Debian has issued an advisory on February 23: https://www.debian.org/security/2017/dsa-3792 The issue is fixed upstream in 5.2.5: https://www.libreoffice.org/about-us/security/advisories/cve-2017-3157/ Debian has patches for 4.3.x and 5.2.x that we can probably use. Mageia 5 is also affected.
Whiteboard: (none) => MGA5TOO
Fixed in Cauldron which now provides LO 5.3.1+. I'll attach Debian's patch for 4.3.x (not tested against our 4.4.x).
Version: Cauldron => 5Whiteboard: MGA5TOO => (none)
Created attachment 9027 [details] Debian's patch for CVE-2017-3157 As always with a very helpful filename, but this is the debian/changelog: libreoffice (1:4.3.3-2+deb8u6) jessie-security; urgency=high * debian/patches/olefix.diff: fix CVE-2017-3157 -- Rene Engelhard <rene@debian.org> Tue, 31 Jan 2017 22:49:47 +0000
Upstream has issued an advisory on April 21: https://www.libreoffice.org/about-us/security/advisories/cve-2017-7870/ Debian has issued an advisory for this on April 27: https://www.debian.org/security/2017/dsa-3837
Summary: libreoffice new security issue CVE-2017-3157 => libreoffice new security issues CVE-2017-3157 and CVE-2017-7870
Upstream has issued an advisory on April 21: https://www.libreoffice.org/about-us/security/advisories/cve-2016-10327/
Summary: libreoffice new security issues CVE-2017-3157 and CVE-2017-7870 => libreoffice new security issues CVE-2016-10327, CVE-2017-3157, and CVE-2017-7870
Fedora advisory for this from May 14: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/INUCXQ53W6PGHQ73RHJTBBTXWCF3EKFQ/
Additioal CVE: CVE-2017-3157 http://www.linuxsecurity.com/content/view/170870/170/
CC: (none) => zombie_ryushu
(In reply to Zombie Ryushu from comment #6) > Additioal CVE: CVE-2017-3157 > http://www.linuxsecurity.com/content/view/170870/170/ That's the original CVE and advisory from Comment 0 of this bug report. I already track Debian advisories, so everything you find from those I already find myself. If you really want to help, since LWN stopped maintaining their vulnerabilities database, I no longer see Gentoo, Slackware, or Arch Linux advisories. Perhaps you could go back through those through February 23 (when LWN stopped) and file bugs for any CVEs we don't have in our Bugzilla (remember to check RESOLVED bugs before filing duplicates).
openSUSE has issued an advisory on July 13: https://lists.opensuse.org/opensuse-updates/2017-07/msg00055.html It fixes two additional CVEs: https://www.libreoffice.org/about-us/security/advisories/cve-2017-7882/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8358 Upstream also has one additional advisory: https://www.libreoffice.org/about-us/security/advisories/cve-2017-7856/ I think that CVE-2017-7882 and CVE-2017-7856 probably don't affect us, but CVE-2017-8358 might.
thierry, do you think we can update libreoffice on mageia 5 ?
CC: (none) => mageia
An update to a newer version was planned but never completed. Hopefully we can complete it. We'll still need to add some patches.
Sure we can. Originally we planned to update to LO 5.0 But I think 5.1 would be a saner target now
as always i ask too much,but do you think 5.2.5 can be possible ? ( if not let's go for 5.1 )
Two more upstream advisories from October 27: https://www.libreoffice.org/about-us/security/advisories/cve-2017-12607/ https://www.libreoffice.org/about-us/security/advisories/cve-2017-12608/ These also affect Mageia 5 (but not Mageia 6).
(In reply to David Walser from comment #13) > Two more upstream advisories from October 27: > https://www.libreoffice.org/about-us/security/advisories/cve-2017-12607/ > https://www.libreoffice.org/about-us/security/advisories/cve-2017-12608/ > > These also affect Mageia 5 (but not Mageia 6). Ubuntu has issued an advisory for this on November 2: https://usn.ubuntu.com/usn/usn-3472-1/
(In reply to Nicolas Lécureuil from comment #12) > as always i ask too much,but do you think 5.2.5 can be possible ? ( if not > let's go for 5.1 ) Why not just reuse the srpm from mga6?
yes we could, i will try to add the deps ( i will try tomorow )
I've got an update to 5.2.7.2 building. If it builds, we will need to also ship with it the libraries that were updated with it that it needs. It's also building against the updated libplist (Bug 20232) with an updated library major. libixion0.12_0-0.12.2-1.mga5 libixion-devel-0.12.2-1.mga5 libixion-doc-0.12.2-1.mga5 libixion-tools-0.12.2-1.mga5 liborcus0.11_0-0.11.2-1.mga5 liborcus-devel-0.11.2-1.mga5 liborcus-doc-0.11.2-1.mga5 liborcus-python3-0.11.2-1.mga5 liborcus-tools-0.11.2-1.mga5 libwps0.4_4-0.4.3-1.mga5 libwps-devel-0.4.3-1.mga5 libwps-docs-0.4.3-1.mga5 libwps-tools-0.4.3-1.mga5 mdds-devel-1.2.2-1.mga5 from SRPMS: libixion-0.12.2-1.mga5.src.rpm liborcus-0.11.2-1.mga5.src.rpm libwps-0.4.3-1.mga5.src.rpm mdds-1.2.2-1.mga5.src.rpm
Depends on: (none) => 20232
Draft of the advisory, if this builds. Advisory: ======================== Updated libreoffice packages fix security vulnerabilities: LibreOffice before 5.2.5 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx (CVE-2016-10327). By exploiting the way LibreOffice before 5.2.2 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information, tricking the user into saving the document and convincing the user to send the document back to the attacker. The vulnerability is mitigated by the need for the attacker to know the precise file path in the target system, and the need to trick the user into saving the document and sending it back (CVE-2017-3157). LibreOffice before 5.2.5 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx (CVE-2017-7870). LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx (CVE-2017-8358). A vulnerability in LibreOffice's PPT file parser before 5.0.2 and 5.1.0, and specifically in PPTStyleSheet, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution (CVE-2017-12607). A vulnerability in LibreOffice Writer DOC file parser before 5.0.2 and 5.1.0, and specifically in ImportOldFormatStyles, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution (CVE-2017-12608). The libreoffice package has been updated to version 5.2.7.2, which fixes these issues and contains many other bug fixes and enhancements. The libixion, liborcus, libwps, and mdds libraries have also been updated for the updated libreoffice. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10327 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3157 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7870 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8358 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12607 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12608 https://www.libreoffice.org/about-us/security/advisories/cve-2016-10327/ https://www.libreoffice.org/about-us/security/advisories/cve-2017-3157/ https://www.libreoffice.org/about-us/security/advisories/cve-2017-7870/ https://www.libreoffice.org/about-us/security/advisories/cve-2017-12607/ https://www.libreoffice.org/about-us/security/advisories/cve-2017-12608/
The build failed: http://pkgsubmit.mageia.org/uploads/failure/5/core/updates_testing/20171230032541.luigiwalser.duvel.35176/log/libreoffice-5.2.7.2-1.mga5/build.0.20171230032619.log It looks like a KDE4/Gtk+ issue. Relevant portion of the log below. S=/home/iurt/rpmbuild/BUILD/libreoffice-5.2.7.2 && I=$S/instdir && W=$S/workdir && mkdir -p $W/CxxObject/vcl/unx/kde4/ $W/Dep/CxxObject/vcl/unx/kde4/ && cd /home/iurt/rpmbuild/BUILD/libreoffice-5.2.7.2 && g++ -DBOOST_ERROR_CODE_HEADER_ONLY -DBOOST_SYSTEM_NO_DEPRECATED -DCPPU_ENV=gcc3 -DINTEL -DLINUX -DNDEBUG -DOPTIMIZE -DOSL_DEBUG_LEVEL=0 -DUNIX -DUNX -DX86 -D_PTHREADS -D_REENTRANT -DVCLPLUG_KDE4_IMPLEMENTATION -DQT_SHARED -DQT_CLEAN_NAMESPACE -DQT_THREAD_SUPPORT -isystem /usr/include/glib-2.0 -isystem /usr/lib/glib-2.0/include -DHAVE_GCC_VISIBILITY_FEATURE -fvisibility=hidden -Wall -Wno-missing-braces -Wnon-virtual-dtor -Wendif-labels -Wextra -Wundef -Wunused-macros -fmessage-length=0 -fno-common -pipe -fvisibility-inlines-hidden -fstack-protector-strong -fPIC -Wshadow -Woverloaded-virtual -std=gnu++14 -ggdb2 -DEXCEPTIONS_ON -fexceptions -fno-enforce-eh-specs -O2 -Wformat -Wp,-D_FORTIFY_SOURCE=2 -fstack-protector --param=ssp-buffer-size=4 -fomit-frame-pointer -march=i586 -mtune=generic -fasynchronous-unwind-tables -DLIBO_INTERNAL_ONLY -c $S/vcl/unx/kde4/KDEData.cxx -o $W/CxxObject/vcl/unx/kde4/KDEData.o -MMD -MT $W/CxxObject/vcl/unx/kde4/KDEData.o -MP -MF $W/Dep/CxxObject/vcl/unx/kde4/KDEData.d_ -I$S/vcl/unx/kde4/ -isystem /usr/include/QtNetwork -isystem /usr/include/QtGui -isystem /usr/include/QtCore -I$S/include -I/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.151-1.b12.1.mga5.i386/include -I/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.151-1.b12.1.mga5.i386/include/linux -I$S/config_host -I$W/CustomTarget/vcl/unx/kde4 -I$S/vcl/inc -I$W/UnoApiHeadersTarget/udkapi/normal -I$W/UnoApiHeadersTarget/offapi/normal -I/usr/include && mv $W/Dep/CxxObject/vcl/unx/kde4/KDEData.d_ $W/Dep/CxxObject/vcl/unx/kde4/KDEData.d [build CXX] vcl/unx/kde4/KDE4FilePicker.cxx /home/iurt/rpmbuild/BUILD/libreoffice-5.2.7.2/vcl/unx/gtk3/gtk3gtkinst.cxx:923:5: error: 'GdkGLContext' does not name a type GdkGLContext *m_pContext; ^ /home/iurt/rpmbuild/BUILD/libreoffice-5.2.7.2/vcl/unx/gtk3/gtk3gtkinst.cxx:973:34: error: 'GtkGLArea' has not been declared static gboolean signalRender(GtkGLArea*, GdkGLContext*, gpointer window) ^ /home/iurt/rpmbuild/BUILD/libreoffice-5.2.7.2/vcl/unx/gtk3/gtk3gtkinst.cxx:973:46: error: 'GdkGLContext' has not been declared static gboolean signalRender(GtkGLArea*, GdkGLContext*, gpointer window) ^ /home/iurt/rpmbuild/BUILD/libreoffice-5.2.7.2/vcl/unx/gtk3/gtk3gtkinst.cxx: In constructor 'GtkOpenGLContext::GtkOpenGLContext()': /home/iurt/rpmbuild/BUILD/libreoffice-5.2.7.2/vcl/unx/gtk3/gtk3gtkinst.cxx:936:11: error: class 'GtkOpenGLContext' does not have any field named 'm_pContext' , m_pContext(nullptr) ^ /home/iurt/rpmbuild/BUILD/libreoffice-5.2.7.2/vcl/unx/gtk3/gtk3gtkinst.cxx: In static member function 'static gboolean GtkOpenGLContext::signalRender(int*, int*, gpointer)': /home/iurt/rpmbuild/BUILD/libreoffice-5.2.7.2/vcl/unx/gtk3/gtk3gtkinst.cxx:989:44: error: 'class GtkOpenGLContext' has no member named 'm_pContext' gdk_gl_context_make_current(pThis->m_pContext); ^ /home/iurt/rpmbuild/BUILD/libreoffice-5.2.7.2/vcl/unx/gtk3/gtk3gtkinst.cxx:989:54: error: 'gdk_gl_context_make_current' was not declared in this scope gdk_gl_context_make_current(pThis->m_pContext); ^ S=/home/iurt/rpmbuild/BUILD/libreoffice-5.2.7.2 && I=$S/instdir && W=$S/workdir && mkdir -p $W/CxxObject/vcl/unx/kde4/ $W/Dep/CxxObject/vcl/unx/kde4/ && cd /home/iurt/rpmbuild/BUILD/libreoffice-5.2.7.2 && g++ -DBOOST_ERROR_CODE_HEADER_ONLY -DBOOST_SYSTEM_NO_DEPRECATED -DCPPU_ENV=gcc3 -DINTEL -DLINUX -DNDEBUG -DOPTIMIZE -DOSL_DEBUG_LEVEL=0 -DUNIX -DUNX -DX86 -D_PTHREADS -D_REENTRANT -DVCLPLUG_KDE4_IMPLEMENTATION -DQT_SHARED -DQT_CLEAN_NAMESPACE -DQT_THREAD_SUPPORT -isystem /usr/include/glib-2.0 -isystem /usr/lib/glib-2.0/include -DHAVE_GCC_VISIBILITY_FEATURE -fvisibility=hidden -Wall -Wno-missing-braces -Wnon-virtual-dtor -Wendif-labels -Wextra -Wundef -Wunused-macros -fmessage-length=0 -fno-common -pipe -fvisibility-inlines-hidden -fstack-protector-strong -fPIC -Wshadow -Woverloaded-virtual -std=gnu++14 -ggdb2 -DEXCEPTIONS_ON -fexceptions -fno-enforce-eh-specs -O2 -Wformat -Wp,-D_FORTIFY_SOURCE=2 -fstack-protector --param=ssp-buffer-size=4 -fomit-frame-pointer -march=i586 -mtune=generic -fasynchronous-unwind-tables -DLIBO_INTERNAL_ONLY -c $S/vcl/unx/kde4/KDE4FilePicker.cxx -o $W/CxxObject/vcl/unx/kde4/KDE4FilePicker.o -MMD -MT $W/CxxObject/vcl/unx/kde4/KDE4FilePicker.o -MP -MF $W/Dep/CxxObject/vcl/unx/kde4/KDE4FilePicker.d_ -I$S/vcl/unx/kde4/ -isystem /usr/include/QtNetwork -isystem /usr/include/QtGui -isystem /usr/include/QtCore -I$S/include -I/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.151-1.b12.1.mga5.i386/include -I/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.151-1.b12.1.mga5.i386/include/linux -I$S/config_host -I$W/CustomTarget/vcl/unx/kde4 -I$S/vcl/inc -I$W/UnoApiHeadersTarget/udkapi/normal -I$W/UnoApiHeadersTarget/offapi/normal -I/usr/include && mv $W/Dep/CxxObject/vcl/unx/kde4/KDE4FilePicker.d_ $W/Dep/CxxObject/vcl/unx/kde4/KDE4FilePicker.d [build CXX] vcl/unx/kde4/KDESalDisplay.cxx /home/iurt/rpmbuild/BUILD/libreoffice-5.2.7.2/solenv/gbuild/LinkTarget.mk:189: recipe for target '/home/iurt/rpmbuild/BUILD/libreoffice-5.2.7.2/workdir/CxxObject/vcl/unx/gtk3/gtk3gtkinst.o' failed make[1]: *** [/home/iurt/rpmbuild/BUILD/libreoffice-5.2.7.2/workdir/CxxObject/vcl/unx/gtk3/gtk3gtkinst.o] Error 1
Update gtk3 to at least 3.16, or disable this gtkgl stuff in libreoffice (if possible). https://developer.gnome.org/gdk3/stable/GdkGLContext.html
CC: (none) => cjw
(In reply to Rémi Verschelde from comment #2) > Created attachment 9027 [details] > Debian's patch for CVE-2017-3157 > > As always with a very helpful filename, but this is the debian/changelog: > > libreoffice (1:4.3.3-2+deb8u6) jessie-security; urgency=high > > * debian/patches/olefix.diff: fix CVE-2017-3157 > > -- Rene Engelhard <rene@debian.org> Tue, 31 Jan 2017 22:49:47 +0000 Most hunks of the patch fail, so it would have taken significant effort to re-use that patch against our 4.4. Their patch for CVE-2017-7870 applies, but their patches for all of the other CVEs also fail.
I've resynced it with Fedora 24, version 5.1.6, which we should have done in the first place, as it also fixes all of the issues. I don't know why Nicolas didn't sync with the current state of 24 instead of a year prior snapshot in time. Anyway, since the updated library versions in updates_testing were made to match Fedora 25 instead of 24, we may need to remove them and replace them with the Fedora 24 versions (libwps should be fine and liborcus may be too, but libixion and mdds were older in 24).
Indeed mdds needs to be removed from updates_testing and switched to version 1.1.0.
CC: (none) => sysadmin-bugs
mdds dropped
CC: (none) => tmb
Thanks Thomas! mdds downgraded to 1.1.0 now. New attempt at a build going... mdds-devel-1.1.0-1.mga5 from mdds-1.1.0-1.mga5.src.rpm
It compiled, but failed during tests. http://pkgsubmit.mageia.org/uploads/failure/5/core/updates_testing/20171231013104.luigiwalser.duvel.38955/log/libreoffice-5.1.6.2-1.mga5/build.0.20171231013213.log Error: a unit test failed, please do one of: make CppunitTest_dbaccess_hsqldb_test CPPUNITTRACE="gdb --args" # for interactive debugging on Linux make CppunitTest_dbaccess_hsqldb_test VALGRIND=memcheck # for memory checking make CppunitTest_dbaccess_hsqldb_test DEBUGCPPUNIT=TRUE # for exception catching /home/iurt/rpmbuild/BUILD/libreoffice-5.1.6.2/solenv/gbuild/CppunitTest.mk:93: recipe for target '/home/iurt/rpmbuild/BUILD/libreoffice-5.1.6.2/workdir/CppunitTest/dbaccess_hsqldb_test.test' failed make[1]: *** [/home/iurt/rpmbuild/BUILD/libreoffice-5.1.6.2/workdir/CppunitTest/dbaccess_hsqldb_test.test] Error 1
Two threads of the test segfaulted: It looks like /home/iurt/rpmbuild/BUILD/libreoffice-5.1.6.2/workdir/LinkTarget/Executable/cppunittester generated a core file at /home/iurt/rpmbuild/BUILD/libreoffice-5.1.6.2/workdir/CppunitTest/dbaccess_hsqldb_test.test.core/core.15492 Backtraces: [New LWP 15492] [New LWP 15496] [New LWP 15493] [New LWP 15495] [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/i686/libthread_db.so.1". Core was generated by `/home/iurt/rpmbuild/BUILD/libreoffice-5.1.6.2/workdir/LinkTarget/Executable/cpp'. Program terminated with signal SIGSEGV, Segmentation fault. #0 0x5f81d566 in _expand_stack_to(unsigned char*) () from /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.151-1.b12.1.mga5.i386/jre/lib/i386/server/libjvm.so warning: File "/home/iurt/rpmbuild/BUILD/libreoffice-5.1.6.2/instdir/program/libuno_sal.so.3-gdb.py" auto-loading has been declined by your `auto-load safe-path' set to "$debugdir:$datadir/auto-load". To enable execution of this file add add-auto-load-safe-path /home/iurt/rpmbuild/BUILD/libreoffice-5.1.6.2/instdir/program/libuno_sal.so.3-gdb.py line to your configuration file "/home/iurt/.gdbinit". To completely disable this security protection add set auto-load safe-path / line to your configuration file "/home/iurt/.gdbinit". For more information about this security protection see the "Auto-loading safe path" section in the GDB manual. E.g., run from the shell: info "(gdb)Auto-loading safe path" warning: File "/home/iurt/rpmbuild/BUILD/libreoffice-5.1.6.2/instdir/program/libuno_cppu.so.3-gdb.py" auto-loading has been declined by your `auto-load safe-path' set to "$debugdir:$datadir/auto-load". warning: File "/home/iurt/rpmbuild/BUILD/libreoffice-5.1.6.2/instdir/program/libtllo.so-gdb.py" auto-loading has been declined by your `auto-load safe-path' set to "$debugdir:$datadir/auto-load". warning: File "/home/iurt/rpmbuild/BUILD/libreoffice-5.1.6.2/instdir/program/libbasegfxlo.so-gdb.py" auto-loading has been declined by your `auto-load safe-path' set to "$debugdir:$datadir/auto-load". warning: File "/home/iurt/rpmbuild/BUILD/libreoffice-5.1.6.2/instdir/program/libsvllo.so-gdb.py" auto-loading has been declined by your `auto-load safe-path' set to "$debugdir:$datadir/auto-load". It looks like /home/iurt/rpmbuild/BUILD/libreoffice-5.1.6.2/workdir/LinkTarget/Executable/cppunittester generated a core file at /home/iurt/rpmbuild/BUILD/libreoffice-5.1.6.2/workdir/CppunitTest/dbaccess_RowSetClones.test.core/core.15681 Backtraces: [New LWP 15681] [New LWP 15728] [New LWP 15727] [New LWP 15682] [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/i686/libthread_db.so.1". Core was generated by `/home/iurt/rpmbuild/BUILD/libreoffice-5.1.6.2/workdir/LinkTarget/Executable/cpp'. Program terminated with signal SIGSEGV, Segmentation fault. #0 0x5ff48566 in _expand_stack_to(unsigned char*) () from /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.151-1.b12.1.mga5.i386/jre/lib/i386/server/libjvm.so warning: File "/home/iurt/rpmbuild/BUILD/libreoffice-5.1.6.2/instdir/program/libuno_sal.so.3-gdb.py" auto-loading has been declined by your `auto-load safe-path' set to "$debugdir:$datadir/auto-load". To enable execution of this file add add-auto-load-safe-path /home/iurt/rpmbuild/BUILD/libreoffice-5.1.6.2/instdir/program/libuno_sal.so.3-gdb.py line to your configuration file "/home/iurt/.gdbinit". To completely disable this security protection add set auto-load safe-path / line to your configuration file "/home/iurt/.gdbinit". For more information about this security protection see the "Auto-loading safe path" section in the GDB manual. E.g., run from the shell: info "(gdb)Auto-loading safe path" warning: File "/home/iurt/rpmbuild/BUILD/libreoffice-5.1.6.2/instdir/program/libuno_cppu.so.3-gdb.py" auto-loading has been declined by your `auto-load safe-path' set to "$debugdir:$datadir/auto-load". warning: File "/home/iurt/rpmbuild/BUILD/libreoffice-5.1.6.2/instdir/program/libtllo.so-gdb.py" auto-loading has been declined by your `auto-load safe-path' set to "$debugdir:$datadir/auto-load". warning: File "/home/iurt/rpmbuild/BUILD/libreoffice-5.1.6.2/instdir/program/libbasegfxlo.so-gdb.py" auto-loading has been declined by your `auto-load safe-path' set to "$debugdir:$datadir/auto-load". warning: File "/home/iurt/rpmbuild/BUILD/libreoffice-5.1.6.2/instdir/program/libsvllo.so-gdb.py" auto-loading has been declined by your `auto-load safe-path' set to "$debugdir:$datadir/auto-load".
CC: (none) => ngompa13
Some digging led to this upstream bug: https://bugs.documentfoundation.org/show_bug.cgi?id=108619 Basically: JVM + new Linux kernel + 32-bit x86 = Boom! :(
See Also: (none) => https://bugs.documentfoundation.org/show_bug.cgi?id=108619
Apparently, this requires a fix somewhere in the Linux kernel, but I'm not sure whether a fix *has* been made or not.
The end of an LKML thread[1] indicated that https://github.com/torvalds/linux/commit/f4cb767d76cf7ee72f97dd76f6cfa6c76a5edc89 would fix the issue, the fix is incorporated into the 4.14 kernel that I believe is pending for Mageia 6, but I suspect the builders are still running Mageia 5 with a 4.4 kernel. I'm not sure there's a way to fix this without moving the build machines to Mageia 6 first. [1]: https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1437307.html
Apparently there are ways to disable some unit tests, whether it be like Patch4 or what we (maybe tv or Nicolas) did on lines 1095-1103 of the SPEC: 1095 # tests failling on Mageia: 1096 sed -i '/CppunitTest_sd_import_tests/d' sd/Module_sd.mk 1097 sed -i '/CppunitTest_sdext_pdfimport/d' sdext/Module_sdext.mk 1098 sed -i '/CppunitTest_dbaccess_macros_test/d' dbaccess/Module_dbaccess.mk 1099 1100 sed -i -e /CppunitTest_sw_ooxmlexport7/d sw/Module_sw.mk 1101 # fails on i686 because of ICU 1102 rm -f writerperfect/qa/unit/data/writer/libe-book/pass/PeanutPress.pdb 1103 git commit -q -a -m 'temporarily disable failing tests' (because, note that those lines were not in Fedora's SPEC). So there may be a way around it.
(In reply to Neal Gompa from comment #30) > The end of an LKML thread[1] indicated that > https://github.com/torvalds/linux/commit/ > f4cb767d76cf7ee72f97dd76f6cfa6c76a5edc89 would fix the issue, the fix is > incorporated into the 4.14 kernel that I believe is pending for Mageia 6, > but I suspect the builders are still running Mageia 5 with a 4.4 kernel. > > I'm not sure there's a way to fix this without moving the build machines to > Mageia 6 first. > > [1]: > https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1437307.html That fix is already backported to the 4.4 series kernels in mga5 and is already installed / running on the build nodes
OK I managed to disable those tests, but another one fails: http://pkgsubmit.mageia.org/uploads/failure/5/core/updates_testing/20171231145731.luigiwalser.duvel.31895/log/libreoffice-5.1.6.2-1.mga5/build.0.20171231145825.log Looks like a Java problem again, but I can't tell what needs disabled this time.
I did everything I could to try to fix this. We failed. I'm sorry.
Status: NEW => RESOLVEDResolution: (none) => OLD