[snap] Cannot use libwidevinecdm.so to play back DRM-encrypted video

Bug #1738149 reported by Olivier Tilloy
This bug affects 2 people
Affects Status Importance Assigned to Milestone
chromium-browser (Ubuntu)
Fix Released
Olivier Tilloy

Bug Description

The chromium-browser deb package has a patch that allows the browser to look for the content decryption module in /opt/google/chrome/ and use it if present (assumes google-chrome is also installed).

This won't work with the snap, because the snap's runtime environment won't use /opt from the host.

What could work is to patch chromium to look for libwidevinecdm.so somewhere within the snap's area ($SNAP_USER_COMMON or $SNAP_USER_DATA), and have instructions for the user to copy the file to this area.

Tags: snap
Olivier Tilloy (osomon)
Changed in chromium-browser (Ubuntu):
status: New → Triaged
importance: Undecided → Medium
Olivier Tilloy (osomon)
Changed in chromium-browser (Ubuntu):
assignee: nobody → Olivier Tilloy (osomon)
Olivier Tilloy (osomon)
Changed in chromium-browser (Ubuntu):
status: Triaged → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 64.0.3282.119-0ubuntu1

chromium-browser (64.0.3282.119-0ubuntu1) bionic; urgency=medium

  * Upstream release: 64.0.3282.119
    - CVE-2018-6031: Use after free in PDFium.
    - CVE-2018-6032: Same origin bypass in Shared Worker.
    - CVE-2018-6033: Race when opening downloaded files.
    - CVE-2018-6034: Integer overflow in Blink.
    - CVE-2018-6035: Insufficient isolation of devtools from extensions.
    - CVE-2018-6036: Integer underflow in WebAssembly.
    - CVE-2018-6037: Insufficient user gesture requirements in autofill.
    - CVE-2018-6038: Heap buffer overflow in WebGL.
    - CVE-2018-6039: XSS in DevTools.
    - CVE-2018-6040: Content security policy bypass.
    - CVE-2018-6041: URL spoof in Navigation.
    - CVE-2018-6042: URL spoof in OmniBox.
    - CVE-2018-6043: Insufficient escaping with external URL handlers.
    - CVE-2018-6045: Insufficient isolation of devtools from extensions.
    - CVE-2018-6046: Insufficient isolation of devtools from extensions.
    - CVE-2018-6047: Cross origin URL leak in WebGL.
    - CVE-2018-6048: Referrer policy bypass in Blink.
    - CVE-2017-15420: URL spoofing in Omnibox.
    - CVE-2018-6049: UI spoof in Permissions.
    - CVE-2018-6050: URL spoof in OmniBox.
    - CVE-2018-6051: Referrer leak in XSS Auditor.
    - CVE-2018-6052: Incomplete no-referrer policy implementation.
    - CVE-2018-6053: Leak of page thumbnails in New Tab Page.
    - CVE-2018-6054: Use after free in WebUI.
  * debian/control: update reference URL for chromedriver
  * debian/rules:
    - remove enable_hotwording build flag
    - exclude build artifacts from the binary package (LP: #1742653)
  * debian/patches/add-missing-cstddef-include.patch: added
  * debian/patches/configuration-directory.patch: refreshed
  * debian/patches/disable-sse2: refreshed
  * debian/patches/enable-chromecast-by-default.patch: refreshed
  * debian/patches/fix-ffmpeg-ia32-build.patch: added
  * debian/patches/last-commit-position: refreshed
  * debian/patches/no-xlocale-header.patch: removed, no longer needed
  * debian/patches/revert-clang-nostdlib++.patch: updated
  * debian/patches/revert-Xclang-instcombine-lower-dbg-declare.patch: refreshed
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: updated
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/touch-v35: refreshed
  * debian/patches/widevine-other-locations: updated (LP: #1738149)
  * debian/known_gn_gen_args-*: remove enable_hotwording build flag

 -- Olivier Tilloy <email address hidden> Wed, 24 Jan 2018 23:18:03 +0100

Changed in chromium-browser (Ubuntu):
status: In Progress → Fix Released
Revision history for this message
Kevin Keijzer (kkeijzer) wrote :

Since the Chromium 79 snap, this seems to no longer work.

I have the libwidevinecdm.so from Firefox in ~/snap/chromium/current/.local/lib/, which always worked fine before, but now EME videos all just show warnings and the plugin does not seem to be loaded.

Extracting the libwidevinecdm.so from a Chrome deb and putting it in the same place also does not help.

Revision history for this message
Olivier Tilloy (osomon) wrote :
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.