File _patchinfo of Package patchinfo.12795

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.12795

<patchinfo incident="12795">
  <issue tracker="bnc" id="1153557">Net installation fails in openQA because no base products found to install</issue>
  <issue tracker="bnc" id="1146415">zypper doesn't install latest package version of package pulled with Supplements if the latest version introduces a conflict with an installed package</issue>
  <issue tracker="bnc" id="1146947">CaaSP v4 RC1 zypper ps running files using deleted files</issue>
  <issue tracker="bnc" id="1049825">zypper bash completion expands non-existing options</issue>
  <issue tracker="bnc" id="1116995">packagekit leaking file descriptors (and huge log file) ?</issue>
  <issue tracker="bnc" id="1127155">OES2018 SP1 Update 1: Conflict occured while applying the OES2018 SP1 Update1 patch.</issue>
  <issue tracker="bnc" id="1120629">VUL-1: CVE-2018-20532: libsolv: NULL pointer dereference at ext/testcase.c (function testcase_read)</issue>
  <issue tracker="bnc" id="1120630">VUL-1: CVE-2018-20533: libsolv: NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a</issue>
  <issue tracker="bnc" id="1120631">VUL-1: CVE-2018-20534: libsolv: illegal address access at src/pool.h (function pool_whatprovides) in libsolv.a</issue>
  <issue tracker="bnc" id="1127155">Partner-L3: OES2018 SP1 Update 1: Conflict occured while applying the OES2018 SP1 Update1 patch.</issue>
  <issue tracker="bnc" id="1127608">"zypper in &lt;rpmlist&gt;" aborts installation if any package is not found in the repositories</issue>
  <issue tracker="bnc" id="1130306">packagekit-background.service sends no mail</issue>
  <issue tracker="bnc" id="1131113">pressing retry in zypp doesn't show progressbar</issue>
  <issue tracker="bnc" id="1131823">[SLES15SP1][Build 208.1] Virtualization host upgrade from SLES-15 to SLES-15-SP1 finished with wrong product name shown up</issue>
  <issue tracker="bnc" id="1134226">CaaSP 3.0 worker transactional-updates downgrades core components due to invalid (unsigned) repos</issue>
  <issue tracker="bnc" id="1135749">[Staging] libsolv fails to build against swig 4.0</issue>
  <issue tracker="bnc" id="1137977">zypper rm -t pattern not removing all packages within the pattern</issue>
  <issue tracker="bnc" id="1139795">libzypp 17.12.0-1.2 deletes /etc/products.d/openSUSE.prod</issue>
  <issue tracker="bnc" id="1140039">SUMA 3.2 client migration SLES-12-SP3-SAP to SLES-12-SP4-SAP fail. No error messages "file conflicts" in GUI</issue>
  <issue tracker="bnc" id="1145521">Zypper exiting on SIGPIPE received during package download.</issue>
  <issue tracker="bnc" id="1146027">libzypp/libcurl: random segfaults, Opensuse 15.0</issue>
  <issue tracker="bnc" id="859480">zypper message about deleted files should be stricter</issue>
  <issue tracker="cve" id="2018-20532"/>
  <issue tracker="cve" id="2018-20533"/>
  <issue tracker="cve" id="2018-20534"/>
  <packager>mlandres</packager>
  <rating>important</rating>
  <category>recommended</category>
  <summary>Recommended update for libzypp, zypper, libsolv and PackageKit</summary>
  <description>This update for libzypp, zypper, libsolv and PackageKit fixes the following issues:

Security issues fixed in libsolv:

- CVE-2018-20532: Fixed NULL pointer dereference at ext/testcase.c (function testcase_read) (bsc#1120629).
- CVE-2018-20533: Fixed NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a (bsc#1120630).
- CVE-2018-20534: Fixed illegal address access at src/pool.h (function pool_whatprovides) in libsolv.a (bsc#1120631).

Other issues addressed in libsolv:

- Fixed an issue where libsolv failed to build against swig 4.0 by updating the version to 0.7.5 (bsc#1135749).
- Fixed an issue with the package name (bsc#1131823).
- repo_add_rpmdb: do not copy bad solvables from the old solv file
- Fixed an issue with  cleandeps updates in which all packages were not updated
- Experimental DISTTYPE_CONDA and REL_CONDA support
- Fixed cleandeps jobs when using patterns (bsc#1137977)
- Fixed favorq leaking between solver runs if the solver is reused
- Fixed SOLVER_FLAG_FOCUS_BEST updateing packages without reason
- Be more correct with multiversion packages that obsolete their own name (bnc#1127155)
- Fix repository priority handling for multiversion packages
- Make code compatible with swig 4.0, remove obj0 instances
- repo2solv: support zchunk compressed data
- Remove NO_BRP_STRIP_DEBUG=true as brp-15-strip-debug will
  not strip debug info for archives

Issues fixed in libzypp:

- Fix empty metalink downloads if filesize is unknown (bsc#1153557)
- Recognize riscv64 as architecture
- Fix installation of new header file (fixes #185)
- zypp.conf: Introduce `solver.focus` to define the resolvers general
  attitude when resolving jobs. (bsc#1146415)
- New container detection algorithm for zypper ps (bsc#1146947)
- Fix leaking filedescriptors in MediaCurl. (bsc#1116995)
- Run file conflict check on dry-run. (bsc#1140039)
- Do not remove orphan products if the .prod file is owned by
  a package. (bsc#1139795)
- Rephrase file conflict check summary. (bsc#1140039)
- Fix bash completions option detection. (bsc#1049825)
- Fixes a bug where zypper exited on SIGPIPE when downloading packages (bsc#1145521)
- Fixes an issue where zypper exited with a segmentation fault when updating via YaST2 (bsc#1146027)
- PublicKey::algoName: supply key algorithm and length

Issues fixed in zypper:

- Update to version 1.14.30
- Ignore SIGPIPE while STDOUT/STDERR are OK (bsc#1145521)
- Dump stacktrace on SIGPIPE (bsc#1145521)
- info: The requested info must be shown in QUIET mode (fixes #287)
- Fix local/remote url classification.
- Rephrase file conflict check summary (bsc#1140039)
- Fix bash completions option detection (bsc#1049825)
- man: split '--with[out]' like options to ease searching.
- Unhided 'ps' command in help
- Added option to show more conflict information
- Rephrased `zypper ps` hint (bsc#859480)
- Fixed repo refresh not returning 106-ZYPPER_EXIT_INF_REPOS_SKIPPED
  if --root is used (bsc#1134226)
- Fixed unknown package handling in zypper install (bsc#1127608)
- Re-show progress bar after pressing retry upon install error (bsc#1131113)

Issues fixed in PackageKit:

- Port the cron configuration variables to the systemd timer script, and add -sendwait
  parameter to mail in the script(bsc#1130306).

</description>
<zypp_restart_needed/>
</patchinfo>

Places

File _patchinfo of Package patchinfo.12795

Places