34274 – deluge new security issues CVE-2025-4656[1-4]

Bug 34274 - deluge new security issues CVE-2025-4656[1-4]

Summary: deluge new security issues CVE-2025-4656[1-4]

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	9
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:
Whiteboard:	MGA9-64-OK
Keywords:	advisory, validated_update

Depends on:
Blocks:

Reported:	2025-05-14 09:02 CEST by Nicolas Salguero
Modified:	2025-05-31 18:21 CEST (History)
CC List:	3 users (show)

See Also:
Source RPM:	deluge-2.0.5-11.mga9.src.rpm
CVE:	CVE-2025-46561, CVE-2025-46562, CVE-2025-46563, CVE-2025-46564
Status comment:	Package in comment 22

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Nicolas Salguero 2025-05-14 09:02:40 CEST

Fedora has issued an advisory on May 11:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUDFHJVK23RBMLCM5HNXNF2PGGDGKVOC/

Comment 1 Nicolas Salguero 2025-05-14 09:04:16 CEST

See also: https://securitylab.github.com/advisories/GHSL-2024-188_GHSL-2024-191_Deluge/

Whiteboard: (none) => MGA9TOO
Source RPM: (none) => deluge-2.1.1-4.mga10.src.rpm, deluge-2.0.5-11.mga9.src.rpm
CVE: (none) => CVE-2025-46561, CVE-2025-46562, CVE-2025-46563, CVE-2025-46564
Status comment: (none) => Fixed upstream in 2.2.0

Comment 2 Lewis Smith 2025-05-14 20:37:06 CEST

Various packagers have dealt with deluge, so assigning the bug globally. It might just be a version update.

Assignee: bugsquad => pkg-bugs

Comment 3 Nicolas Salguero 2025-05-23 10:23:54 CEST Comment hidden (obsolete)

Suggested advisory:
========================

The updated package fixes security vulnerabilities:

Limited unauthenticated file read in /flag. (CVE-2025-46561)

New version check over unencrypted channel. (CVE-2025-46562)

SSRF with information leak and limited unauthenticated file write. (CVE-2025-46563)

Unauthenticated file read in /js may lead to RCE. (CVE-2025-46564)

References:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUDFHJVK23RBMLCM5HNXNF2PGGDGKVOC/
https://securitylab.github.com/advisories/GHSL-2024-188_GHSL-2024-191_Deluge/
========================

Updated package in core/updates_testing:
========================
deluge-2.2.0-1.mga9

from SRPM:
deluge-2.2.0-1.mga9.src.rpm

Source RPM: deluge-2.1.1-4.mga10.src.rpm, deluge-2.0.5-11.mga9.src.rpm => deluge-2.0.5-11.mga9.src.rpm
Whiteboard: MGA9TOO => (none)
Version: Cauldron => 9
Assignee: pkg-bugs => qa-bugs
Status comment: Fixed upstream in 2.2.0 => (none)
Status: NEW => ASSIGNED

katnatek 2025-05-23 19:36:15 CEST

Keywords: (none) => advisory

Comment 4 katnatek 2025-05-24 03:19:15 CEST Comment hidden (obsolete)

LC_ALL=C urpmi deluge
A requested package cannot be installed:
deluge-2.2.0-1.mga9.noarch (due to unsatisfied typelib(AppIndicator3))
Continue installation anyway? (Y/n)

This need to build a runtime requirement

Assignee: qa-bugs => nicolas.salguero

Comment 5 katnatek 2025-05-24 05:54:08 CEST Comment hidden (obsolete)

I have ready libindicator and libappindicator but we need to remove a symlink from 
libayatana-appindicator

Comment 6 katnatek 2025-05-24 06:03:02 CEST Comment hidden (obsolete)

(In reply to katnatek from comment #5)
> I have ready libindicator and libappindicator but we need to remove a
> symlink from 
> libayatana-appindicator

