May 2018 - openSUSE Bugs - openSUSE Mailing Lists

[Bug 1091551] New: llvm5 build dependency required for Firefox 60 ESR
by bugzilla_noreply＠novell.com 02 May '18

02 May '18

http://bugzilla.opensuse.org/show_bug.cgi?id=1091551 Bug ID: 1091551 Summary: llvm5 build dependency required for Firefox 60 ESR Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.3 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Development Assignee: msrb(a)suse.com Reporter: astieger(a)suse.com QA Contact: qa-bugs(a)suse.de CC: wolfgang(a)rosenauer.org Found By: Security Response Team Blocker: --- similar to bug 1030232, llvm5 required for Mozilla Firefox 60 ESR on Leap 42.3 llvm5 --> cargo --> MozillaFirefox see home:AndreasStieger:ff60esr:deps Question is of we can just send llvm5 from Factory, or if there is any conflict with openSUSE:Leap:42.3:Update/llvm -- You are receiving this mail because: You are on the CC list for the bug.

1 6

[Bug 1090752] [storage-ng] Internal error: undefined method `mbr_gap' for nil:NilClass
by bugzilla_noreply＠novell.com 02 May '18

02 May '18

http://bugzilla.suse.com/show_bug.cgi?id=1090752 http://bugzilla.suse.com/show_bug.cgi?id=1090752#c5 --- Comment #5 from Josef Reidinger <jreidinger(a)suse.com> --- (In reply to Ancor Gonzalez Sosa from comment #4) > The original crash and the other partitioner checks (no more validation of > size and fstype for NFS mounts) have been fixed in yast2-storage-ng >= > 4.0.169 > > See https://build.opensuse.org/request/show/602620 > > We still need to fix yast2-bootloader to not do any attempt if root is in > NFS. well, current workaround for bootlaoder is to use "NONE" bootloader. I know it is not perfect, but at least should not block testing. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1069468] Packages should no longer use /var/adm/fillup-templates
by bugzilla_noreply＠novell.com 02 May '18

02 May '18

http://bugzilla.suse.com/show_bug.cgi?id=1069468 http://bugzilla.suse.com/show_bug.cgi?id=1069468#c59 --- Comment #59 from Swamp Workflow Management <swamp(a)suse.de> --- openSUSE-SU-2018:1119-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 1069468,1090495 CVE References: CVE-2018-1000178,CVE-2018-1000179 Sources used: openSUSE Leap 42.3 (src): quassel-0.12.5-5.3.1 -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1086444] New: Clang package misses some CMake targets
by bugzilla_noreply＠novell.com 02 May '18

02 May '18

http://bugzilla.opensuse.org/show_bug.cgi?id=1086444 Bug ID: 1086444 Summary: Clang package misses some CMake targets Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Development Assignee: bnc-team-screening(a)forge.provo.novell.com Reporter: marius.kittler(a)suse.com QA Contact: qa-bugs(a)suse.de Found By: --- Blocker: --- # Observation Using Clang's libraries via CMake config files provided by `clang5-devel` leads to configuration errors. ``` find_package(Clang REQUIRED) target_link_libraries(some_target PRIVATE clangTooling clangFrontend clangAST clangLex clangSema clangBasic LLVM) ``` ``` CMake Error at generator/CMakeLists.txt:50 (find_package): Found package configuration file: /usr/lib64/cmake/clang/ClangConfig.cmake but it set Clang_FOUND to FALSE so package "Clang" is considered to be NOT FOUND. Reason given by package: The following imported targets are referenced, but are missing: clangBasic clangCodeGen clangDriver clangFrontend clangFrontendTool ``` Full example: https://build.opensuse.org/package/live_build_log/home:mkittler/reflective-… # Expected behavior Of course not configuration error should occur the the target links against the library correctly. # Further details Apparently the concerning libraries are there: ``` pm -ql clang5-devel | grep 'clangBasic' /usr/lib64/libclangBasic.so rpm -ql clang5-devel | grep 'clangTooling' /usr/lib64/libclangTooling.so /usr/lib64/libclangToolingCore.so /usr/lib64/libclangToolingRefactor.so ``` So it is just the imported target in the Clang configuration files which is missing. Note that the Arch Linux package is working fine so it might be helpful as a reference: https://www.archlinux.org/packages/testing/x86_64/clang BTW: Arch Linux is using static libraries for LLVM/Clang 5 but they also switched to dynamic libraries for LLVM/Clang 6. Their clang 6.0.0 package which is currently in their staging repo works fine as well. So the use of dynamic libs in Tumbleweed is likely not making the difference here. I think the concerning Tumbleweed spec file is https://build.opensuse.org/package/show/devel:tools:compiler/llvm. I have been trying to investigate the issue myself a little bit, but don't know why the targets are missing so far. Thanks for your help in advance! -- You are receiving this mail because: You are on the CC list for the bug.

1 1

[Bug 1091636] New: VUL-0: CVE-2017-18264: An issue was discovered in libraries/common.inc.php in phpMyAdmin 4.0 before4.0.10.20, 4.4.x, 4.6.x, and 4.7.0 prereleases. The restrictions caused by$cfg['Servers'][$i]['AllowNoPassword'] = false are bypassed under
by bugzilla_noreply＠novell.com 02 May '18

02 May '18

http://bugzilla.opensuse.org/show_bug.cgi?id=1091636 Bug ID: 1091636 Summary: VUL-0: CVE-2017-18264: An issue was discovered in libraries/common.inc.php in phpMyAdmin 4.0 before4.0.10.20, 4.4.x, 4.6.x, and 4.7.0 prereleases. The restrictions caused by$cfg['Servers'][$i]['AllowNoPassword'] = false are bypassed under Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.3 Hardware: Other URL: https://smash.suse.de/issue/205109/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: chris(a)computersalat.de Reporter: kbabioch(a)suse.com QA Contact: security-team(a)suse.de CC: chris(a)computersalat.de, crrodriguez(a)opensuse.org, ecsos(a)schirra.net, javier(a)opensuse.org, lang(a)b1-systems.de Found By: Security Response Team Blocker: --- CVE-2017-18264 An issue was discovered in libraries/common.inc.php in phpMyAdmin 4.0 before 4.0.10.20, 4.4.x, 4.6.x, and 4.7.0 prereleases. The restrictions caused by $cfg['Servers'][$i]['AllowNoPassword'] = false are bypassed under certain PHP versions (e.g., version 5). This can allow the login of users who have no password set even if the administrator has set $cfg['Servers'][$i]['AllowNoPassword'] to false (which is also the default). This occurs because some implementations of the PHP substr function return false when given '' as the first argument. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18264 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18264 -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1090378] spectacle is unable to catch a screenshot in configuration "rectangular region" on wayland
by bugzilla_noreply＠novell.com 02 May '18

02 May '18

http://bugzilla.suse.com/show_bug.cgi?id=1090378 Fabian Vogt <fvogt(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CONFIRMED CC| |fvogt(a)suse.com See Also| |https://bugs.kde.org/show_b | |ug.cgi?id=377157 -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1017558] Cannot view timestamp of read-only snapshots in GRUB as names truncated
by bugzilla_noreply＠novell.com 02 May '18

02 May '18

http://bugzilla.suse.com/show_bug.cgi?id=1017558 http://bugzilla.suse.com/show_bug.cgi?id=1017558#c11 --- Comment #11 from Thorsten Kukuk <kukuk(a)suse.com> --- Leap is identical to SLES: you can jump between versions, and here timestamps don't help you to identify the Leap version. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1091401] empty KDE Desktop after ppc64 (BE) TW install
by bugzilla_noreply＠novell.com 02 May '18

02 May '18

http://bugzilla.suse.com/show_bug.cgi?id=1091401 http://bugzilla.suse.com/show_bug.cgi?id=1091401#c1 Fabian Vogt <fvogt(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fvogt(a)suse.com, | |normand(a)linux.vnet.ibm.com Flags| |needinfo?(normand(a)linux.vne | |t.ibm.com) --- Comment #1 from Fabian Vogt <fvogt(a)suse.com> --- I can't find any logs, we need at least the system journal. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1087352] yast2-packager.desktop fails when clicked in the programs menu
by bugzilla_noreply＠novell.com 02 May '18

02 May '18

http://bugzilla.suse.com/show_bug.cgi?id=1087352 http://bugzilla.suse.com/show_bug.cgi?id=1087352#c4 Fabian Vogt <fvogt(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fvogt(a)suse.com --- Comment #4 from Fabian Vogt <fvogt(a)suse.com> --- This is a bug in the .desktop file itself, it violates the desktop file specification: "Field codes must not be used inside a quoted argument, the result of field code expansion inside a quoted argument is undefined. The %F and %U field codes may only be used as an argument on their own." -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1087741] New: Setting default web browser falls back to previous browser
by bugzilla_noreply＠novell.com 02 May '18

02 May '18

http://bugzilla.opensuse.org/show_bug.cgi?id=1087741 Bug ID: 1087741 Summary: Setting default web browser falls back to previous browser Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.3 Hardware: Other OS: openSUSE 42.3 Status: NEW Severity: Normal Priority: P5 - None Component: KDE Workspace (Plasma) Assignee: opensuse-kde-bugs(a)opensuse.org Reporter: studio(a)anchev.net QA Contact: qa-bugs(a)suse.de Found By: --- Blocker: --- Created attachment 765672 --> http://bugzilla.opensuse.org/attachment.cgi?id=765672&action=edit screenshot STR: 1. Install torbrowser-launcher and run the Tor Browser 2. Go to about:preferences and set it as default browser 3. Click to open an HTTP link from another application (tested with claws-mail and newsbeuter) EXPECTED The link should open in Tor Browser ACTUAL The link opens in Chromium (the previous default browser). Also chrome://settings/defaultBrowser still shows that "Chromium is your default browser" regardless of: [~]: cat .config/mimeapps.list | grep browser x-scheme-handler/http=exo-web-browser.desktop x-scheme-handler/https=exo-web-browser.desktop x-scheme-handler/http=exo-web-browser.desktop As seen on the screenshot both browsers claim to be default simultaneously. -- You are receiving this mail because: You are on the CC list for the bug.

1 8