Description of problem: [user@localhost ~]$ linphone linphone: error while loading shared libraries: libpolarssl.so.7: cannot open shared object file: No such file or directory Version-Release number of selected component (if applicable): linphone-3.7.0-1.mga5.i586.rpm How reproducible: always Steps to Reproduce: 1. install linphone 2. run linphone Reproducible: Steps to Reproduce:
OK, there don't appear to be any packaging problems with linphone. linphone requires liblinphone.so.6, provided by liblinphone6. liblinphone6 requires libbellesip.so.0, provided by libbellesip0. libbellesip0 requires libpolarssl.so.7, provided by libpolarssl7. So, if you have libpolarssl7 installed, this should work fine. The problem is, libpolarssl.so.7 is also provided by hiawatha, which has: /usr/lib/hiawatha/libpolarssl.so.7 So there's two problems there. One, it's bundling it when it should be linked to the system one. Two, it's providing it, when it's not in the standard lib location, so your system's urpmi installed hiawatha to satisfy the dependency, and now belle-sip can't find the library. hiawatha needs to be rebuilt against the system polarssl.
CC: (none) => luigiwalserAssignee: bugsquad => bersuit.veraSeverity: normal => major
Source RPM: linphone/belle-sip => hiawatha
Summary: linphone does not start without libpolarssl7 => hiawatha incorrectly provides libpolarssl.so.7
This needs to be fixed before the release, otherwise this invalid provide may break things requiring libpolarssl7 indefinitely.
Priority: Normal => release_blocker
Hiawatha is now fixed in SVN: http://svnweb.mageia.org/packages/cauldron/hiawatha/current/SPECS/hiawatha.spec?r1=801982&r2=817958
CC: (none) => jani.valimaa
Hiawatha build with system polarssl throws following warning: Make sure the PolarSSL library has been built with the POLARSSL_THREADING_PTHREAD and POLARSSL_THREADING_C flags. Otherwise, the PolarSSL library may crash the Hiawatha webserver. Someone should check if those are enabled in polarssl.
Seems POLARSSL_THREADING_PTHREAD and POLARSSL_THREADING_C are disabled by default. From include/polarssl/config.h: /** * \def POLARSSL_THREADING_C * * Enable the threading abstraction layer. * By default PolarSSL assumes it is used in a non-threaded environment or that * contexts are not shared between threads. If you do intend to use contexts * between threads, you will need to enable this layer to prevent race * conditions. * * Module: library/threading.c * * This allows different threading implementations (self-implemented or * provided). * * You will have to enable either POLARSSL_THREADING_ALT or * POLARSSL_THREADING_PTHREAD. * * Enable this layer to allow use of mutexes within PolarSSL */ //#define POLARSSL_THREADING_C Enabled them locally and polarssl builds and passes all checks. However I don't know how this change affects to pkgs needing polarssl, but I'll commit my changes also to polarssl.
OK, I'll CC Oden (polarssl maintainer).
CC: (none) => oe
Fixed here: ------------------------------------------------------------------------ r817959 | wally | 2015-03-07 09:42:59 +0100 (lör 7 mar 2015) | 1 rad - make sure system libpolarssl is used (SILENT) ------------------------------------------------------------------------ r817958 | wally | 2015-03-07 09:39:19 +0100 (lör 7 mar 2015) | 1 rad - build against system libpolarssl (mga#15391) Needs submision.
(In reply to Oden Eriksson from comment #7) > Fixed here: Yes, but there's also this for polarssl. Is this change OK? ------------------------------------------------------------------------ r817960 | wally | 2015-03-07 04:26:59 -0500 (Sat, 07 Mar 2015) | 3 lines - build with POLARSSL_THREADING_PTHREAD and POLARSSL_THREADING_C flags enabled (mga#15391) - add BuildRequires for graphviz
Go ahead. Just test that pdns still builds.
Fixed with commit #817959 and hiawatha-9.9-2.mga5
Status: NEW => RESOLVEDCC: (none) => ennael1Resolution: (none) => FIXED
Thanks Anne. So I checked Mageia 4 and this issue exists there. This is no longer a Cauldron release_blocker of course, but it's still a Mageia 4 bug, so reopening. We should issue an update to fix this. On Mageia 4 this would also be a security update, since we've issued security fixes in the system polarssl.
Priority: release_blocker => HighStatus: RESOLVED => REOPENEDComponent: RPM Packages => SecurityVersion: Cauldron => 4Resolution: FIXED => (none)
Ping. Is someone going to fix it for mga4?
CC: (none) => mageiaAssignee: bersuit.vera => juan.baptiste
Ping #2. If no one is interested in maintaining it then we can also just drop it..
Before the fix of hiawatha-9.3-1.mga4, polarssl-1.3.9-1.1.mga4 must be first fixed with the same change as the comment 4: http://svnweb.mageia.org/packages?view=revision&revision=817960 After that, hiawatha can be built against system libpolarssl with same fix as Cauldron: http://svnweb.mageia.org/packages?view=revision&revision=817958 http://svnweb.mageia.org/packages?view=revision&revision=817959
CC: (none) => geiger.david68210
So, new updates with fixes of polarssl and hiawatha are now submitted and uploaded in mga4/Core-Updates_Testing.
The pdns and pdns-recursor packages should also be tested with this polarssl rebuild. Fortunately, we are testing updates for those packages as well in Bug 15754. Advisory: ======================== Updated hiawatha package fixes security vulnerabilities: The hiawatha package included a bundled copy of PolarSSL 1.3.2, which was vulnerable to several security issues that had already been fixed in the system polarssl package. These issues were CVE-2014-4911, CVE-2014-8627, CVE-2014-8628, and CVE-2015-1182, which were fixed in MGASA-2014-0315, MGASA-2014-0481, and MGASA-2015-0055. The polarssl package has been adjusted so that hiawatha can use it, and hiawatha has been rebuilt to use the updated system polarssl, fixing these issues. References: http://advisories.mageia.org/MGASA-2014-0315.html http://advisories.mageia.org/MGASA-2014-0481.html http://advisories.mageia.org/MGASA-2015-0055.html ======================== Updated packages in core/updates_testing: ======================== polarssl-1.3.9-1.2.mga4 libpolarssl7-1.3.9-1.2.mga4 libpolarssl-devel-1.3.9-1.2.mga4 hiawatha-9.3-1.1.mga4 from SRPMS: polarssl-1.3.9-1.2.mga4.src.rpm hiawatha-9.3-1.1.mga4.src.rpm
CC: (none) => juan.baptisteAssignee: juan.baptiste => qa-bugs
Note that you can simply follow these instructions to test Hiawatha: http://www.servermom.org/install-hiawatha-centos-7/1936/
Whiteboard: (none) => has_procedure
(In reply to David GEIGER from comment #17) > Note that you can simply follow these instructions to test Hiawatha: > > http://www.servermom.org/install-hiawatha-centos-7/1936/ Testing complete on an MGA4-x86-64 VBox VM . Seems to be working fine.
CC: (none) => shlomifWhiteboard: has_procedure => MGA4-64-OK has_procedure
And tested fine on a 32-bit i586 MGA 4 VBox VM. MGA4-32-OKing it.
Whiteboard: MGA4-64-OK has_procedure => MGA4-64-OK has_procedure MGA4-32-OK
pdns tested with polarssl from updates testing - bug 15754 - also polarssl itself tested with polarssl-selftest https://bugs.mageia.org/show_bug.cgi?id=11459#c7 [ All tests passed ]. Validating. Advisory uploaded. Please push to 4 updates Thanks
Keywords: (none) => validated_updateWhiteboard: MGA4-64-OK has_procedure MGA4-32-OK => has_procedure advisory MGA4-32-OK MGA4-64-OKCC: (none) => sysadmin-bugs
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0185.html
Status: REOPENED => RESOLVEDResolution: (none) => FIXED