Tomorrow will see that unless you beat me and come with other solution
And I hope so looks like bring back that packages not is the best :S
https://www.reddit.com/r/debian/comments/pn1oia/what_happened_to_libappindicator31_in_debian_11/

Comment 7 katnatek 2025-05-24 20:21:20 CEST

I find how disable the bogus requirement, as I understand should works with 
typelib(AyatanaAppIndicator3)

Comment 8 katnatek 2025-05-24 20:40:25 CEST Comment hidden (obsolete)

Suggested advisory:
========================

The updated package fixes security vulnerabilities:

Limited unauthenticated file read in /flag. (CVE-2025-46561)

New version check over unencrypted channel. (CVE-2025-46562)

SSRF with information leak and limited unauthenticated file write. (CVE-2025-46563)

Unauthenticated file read in /js may lead to RCE. (CVE-2025-46564)

References:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUDFHJVK23RBMLCM5HNXNF2PGGDGKVOC/
https://securitylab.github.com/advisories/GHSL-2024-188_GHSL-2024-191_Deluge/
========================

Updated package in core/updates_testing:
========================
deluge-2.2.0-1.1.mga9

from SRPM:
deluge-2.2.0-1.1.mga9

Assignee: nicolas.salguero => qa-bugs

Comment 9 katnatek 2025-05-24 23:38:38 CEST

RH x86_64
LC_ALL=C urpmi deluge
To satisfy dependencies, the following packages are going to be installed:
  Package                        Version      Release       Arch    
(medium "Core Release (Installer) (DVD1)")
  GConf2                         3.2.6        21.mga9       x86_64  
  dconf                          0.40.0       2.mga9        x86_64  (recommended)
  geoip-database                 1.6.12       6.mga9        noarch  
  lib64GConf2_4                  3.2.6        21.mga9       x86_64  
  lib64boost_python310_1.81.0    1.81.0       3.mga9        x86_64  
  lib64gconf-gir2.0              3.2.6        21.mga9       x86_64  
  lib64geoip1                    1.6.12       6.mga9        x86_64  
  lib64portmidi0                 217          18.mga9       x86_64  
  lib64sdl2_mixer2.0_0           2.6.3        1.mga9        x86_64  
  lib64sdl2_ttf2.0_0             2.20.2       1.mga9        x86_64  
  python3-attrs                  22.2.0       1.mga9        noarch  
  python3-automat                22.10.0      1.mga9        noarch  
  python3-beaker                 1.12.1       1.mga9        noarch  
  python3-constantly             15.1.0       9.mga9        noarch  
  python3-geoip                  1.3.2        10.mga9       x86_64  
  python3-hyperlink              21.0.0       4.mga9        noarch  
  python3-incremental            22.10.0      1.mga9        noarch  
  python3-iniconfig              1.1.1        5.mga9        noarch  
  python3-mako                   1.2.2        1.mga9        noarch  
  python3-pluggy                 1.0.0        3.mga9        noarch  
  python3-py                     1.11.0       2.mga9        noarch  
  python3-pyasn1-modules         0.2.8        3.mga9        noarch  
  python3-pygame                 2.1.2        4.mga9        x86_64  
  python3-pytest                 7.1.3        1.mga9        noarch  
  python3-rencode                1.0.6        6.mga9        x86_64  
  python3-service-identity       21.1.0       4.mga9        noarch  
(medium "QA Testing (64-bit)")
  deluge                         2.2.0        1.1.mga9      noarch  
(medium "Core Release")
  geoip                          1.6.12       6.mga9        x86_64  (recommended)
  python3-serial                 3.5          4.mga9        noarch  (recommended)
(medium "Core Updates")
  python3-libtorrent-rasterbar   2.0.9        1.mga9        x86_64  
  python3-twisted                22.10.0      2.1.mga9      noarch  
  python3-twisted+tls            22.10.0      2.1.mga9      noarch  
129MB of additional disk space will be used.
46MB of packages will be retrieved.
Proceed with the installation of the 32 packages? (Y/n) y

