[snap] Cannot use libwidevinecdm.so to play back DRM-encrypted video

Bug #1738149 reported by Olivier Tilloy
This bug affects 2 people
Affects Status Importance Assigned to Milestone
chromium-browser (Ubuntu)
Fix Released
Olivier Tilloy

Bug Description

The chromium-browser deb package has a patch that allows the browser to look for the content decryption module in /opt/google/chrome/ and use it if present (assumes google-chrome is also installed).

This won't work with the snap, because the snap's runtime environment won't use /opt from the host.

What could work is to patch chromium to look for libwidevinecdm.so somewhere within the snap's area ($SNAP_USER_COMMON or $SNAP_USER_DATA), and have instructions for the user to copy the file to this area.

Tags: snap
Olivier Tilloy (osomon)
Changed in chromium-browser (Ubuntu):
status: New → Triaged
importance: Undecided → Medium
Olivier Tilloy (osomon)
Changed in chromium-browser (Ubuntu):
assignee: nobody → Olivier Tilloy (osomon)
Olivier Tilloy (osomon)
Changed in chromium-browser (Ubuntu):
status: Triaged → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 64.0.3282.119-0ubuntu1

chromium-browser (64.0.3282.119-0ubuntu1) bionic; urgency=medium

  * Upstream release: 64.0.3282.119
    - CVE-2018-6031: Use after free in PDFium.
    - CVE-2018-6032: Same origin bypass in Shared Worker.
    - CVE-2018-6033: Race when opening downloaded files.
    - CVE-2018-6034: Integer overflow in Blink.
    - CVE-2018-6035: Insufficient isolation of devtools from extensions.
    - CVE-2018-6036: Integer underflow in WebAssembly.
    - CVE-2018-6037: Insufficient user gesture requirements in autofill.
    - CVE-2018-6038: Heap buffer overflow in WebGL.
    - CVE-2018-6039: XSS in DevTools.
    - CVE-2018-6040: Content security policy bypass.
    - CVE-2018-6041: URL spoof in Navigation.
    - CVE-2018-6042: URL spoof in OmniBox.
    - CVE-2018-6043: Insufficient escaping with external URL handlers.
    - CVE-2018-6045: Insufficient isolation of devtools from extensions.
    - CVE-2018-6046: Insufficient isolation of devtools from extensions.
    - CVE-2018-6047: Cross origin URL leak in WebGL.
    - CVE-2018-6048: Referrer policy bypass in Blink.
    - CVE-2017-15420: URL spoofing in Omnibox.
    - CVE-2018-6049: UI spoof in Permissions.
    - CVE-2018-6050: URL spoof in OmniBox.
    - CVE-2018-6051: Referrer leak in XSS Auditor.
    - CVE-2018-6052: Incomplete no-referrer policy implementation.
    - CVE-2018-6053: Leak of page thumbnails in New Tab Page.
    - CVE-2018-6054: Use after free in WebUI.
  * debian/control: update reference URL for chromedriver
  * debian/rules:
    - remove enable_hotwording build flag
    - exclude build artifacts from the binary package (LP: #1742653)
  * debian/patches/add-missing-cstddef-include.patch: added
  * debian/patches/configuration-directory.patch: refreshed
  * debian/patches/disable-sse2: refreshed
  * debian/patches/enable-chromecast-by-default.patch: refreshed
  * debian/patches/fix-ffmpeg-ia32-build.patch: added
  * debian/patches/last-commit-position: refreshed
  * debian/patches/no-xlocale-header.patch: removed, no longer needed
  * debian/patches/revert-clang-nostdlib++.patch: updated
  * debian/patches/revert-Xclang-instcombine-lower-dbg-declare.patch: refreshed
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: updated
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/touch-v35: refreshed
  * debian/patches/widevine-other-locations: updated (LP: #1738149)
  * debian/known_gn_gen_args-*: remove enable_hotwording build flag

 -- Olivier Tilloy <email address hidden> Wed, 24 Jan 2018 23:18:03 +0100

Changed in chromium-browser (Ubuntu):
status: In Progress → Fix Released
Revision history for this message
Kevin Keijzer (kkeijzer) wrote :

Since the Chromium 79 snap, this seems to no longer work.

I have the libwidevinecdm.so from Firefox in ~/snap/chromium/current/.local/lib/, which always worked fine before, but now EME videos all just show warnings and the plugin does not seem to be loaded.

Extracting the libwidevinecdm.so from a Chrome deb and putting it in the same place also does not help.

Revision history for this message
Olivier Tilloy (osomon) wrote :
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers