fe764003e282341e9971344029b15948a75820f5 2467 libvncserver_0.9.11+dfsg-1.3+deb10u2.dsc
 aa691bf5be388409a6cccf0d7e4c5029e74fc8d6476592989192338c08c64425 23256 libvncserver_0.9.11+dfsg-1.3+deb10u2.debian.tar.xz
 f13adb28483f3e898802ca536a8dbe66d0435b7d33b233f766025f18a91573ed 7216 libvncserver_0.9.11+dfsg-1.3+deb10u2_source.buildinfo
Files:
 712362bf2afcbba408acb605d5424bb4 2467 libs optional libvncserver_0.9.11+dfsg-1.3+deb10u2.dsc
 a4a562ce152fd8a275d050da0143771c 23256 libs optional libvncserver_0.9.11+dfsg-1.3+deb10u2.debian.tar.xz
 7acb8f8c705a24cb7779ae1a04e190e6 7216 libs optional libvncserver_0.9.11+dfsg-1.3+deb10u2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAl4VhrUVHHN1bndlYXZl
ckBkZWJpYW4ub3JnAAoJEJr0azAldxsxJKMQAKe5xbZS7W1EUvrHGRr67a5FC0Ts
TJCherRW4zfNBiJBEEOl/ajixb1trXqlFKOJ+o4AjcQhhWY35Zfn1KBc3WEssI0S
hIzF43NT7vUyS64mlz8g+X4OfkZu3gVgJ8/yhtl95/L/Gv5Rg9xzkhD+wXS58M15
oJ/qKaLFSYuVsCHC9qgawURfSySlwkR5osdpqg986RhSq/zn1eYXBpKcgyd4Jal9
zvUktXNjxNoFPAFb93RVBXq484fYBkHCniVcF5jY6JuzFsMMa4BJpkW+2vqTtfGp
AHxwUKxdWZCW8/k7x0FeNEjYw8w1Vhx2lm2T9Flp6/qcj7h79PbJK464PBn8+RnU
iSbqQRisd4ieCfXAe0x0mmSf0VgxxX6O45q01Gbfd/XS8FqTpfXG/FyZIYmesLEW
A4FzSymfX6N3WUQVTDw3Y0LsmICnpRw1a3fsgDokY/HVbmEsVgL+tHoJ8FZRXEos
zr9IoSShNQGlFPWxR7sUDVxgobJUz+fJqlY3CTUX0m4KZhwriNOt4PvGNFMP2N+5
jMCCmw1WNpTS628E/ejbTB9Bby9dx2HNltoA7abr+fbByHGUE82+1QsvinHuIpR2
uwIwFG0lTTwun/v2xlKWhV/WO4sWw/ytX03RtBeKsijzvR6kfEA+KHz7Qm84IUV1
X+IpMcSSutBCkuwr
=CfPK
-----END PGP SIGNATURE-----

--- End Message ---

Reply to:

Prev by Date: Bug#948675: remmina-plugin-vnc: graphic errors and high CPU usage on VNC since 1.3.10
Next by Date: Bug#905786: marked as done (libvncserver1: Use-after-free on shutdown when clients are still connected (causing issue for Virtualbox))
Previous by thread: Processed: Re: remmina-plugin-vnc: graphic errors and high CPU usage on VNC since 1.3.10
Next by thread: Bug#905786: marked as done (libvncserver1: Use-after-free on shutdown when clients are still connected (causing issue for Virtualbox))
Index(es):
- Date
- Thread