Run deluge
Add  Mageia-9-i586 classic iso torrent as paused
Force torrent verification (I download previously with other torrent client)
Make Start to seed

Looks like works

Comment 10 Herman Viaene 2025-05-26 11:45:57 CEST

MGA9-64 Plasma Wayland on Compaq H000SB.
No installation issues.
Ref bug 20895 for testing, but this is beyond me, Ik keep running into errors.
# systemctl start deluge-daemon
# systemctl -l status deluge-daemon
× deluge-daemon.service - Deluge Bittorrent Client Daemon
     Loaded: loaded (/usr/lib/systemd/system/deluge-daemon.service; disabled; preset: disabled)
     Active: failed (Result: exit-code) since Mon 2025-05-26 11:32:08 CEST; 20s ago
   Duration: 3ms
    Process: 32870 ExecStart=/usr/bin/deluged -d (code=exited, status=217/USER)
   Main PID: 32870 (code=exited, status=217/USER)
        CPU: 0

May 26 11:32:08 mach3.hviaene.thuis systemd[1]: Started deluge-daemon.service.
May 26 11:32:08 mach3.hviaene.thuis systemd[1]: deluge-daemon.service: Main process exited, code=exited, status=217/USER
May 26 11:32:08 mach3.hviaene.thuis systemd[1]: deluge-daemon.service: Failed with result 'exit-code'.

$ deluge -v
deluge 2.2.0
libtorrent: 2.0.9.0
Python: 3.10.11
That makes sense.

Command as in bug 20895
$ deluge -u web
usage: deluge web [-h] [-V] [-c <config>] [-l <logfile>] [-L <level>]
                  [--logrotate [<max-size>]] [-q] [--profile [<profile-file>]]
                  [-i <ip_address>] [-p <port>] [-b <path>] [--ssl] [--no-ssl]
                  [-P <pidfile>] [-d] [-U <user>] [-g <group>]
deluge web: error: unrecognized arguments: -u
$ deluge -U web
usage: deluge web [-h] [-V] [-c <config>] [-l <logfile>] [-L <level>]
                  [--logrotate [<max-size>]] [-q] [--profile [<profile-file>]]
                  [-i <ip_address>] [-p <port>] [-b <path>] [--ssl] [--no-ssl]
                  [-P <pidfile>] [-d] [-U <user>] [-g <group>]
deluge web: error: argument -U/--user: expected one argument
[tester9@mach3 ~]$ deluge -U tester9 web
usage: deluge [-h] [-V] [-c <config>] [-l <logfile>] [-L <level>]
              [--logrotate [<max-size>]] [-q] [--profile [<profile-file>]]
              [-s {console,gtk,web}]
              {console,gtk,web} [UI args] ...
deluge: error: argument {console,gtk,web} [UI args]: invalid choice: 'tester9' (choose from 'console', 'gtk', 'web')
Giving up, over to someone blessed with more knowledge.

CC: (none) => herman.viaene

Comment 11 katnatek 2025-05-27 04:52:05 CEST

(In reply to Herman Viaene from comment #10)
I get some more info
systemctl status deluge-daemon.service 
× deluge-daemon.service - Deluge Bittorrent Client Daemon
     Loaded: loaded (/usr/lib/systemd/system/deluge-daemon.service; disabled; preset: disabled)
     Active: failed (Result: exit-code) since Mon 2025-05-26 20:13:51 CST; 7s ago
   Duration: 2ms
    Process: 25852 ExecStart=/usr/bin/deluged -d (code=exited, status=217/USER)
   Main PID: 25852 (code=exited, status=217/USER)
        CPU: 1ms

may 26 20:13:51 jgrey.phoenix systemd[1]: Started deluge-daemon.service.
may 26 20:13:51 jgrey.phoenix (deluged)[25852]: deluge-daemon.service: Failed to determine user credentials: No such process
may 26 20:13:51 jgrey.phoenix (deluged)[25852]: deluge-daemon.service: Failed at step USER spawning /usr/bin/deluged: No such process
may 26 20:13:51 jgrey.phoenix systemd[1]: deluge-daemon.service: Main process exited, code=exited, status=217/USER
may 26 20:13:51 jgrey.phoenix systemd[1]: deluge-daemon.service: Failed with result 'exit-code'.

As I see is needed to create a deluge user, I`ll fix this, thank you for the test

Comment 12 katnatek 2025-05-27 05:45:23 CEST Comment hidden (obsolete)

Suggested advisory:
========================

The updated package fixes security vulnerabilities:

Limited unauthenticated file read in /flag. (CVE-2025-46561)

New version check over unencrypted channel. (CVE-2025-46562)

SSRF with information leak and limited unauthenticated file write. (CVE-2025-46563)

Unauthenticated file read in /js may lead to RCE. (CVE-2025-46564)

References:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUDFHJVK23RBMLCM5HNXNF2PGGDGKVOC/
https://securitylab.github.com/advisories/GHSL-2024-188_GHSL-2024-191_Deluge/
========================

Updated package in core/updates_testing:
========================
deluge-2.2.0-1.2.mga9

from SRPM:
deluge-2.2.0-1.2.mga9

Status comment: (none) => Package in comment 12

Comment 13 katnatek 2025-05-27 05:52:13 CEST

RH x86_64

installing deluge-2.2.0-1.2.mga9.noarch.rpm from //home/katnatek/qa-testing/x86_64
Preparing...                     ##################################################################################################
      1/1: deluge                ##################################################################################################
      1/1: removing deluge-2.2.0-1.1.mga9.noarch
                                 ##################################################################################################
Creating group 'deluge' with GID 932.
Creating user 'deluge' (deluge daemon account) with UID 932 and GID 932.

systemctl start deluge-daemon.service
systemctl status deluge-daemon.service 
× deluge-daemon.service - Deluge Bittorrent Client Daemon
     Loaded: loaded (/usr/lib/systemd/system/deluge-daemon.service; disabled; preset: disabled)
     Active: failed (Result: exit-code) since Mon 2025-05-26 21:49:31 CST; 20s ago
   Duration: 773ms
    Process: 52808 ExecStart=/usr/bin/deluged -d (code=exited, status=1/FAILURE)
   Main PID: 52808 (code=exited, status=1/FAILURE)
        CPU: 407ms

may 26 21:49:31 jgrey.phoenix systemd[1]: Started deluge-daemon.service.
may 26 21:49:31 jgrey.phoenix deluged[52808]: 21:49:31 [ERROR   ][deluge.common:136 ] Unable to use default config directory, exitin>
may 26 21:49:31 jgrey.phoenix systemd[1]: deluge-daemon.service: Main process exited, code=exited, status=1/FAILURE
may 26 21:49:31 jgrey.phoenix systemd[1]: deluge-daemon.service: Failed with result 'exit-code'.

Still need some fix

Comment 14 katnatek 2025-05-27 06:19:55 CEST Comment hidden (obsolete)

Suggested advisory:
========================

The updated package fixes security vulnerabilities:

Limited unauthenticated file read in /flag. (CVE-2025-46561)

New version check over unencrypted channel. (CVE-2025-46562)

SSRF with information leak and limited unauthenticated file write. (CVE-2025-46563)

Unauthenticated file read in /js may lead to RCE. (CVE-2025-46564)

References:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUDFHJVK23RBMLCM5HNXNF2PGGDGKVOC/
https://securitylab.github.com/advisories/GHSL-2024-188_GHSL-2024-191_Deluge/
========================

Updated package in core/updates_testing:
========================
deluge-2.2.0-1.3.mga9

from SRPM:
deluge-2.2.0-1.3.mga9

Status comment: Package in comment 12 => Package in comment 14

Comment 15 katnatek 2025-05-27 06:52:33 CEST

RH x86_64

installing deluge-2.2.0-1.3.mga9.noarch.rpm from //home/katnatek/qa-testing/x86_64
Preparing...                     ##################################################################################################
      1/1: deluge                ##################################################################################################
      1/1: removing deluge-2.2.0-1.2.mga9.noarch
                                 ##################################################################################################

systemctl start deluge-daemon.service 
systemctl status deluge-daemon.service 
● deluge-daemon.service - Deluge Bittorrent Client Daemon
     Loaded: loaded (/usr/lib/systemd/system/deluge-daemon.service; disabled; preset: disabled)
     Active: active (running) since Mon 2025-05-26 22:23:04 CST; 2s ago
   Main PID: 72123 (deluged)
      Tasks: 4 (limit: 6903)
     Memory: 46.4M
        CPU: 1.363s
     CGroup: /system.slice/deluge-daemon.service
             └─72123 /usr/bin/python3 /usr/bin/deluged -d

may 26 22:23:04 jgrey.phoenix systemd[1]: Started deluge-daemon.service.

systemctl stop deluge-daemon.service 
systemctl start deluge-web.service 
systemctl status deluge-web.service 
○ deluge-web.service - Deluge Bittorrent Client Web Interface
     Loaded: loaded (/usr/lib/systemd/system/deluge-web.service; disabled; preset: disabled)
     Active: inactive (dead)

may 26 22:24:45 jgrey.phoenix systemd[1]: Started deluge-web.service.
may 26 22:24:46 jgrey.phoenix systemd[1]: deluge-web.service: Deactivated successfully.
may 26 22:25:18 jgrey.phoenix systemd[1]: Started deluge-web.service.
may 26 22:25:18 jgrey.phoenix systemd[1]: deluge-web.service: Deactivated successfully.

I see in other places add -d to ExecStart=/usr/bin/deluge-web in deluge-web.service

That works , another build come, but start web interface in this way requires set a password to deluge user, so I wonder how proceed here

Assignee: qa-bugs => j.alberto.vc
CC: (none) => geiger.david68210, yvesbrungard

Comment 16 katnatek 2025-05-27 06:56:39 CEST

Sorry the noise exist a default password, I see it in github

katnatek 2025-05-27 06:56:52 CEST

CC: geiger.david68210, yvesbrungard => (none)

Comment 17 katnatek 2025-05-27 18:09:06 CEST

Suggested advisory:
========================

The updated package fixes security vulnerabilities:

Limited unauthenticated file read in /flag. (CVE-2025-46561)

New version check over unencrypted channel. (CVE-2025-46562)

SSRF with information leak and limited unauthenticated file write. (CVE-2025-46563)

Unauthenticated file read in /js may lead to RCE. (CVE-2025-46564)

References:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUDFHJVK23RBMLCM5HNXNF2PGGDGKVOC/
https://securitylab.github.com/advisories/GHSL-2024-188_GHSL-2024-191_Deluge/
========================

Updated package in core/updates_testing:
========================
deluge-2.2.0-1.4.mga9

from SRPM:
deluge-2.2.0-1.4.mga9

Status comment: Package in comment 14 => Package in comment 17
Assignee: j.alberto.vc => qa-bugs

Comment 18 katnatek 2025-05-27 18:27:08 CEST

RH x86_64

installing deluge-2.2.0-1.4.mga9.noarch.rpm from //home/katnatek/qa-testing/x86_64
Preparing...                     ##################################################################################################
      1/1: deluge                ##################################################################################################
      1/1: removing deluge-2.2.0-1.3.mga9.noarch
                                 ##################################################################################################

I enable deluge-daemon.service and deluge-web.service to start at boot time

Reboot

systemctl status deluge-daemon.service 
● deluge-daemon.service - Deluge Bittorrent Client Daemon
     Loaded: loaded (/usr/lib/systemd/system/deluge-daemon.service; enabled; preset: disabled)
     Active: active (running) since Tue 2025-05-27 10:16:01 CST; 3min 39s ago
   Main PID: 2180 (deluged)
      Tasks: 5 (limit: 6903)
     Memory: 54.7M
        CPU: 2.515s
     CGroup: /system.slice/deluge-daemon.service
             └─2180 /usr/bin/python3 /usr/bin/deluged -d

may 27 10:16:01 jgrey.phoenix systemd[1]: Started deluge-daemon.service.

systemctl status deluge-web.service 
● deluge-web.service - Deluge Bittorrent Client Web Interface
     Loaded: loaded (/usr/lib/systemd/system/deluge-web.service; enabled; preset: disabled)
     Active: active (running) since Tue 2025-05-27 10:16:01 CST; 4min 16s ago
   Main PID: 2182 (deluge-web)
      Tasks: 1 (limit: 6903)
     Memory: 61.7M
        CPU: 1.995s
     CGroup: /system.slice/deluge-web.service
             └─2182 deluge-web

may 27 10:16:01 jgrey.phoenix systemd[1]: Started deluge-web.service.

Open http://localhost:8112/ , provide the default password deluge, and the web interface looks like works, will be interesting to check if a torrent downloaded from here can be accessed by normal user as I omit an umask in the upstream /deluge-web.service example but, that could be handled in new bug.

Run deluge as user still works

Looks good for me

Comment 19 Herman Viaene 2025-05-29 11:19:30 CEST

Installed newest version, but ....
]# systemctl start deluge-daemon
# systemctl -l status deluge-daemon
× deluge-daemon.service - Deluge Bittorrent Client Daemon
     Loaded: loaded (/usr/lib/systemd/system/deluge-daemon.service; disabled; preset: disabled)
     Active: failed (Result: exit-code) since Thu 2025-05-29 11:17:10 CEST; 27s ago
   Duration: 3.185s
    Process: 5595 ExecStart=/usr/bin/deluged -d (code=exited, status=1/FAILURE)
   Main PID: 5595 (code=exited, status=1/FAILURE)
        CPU: 1.908s

May 29 11:17:07 mach3.hviaene.thuis systemd[1]: Started deluge-daemon.service.
May 29 11:17:10 mach3.hviaene.thuis deluged[5595]: 11:17:10 [ERROR   ][deluge.common:136 ] Unable to use default config directory, exiting... ([Errno 13] Pe>
May 29 11:17:10 mach3.hviaene.thuis systemd[1]: deluge-daemon.service: Main process exited, code=exited, status=1/FAILURE
May 29 11:17:10 mach3.hviaene.thuis systemd[1]: deluge-daemon.service: Failed with result 'exit-code'.
May 29 11:17:10 mach3.hviaene.thuis systemd[1]: deluge-daemon.service: Consumed 1.908s CPU time.
[root@mach3 ~]#

Comment 20 katnatek 2025-05-29 13:24:15 CEST

(In reply to Herman Viaene from comment #19)
> Installed newest version, but ....
> ]# systemctl start deluge-daemon
> # systemctl -l status deluge-daemon
> × deluge-daemon.service - Deluge Bittorrent Client Daemon
>      Loaded: loaded (/usr/lib/systemd/system/deluge-daemon.service;
> disabled; preset: disabled)
>      Active: failed (Result: exit-code) since Thu 2025-05-29 11:17:10 CEST;
> 27s ago
>    Duration: 3.185s
>     Process: 5595 ExecStart=/usr/bin/deluged -d (code=exited,
> status=1/FAILURE)
>    Main PID: 5595 (code=exited, status=1/FAILURE)
>         CPU: 1.908s
> 
> May 29 11:17:07 mach3.hviaene.thuis systemd[1]: Started
> deluge-daemon.service.
> May 29 11:17:10 mach3.hviaene.thuis deluged[5595]: 11:17:10 [ERROR  
> ][deluge.common:136 ] Unable to use default config directory, exiting...
> ([Errno 13] Pe>
> May 29 11:17:10 mach3.hviaene.thuis systemd[1]: deluge-daemon.service: Main
> process exited, code=exited, status=1/FAILURE
> May 29 11:17:10 mach3.hviaene.thuis systemd[1]: deluge-daemon.service:
> Failed with result 'exit-code'.
> May 29 11:17:10 mach3.hviaene.thuis systemd[1]: deluge-daemon.service:
> Consumed 1.908s CPU time.
> [root@mach3 ~]#

