Description of problem: The standard "kdewallet" wallet can be opened after updating kdebase4-runtime-4.12.5-1.3.mga4, but the others (e.g. "passwords" wallet in my case) can't: there is a "Error code -9: wrong password" error. It can be related to the update because the encryption method seems to have changed: https://bugs.mageia.org/show_bug.cgi?id=14997 The bug is reported at the KDE bugzilla: https://bugs.kde.org/show_bug.cgi?id=343718 The solution is to downgrade the package to backup non-standard wallets (as xml), then upgrade and import them using kwalletmanager. My guess is that the standard "kdewallet" is re-encrypted using the new method, but the other wallets are simply ignored, thus using the old encryption method. Thus even the error message is wrong: concerned .kwl files can be read with the password refused by kwallet using the "kwallet-dump" python utility. If it is the case, then the kwallet developers did a huge mistake because it can lead to (a lot of) passwords lost ! Can an indication be added somewhere before the update process (e.g. in drakrpm-update) ? Reproducible: Steps to Reproduce:
thx for your report, Vincent. Assigning to maintainer.
Keywords: (none) => UPSTREAMCC: (none) => marja11See Also: (none) => https://bugs.kde.org/show_bug.cgi?id=343718Assignee: bugsquad => lmenutSummary: Personnal wallets can not be opened after update => Personnal wallets can not be opened after KDE update
I added this bugreport in comment to upstream bug https://bugs.kde.org/show_bug.cgi?id=343718#c13 Vincent, please, could you reply and comment directly in upstream bugreport, like question in comment 15. It will be faster.
Done, thanks.
Suggested advisory: Updated kdebase4-runtime packages fix random wallet open failure The security vulnerability fix for CVE-2013-7252 has introduced a regression for secondary wallets, which sometimes can't be opened. The issue is fixed with this update. References: https://bugs.mageia.org/show_bug.cgi?id=15246 https://bugs.kde.org/show_bug.cgi?id=343718 src.rpm: kdebase4-runtime-4.12.5-1.4.mga4.src.rpm packages i586: kdebase4-runtime-4.12.5-1.4.mga4.i586.rpm kdebase4-runtime-devel-4.12.5-1.4.mga4.i586.rpm kdebase4-runtime-handbook-4.12.5-1.4.mga4.noarch.rpm kwallet-daemon-4.12.5-1.4.mga4.i586.rpm libkwalletbackend4-4.12.5-1.4.mga4.i586.rpm libmolletnetwork4-4.12.5-1.4.mga4.i586.rpm nepomuk-4.12.5-1.4.mga4.i586.rpm packages x86_64: kdebase4-runtime-4.12.5-1.4.mga4.x86_64.rpm kdebase4-runtime-devel-4.12.5-1.4.mga4.x86_64.rpm kdebase4-runtime-handbook-4.12.5-1.4.mga4.noarch.rpm kwallet-daemon-4.12.5-1.4.mga4.x86_64.rpm lib64kwalletbackend4-4.12.5-1.4.mga4.x86_64.rpm lib64molletnetwork4-4.12.5-1.4.mga4.x86_64.rpm nepomuk-4.12.5-1.4.mga4.x86_64.rpm an example of problematic wallet is available in upstream bugreport https://bugs.kde.org/show_bug.cgi?id=343718#c33 testcase2.tgz should be extracted in ~/.kde4/share/apps/kwallet/
CC: (none) => lmenut, securityHardware: x86_64 => AllAssignee: lmenut => qa-bugs
Testing complete mga4 64 Confirmed the bug using the testcase2.tgz wallet extracted into ~/.kde4/share/apps/kwallet Upon opening the wallet with password "testcase" it shows "Error code -4: Unsupported file format revision" With updates installed the wallet opens without error.
Whiteboard: (none) => has_procedure mga4-64-ok
Tested mga4_32, Testing complete for kdebase4-runtime-4.12.5-1.4.mga4, I confirm the fix for random wallet open failure. Upon opening the wallet with password "testcase" it shows "Error code -4: Unsupported file format revision" French error: "Erreur lors de l'ouverture du portefeuille testcase.kwl." "Veuillez réessayer." "(Code d'erreur -4 : Révision de format de fichier non prise en charge)" With updates installed now the wallet opens without error.
CC: (none) => geiger.david68210
Whiteboard: has_procedure mga4-64-ok => has_procedure mga4-64-ok mga4-32-ok
Validating. Advisory uploaded. Please push to 4 updates Thanks
Keywords: (none) => validated_updateWhiteboard: has_procedure mga4-64-ok mga4-32-ok => has_procedure advisory mga4-64-ok mga4-32-okCC: (none) => sysadmin-bugs
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGAA-2015-0018.html
Status: NEW => RESOLVEDResolution: (none) => FIXED