gnutls causes gnome-music segmentation fault

Status changed to 'Confirmed' because the bug affects multiple users.

I have confirmed the bug and also confirmed that the patch applied to the apt-src package will fix the problem.

The issue was fixed upstream in https://gitlab.com/gnutls/gnutls/commit/a18258dc

Working on reproducing it so I can get it fixed in stable. Was not able to reproduce on my disco host system, now trying a cosmic container.

Is bionic affected as well? Probably not.

cosmic works fine as well in a container, except for gnome-music missing a dependency on gir1.2-goa-1.0

Never mind my last comment, I accidentally launched a bionic container. So it seems to me that:

* bionic GOOD
* cosmic BAD
* disco GOOD

though I guess I'll revalidate disco in a container or look at git history.

disco should be bad as well, though, shouldn't it? And the crash I got in cosmic was seemingly unrelated.

I think to trigger the bug (using gnome-music) you need a music collection where it needs to try and look up at least some album artwork. If you have an empty music library gnome-music will start fine because the gnutls code is never invoked.

the upstream/redhat tickets test with the 'get' test from the libsoup source

This bug was fixed in the package gnutls28 - 3.6.5-2ubuntu1

---------------
gnutls28 (3.6.5-2ubuntu1) disco; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/disable_global_init_override_test.patch: disable
      failing test.
    - debian/patches/add-openssl-test-link.patch: add link for libssl
  * this is a new upstream release including a fix for LP: #1804673

gnutls28 (3.6.5-2) unstable; urgency=low

  * Upload to unstable.
  * autopkgtest: Do not try to run cbc-record-check.sh, export ENABLE_GOST=1.

gnutls28 (3.6.5-1) experimental; urgency=medium

  * Run "wrap-and-sort --max-line-length=72 --short-indent" and back comments.
  * Drop automake (>= 1:1.12.2) from Build-Depends; automake 1.14 is
    now in oldstable.
  * New upstream version.
    + Requires nettle >= 3.4.1(rc).
    + List newly added symbols in symbol file. Bump generated dependencies to
      >= 3.6.5 since multiple enums have been extended.
    + Accepts CTYPE-OPENPGP as (no-op) priority list element. Closes: #910835
  * [lintian] Drop dh_strip override, stable has automatic debug packages.

 -- Julian Andres Klode <email address hidden> Tue, 18 Dec 2018 17:24:06 +0100

Will there be a backport for cosmic?
I'm using cosmic (18.10) and the gnome-music app ist crashing on every start because Cosmic only ships 3.6.4-2ubuntu1.

Hello KarlRelton, or anyone else affected,

Accepted gnutls28 into cosmic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/gnutls28/3.6.4-2ubuntu1.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-cosmic to verification-done-cosmic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-cosmic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Unfortunately this didn't seem to help, at least on my system.

After installing gnutls-bin 3.6.4-2ubuntu1.1 from cosmic-proposed and starting gnome-music I still get a segfault after the window shows up for a second and loads some album arts.
Or am I experiencing another bug?

@Marcus gnutls-bin won't help you, you have to install libgnutls30 - can you do that and report back? thanks.

@Julian: Thank you, my fault.
This fixes the bug!

Thank you very much, that's the first time I can actually see how the gnome-music application looks like. xD

I'm sorry, the launchpad interface is awful. :D

Verified from my side as well, with -ubuntu1 it was broken, with the version in proposed it is fixed.

root@cc:~/libsoup2.4-2.64.2# ./obj-x86_64-linux-gnu/examples/get https://tracker.debian.org/pkg/acpi-support/rss [2004/5679]
Segmentation fault (core dumped)
root@cc:~/libsoup2.4-2.64.2# apt policy libgnutls30
libgnutls30:
  Installed: 3.6.4-2ubuntu1
  Candidate: 3.6.4-2ubuntu1.1
  Version table:
     3.6.4-2ubuntu1.1 500
        500 http://archive.ubuntu.com/ubuntu cosmic-proposed/main amd64 Packages
 *** 3.6.4-2ubuntu1 500
        500 http://archive.ubuntu.com/ubuntu cosmic/main amd64 Packages ...

Thank you for your verification! The cosmic upload triggered a lot of autopkgtest failures, hopefully all unrelated. Could someone take a look and verify those?

status

* hddemux is OK essentially; it's the same failure as I fixed in ubuntu1 in disco
* apt OK
* systemd mostly usual boot-smoke failure, one fsckd service failure (timing related probably), nothing particularly gnutls related
* gnupg2 is irrelevant gpgv-win32 test failing because wine is not installable
* gnustep-base ? retried
* lxc ? retried

gnustep-base and lxc fail only on one arch, so should not be caused by disabling version overrides on a rehandshake (there's nothing arch specific about it...).

The verification of the Stable Release Update for gnutls28 has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package gnutls28 - 3.6.4-2ubuntu1.1

---------------
gnutls28 (3.6.4-2ubuntu1.1) cosmic; urgency=medium

  * gnutls-3.6.4-fix-rehandshake.patch: Fix rehandshake breaking glib
    stuff (LP: #1804673)

 -- Julian Andres Klode <email address hidden> Mon, 21 Jan 2019 08:56:16 +0100