If you could check if journalctl ir logs
if say what config directory try to use it help me to debug this

I'll try to remove all the the folders that could remain in system
and user folder to see if I able to reproduce your issue

Comment 21 katnatek 2025-05-30 01:39:28 CEST

I could reproduce Herman's issue, working on a fix

Comment 22 katnatek 2025-05-30 05:03:13 CEST

Let's see if this is the good, I already test and fix the issue, but additional confirmation not hurts

RPM:
deluge-2.2.0-1.5.mga9

SRPM:
deluge-2.2.0-1.5.mga9

Status comment: Package in comment 17 => Package in comment 22

Comment 23 Herman Viaene 2025-05-30 15:13:05 CEST

# systemctl start deluge-daemon
[root@mach3 ~]# systemctl -l status deluge-daemon
● deluge-daemon.service - Deluge Bittorrent Client Daemon
     Loaded: loaded (/usr/lib/systemd/system/deluge-daemon.service; disabled; preset: disabled)
     Active: active (running) since Fri 2025-05-30 14:59:49 CEST; 23s ago
   Main PID: 7126 (deluged)
      Tasks: 4 (limit: 8806)
     Memory: 62.2M
        CPU: 9.673s
     CGroup: /system.slice/deluge-daemon.service
             └─7126 /usr/bin/python3 /usr/bin/deluged -d

May 30 14:59:49 mach3.hviaene.thuis systemd[1]: Started deluge-daemon.service.
[root@mach3 ~]# systemctl start deluge-web
[root@mach3 ~]# systemctl -l status deluge-web
● deluge-web.service - Deluge Bittorrent Client Web Interface
     Loaded: loaded (/usr/lib/systemd/system/deluge-web.service; disabled; preset: disabled)
     Active: active (running) since Fri 2025-05-30 15:01:39 CEST; 14s ago
   Main PID: 17263 (deluge-web)
      Tasks: 1 (limit: 8806)
     Memory: 51.4M
        CPU: 8.180s
     CGroup: /system.slice/deluge-web.service
             └─17263 deluge-web

May 30 15:01:39 mach3.hviaene.thuis systemd[1]: Started deluge-web.service.
Opened 8112/tcp in firewall, then I could connect to localhost:8112
and interface looks OK. Torrents is beyond me, so I'm happy here.

Run deluge as a user also opens a sensible interface.
Tx, katnatek, let it go.

Whiteboard: (none) => MGA9-64-OK

Comment 24 katnatek 2025-05-30 19:03:06 CEST

(In reply to Herman Viaene from comment #23)
Thank you, FYI the service is not working in the current package, so after all the fixes I have to introduce, we fix that bug too

katnatek 2025-05-31 04:50:57 CEST

CC: (none) => andrewsfarm

Comment 25 Thomas Andrews 2025-05-31 13:39:45 CEST

(In reply to katnatek from comment #22)
> Let's see if this is the good, I already test and fix the issue, but
> additional confirmation not hurts
> 

I'm glad to see Herman's confirmation, too. I'm always nervous if the developer/packager does the only testing. It's too easy for some specific requirement that is on the packager's system but not commonly on others to be overlooked. It has happened before.

But not this time. Validating.

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 26 Mageia Robot 2025-05-31 18:21:26 CEST

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2025-0174.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.