Fixing bug #1795668 breaks thumbnail creation on 32-bit Ubuntu

Bug #1807127 reported by Eugene Romanenko on 2018-12-06
270
This bug affects 2 people
Affects Status Importance Assigned to Milestone
gnome-desktop3 (Ubuntu)
Critical
Unassigned
Bionic
High
Steve Beattie
Cosmic
Critical
Jeremy Bicha

Bug Description

Impact
======
Thumbnailing doesn't work on Ubuntu 18.04 LTS or 18.10 on 32-bit installs.

Test Case
=========
Install Ubuntu 18.10 32-bit
Install the update. Log out and log back in.
Download a picture from the internet.
Open your file browser to the directory that contains the picture. The file should show a thumbnail preview.

Regression Potential
====================
This fix was cherry-picked to the stable gnome-3-30 branch.
It was additionally tested by Iain Lane on usrmerged and non-usrmerged systems. (We don't support usrmerge for Ubuntu 18.04 LTS or 18.10.)

Other Info
==========
Triaged as Critical for 18.04 LTS since this was a regression introduced in the security update that backported the bubblewrap hardening to the gnome-desktop3 thumbnailer.

Original Bug Report
===================
Fixing bug #1795668 breaks thumbnail creation on 32-bit Ubuntu.

Looks like same issue in upstream - https://bugzilla.redhat.com/show_bug.cgi?id=1651952

Cause - bubblewrap runs with --ro-bind /lib64 option, then fails.
Workaround - create empty /lib64 directory at root.

ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: libgnome-desktop-3-17 3.28.2-0ubuntu1.1
ProcVersionSignature: Ubuntu 4.15.0-42.45-generic 4.15.18
Uname: Linux 4.15.0-42-generic i686
ApportVersion: 2.20.9-0ubuntu7.5
Architecture: i386
CurrentDesktop: ubuntu:GNOME
Date: Thu Dec 6 12:07:28 2018
ProcEnviron:
 TERM=xterm-256color
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: gnome-desktop3
UpgradeStatus: No upgrade log present (probably fresh install)

Eugene Romanenko (eros2) wrote :
Eugene Romanenko (eros2) on 2018-12-06
description: updated
Jeremy Bicha (jbicha) on 2018-12-06
tags: added: regression-update
Jeremy Bicha (jbicha) wrote :

I have forwarded the issue to GNOME at https://gitlab.gnome.org/GNOME/gnome-desktop/issues/89

Jeremy Bicha (jbicha) on 2018-12-06
Changed in gnome-desktop3 (Ubuntu):
importance: Undecided → Critical
Iain Lane (laney) wrote :

I submitted a fix to upstream: https://gitlab.gnome.org/GNOME/gnome-desktop/merge_requests/20, let's see what they say.

Jeremy Bicha (jbicha) on 2018-12-10
Changed in gnome-desktop3 (Ubuntu Cosmic):
importance: Undecided → Critical
Changed in gnome-desktop3 (Ubuntu Bionic):
importance: Undecided → Critical
Changed in gnome-desktop3 (Ubuntu):
status: New → Triaged
Changed in gnome-desktop3 (Ubuntu Bionic):
status: New → Triaged
Changed in gnome-desktop3 (Ubuntu Cosmic):
status: New → Triaged
Jeremy Bicha (jbicha) on 2018-12-11
Changed in gnome-desktop3 (Ubuntu):
status: Triaged → Fix Committed
Jeremy Bicha (jbicha) wrote :

Security Team, would you be interested in sponsoring directly from our git branch for bionic-security?

gbp clone https://git.launchpad.net/~ubuntu-desktop/ubuntu/+source/gnome-desktop3

git checkout ubuntu/bionic

I am guessing we'll just do a regular SRU for cosmic. What do you think?

information type: Public → Public Security
Changed in gnome-desktop3 (Ubuntu Bionic):
status: Triaged → Confirmed
Changed in gnome-desktop3 (Ubuntu Cosmic):
assignee: nobody → Jeremy Bicha (jbicha)
Jeremy Bicha (jbicha) on 2018-12-11
Changed in gnome-desktop3 (Ubuntu Bionic):
importance: Critical → High
Jeremy Bicha (jbicha) on 2018-12-11
description: updated
Changed in gnome-desktop3 (Ubuntu Cosmic):
status: Triaged → In Progress
Steve Beattie (sbeattie) on 2018-12-11
Changed in gnome-desktop3 (Ubuntu Bionic):
assignee: nobody → Steve Beattie (sbeattie)
Steve Beattie (sbeattie) wrote :

For bionic, I've uploaded the gnome-desktop3 package with the fix for 32bit systems to the ubuntu-security-proposed ppa (https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/) for people to test. Any feedback would be appreciated.

Thanks!

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gnome-desktop3 - 3.30.2-3ubuntu1

---------------
gnome-desktop3 (3.30.2-3ubuntu1) disco; urgency=medium

  * Merge with Debian. Remaining changes:
    - Add 04_compute_average_color.patch: Compute the avergage color in
      gnome-desktop itself, not in unity to fix some races (LP #963140)
    - Add tweak_color_computation.patch, Patch from Gord, no patch header,
      no bug link.
    - Add git_revert_draw_background.patch
    - Add ubuntu_language.patch, Port relevant bits from gnome-control-center's
      52_region_language.patch, as required for gnome 3.8+ region panel
    - Add ubuntu_language_list_from_SUPPORTED.patch,
      Add API to get list of available languages from SUPPORTED file.
      To be used by gnome 3.8 region panel language installation.
    - Add gnomebg_hidpi_image.patch,
      gnome_bg_create_surface: always honor device scale, that fixes the
      wallpaper rendering in HiDPI config under ubiquity (LP: #1382291)
    - debian/control.in: Don't depend on bubblewrap
    - debian/libgnome-desktop-3-17.symbols:
      + Add symbols included in Ubuntu patches
    - Update Vcs fields and debian/gbp.conf for Ubuntu

gnome-desktop3 (3.30.2-3) unstable; urgency=medium

  * Cherry-pick thumbnail-Fix-use-after-free-when-getting-a-preview-icon.patch:
    - Fix from gnome-3-30 branch for a potential crash bug

gnome-desktop3 (3.30.2-2) unstable; urgency=medium

  * Cherry-pick thumbnail-Handle-non-usrmerged-systems.patch:
    - Fix thumbnailer on 32-bit systems where /lib64 is not available. Also
      improve handling of usrmerged and non-usrmerged systems. (LP: #1807127)

 -- Jeremy Bicha <email address hidden> Tue, 11 Dec 2018 10:45:20 -0500

Changed in gnome-desktop3 (Ubuntu):
status: Fix Committed → Fix Released
paz (mozit) wrote :

Hello @Steve,
Checked your pkg/ppa in Bionic 32 bit - all back to normal
Thanks for your quick fix.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gnome-desktop3 - 3.28.2-0ubuntu1.2

---------------
gnome-desktop3 (3.28.2-0ubuntu1.2) bionic-security; urgency=medium

  * Cherry-pick thumbnail-Handle-non-usrmerged-systems.patch:
    - Fix thumbnailer on 32-bit systems where /lib64 is not available. This
      fixes a regression introduced in the previous update. (LP: #1807127)

 -- Jeremy Bicha <email address hidden> Tue, 11 Dec 2018 10:19:39 -0500

Changed in gnome-desktop3 (Ubuntu Bionic):
status: Confirmed → Fix Released

Hello Eugene, or anyone else affected,

Accepted gnome-desktop3 into cosmic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/gnome-desktop3/3.30.2-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-cosmic to verification-done-cosmic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-cosmic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in gnome-desktop3 (Ubuntu Cosmic):
status: In Progress → Fix Committed
tags: added: verification-needed verification-needed-cosmic
pt123 (pt123) wrote :

Proposed working on Bionic (18.04) 32 bit system

To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers