Bug ID 1154725
Summary Regrassion: fix for CVE-2019-14822 (#1150011) prevent Qt applications from connecting ibus-daemon due to race condition in GDBusServer
Classification openSUSE
Product openSUSE Distribution
Version Leap 15.1
Hardware Other
OS Other
Status NEW
Severity Major
Priority P5 - None
Component X11 Applications
Assignee bnc-team-screening@forge.provo.novell.com
Reporter ftake@geeko.jp
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

After applying the patch to fix CVE-2019-14822 (#1150011), Qt application
cannot connect to ibus-daemon.

Due to the race condition bug with GDBus, ibus client using libdbus (including
Qt platform input context plugin, aka ibus-qt) cannot connect to ibus-daemon's
D-Bus server.

This problem did not reproduce before applying the patch because the race
condition happens restricting clients but the old insecure ibus-daemon does not
check clients.

Workaround is restarting ibus-daemon repeatedly until the problem is fixed.


Ubuntu has already reverted the patch for CVE-2019-14822
https://bugs.launchpad.net/ubuntu/+source/ibus/+bug/1844853

A bug report in IBus project
https://github.com/ibus/ibus/issues/2137

A fix for GDBus server
https://gitlab.gnome.org/GNOME/glib/merge_requests/1176

You are receiving this mail because: