May 2019 - openSUSE Bugs - openSUSE Mailing Lists

[Bug 1133929] [etc cleanup] move motd to /usr
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1133929 http://bugzilla.suse.com/show_bug.cgi?id=1133929#c3 Michael Vetter <mvetter(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mvetter(a)suse.com --- Comment #3 from Michael Vetter <mvetter(a)suse.com> --- Regarding SR#700054: Are you aware of the current discussion and changes at https://bugzilla.suse.com/show_bug.cgi?id=1121197 ? I think they plan to update shadow-login_defs.patch soon too. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1132328] Upgrade doubles GRUB_CMDLINE_LINUX_DEFAULT content
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1132328 http://bugzilla.suse.com/show_bug.cgi?id=1132328#c5 Josef Reidinger <jreidinger(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jsrain(a)suse.com Flags|needinfo?(jreidinger(a)suse.c |needinfo?(jsrain(a)suse.com) |om) | --- Comment #5 from Josef Reidinger <jreidinger(a)suse.com> --- (In reply to Stefan Schubert from comment #4) > Josef, could you please have a look on it ? Yes, it is known issue with upgrade now. As we now allow to modify boot parameters during upgrade and also need to respect what rpm can do in post install scripts with config, so we merge params, for others it works well, but for kernel parameters we do not find yet reliable way how to merge those two params. So for now the safest option is to simply merge it as it is harmless. Jiri: what do you think? Can we just skip merge in case of upgrade for kernel parameters? -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1131182] Kernel panic related to mpt3sas module
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1131182 Hannes Reinecke <hare(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|hare(a)suse.com |lduncan(a)suse.com -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1131208] kernel:stable 5.0.5, non-fatal trace: "RIP: 0010:__sbitmap_queue_get_shallow+0x85/0xb0"
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1131208 http://bugzilla.suse.com/show_bug.cgi?id=1131208#c1 Hannes Reinecke <hare(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|hare(a)suse.com |colyli(a)suse.com --- Comment #1 from Hannes Reinecke <hare(a)suse.com> --- Please retest with the latest kernel update to see if the problem persists. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1133686] Partitioner: misbehavior of tree sections that were initially empty
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1133686 http://bugzilla.suse.com/show_bug.cgi?id=1133686#c1 Ancor Gonzalez Sosa <ancor(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|CONFIRMED |RESOLVED Resolution|--- |FIXED --- Comment #1 from Ancor Gonzalez Sosa <ancor(a)suse.com> --- Fixed by https://build.opensuse.org/request/show/700053 For details about what was wrong and how it was fixed, check https://github.com/yast/yast-storage-ng/pull/914 -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1133498] VUL-1: CVE-2019-11506: GraphicsMagick: heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possi
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1133498 http://bugzilla.suse.com/show_bug.cgi?id=1133498#c8 Petr Gajdos <pgajdos(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|pgajdos(a)suse.com |security-team(a)suse.de --- Comment #8 from Petr Gajdos <pgajdos(a)suse.com> --- I believe all fixed. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1133501] VUL-1: CVE-2019-11505: GraphicsMagick,ImageMagick: heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1133501 http://bugzilla.suse.com/show_bug.cgi?id=1133501#c8 Petr Gajdos <pgajdos(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|pgajdos(a)suse.com |security-team(a)suse.de --- Comment #8 from Petr Gajdos <pgajdos(a)suse.com> --- I believe all fixed. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1121208] New: GCC 9: grub2 build fails
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.opensuse.org/show_bug.cgi?id=1121208 Bug ID: 1121208 Summary: GCC 9: grub2 build fails Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: bnc-team-screening(a)forge.provo.novell.com Reporter: martin.liska(a)suse.com QA Contact: qa-bugs(a)suse.de Found By: --- Blocker: --- [ 77s] ../grub-core/fs/jfs.c: In function 'getblk': [ 77s] ../grub-core/fs/jfs.c:300:32: error: taking address of packed member of 'struct grub_jfs_data' may result in an unaligned pointer value [-Werror=address-of-packed-member] [ 77s] 300 | if (!grub_disk_read (data->disk, [ 77s] | ~~~~^~~~~~ [ 77s] ../grub-core/fs/jfs.c: In function 'grub_jfs_read_inode': [ 77s] ../grub-core/fs/jfs.c:339:27: error: taking address of packed member of 'struct grub_jfs_data' may result in an unaligned pointer value [-Werror=address-of-packed-member] [ 77s] 339 | if (grub_disk_read (data->disk, [ 77s] | ~~~~^~~~~~ [ 77s] ../grub-core/fs/jfs.c:351:27: error: taking address of packed member of 'struct grub_jfs_data' may result in an unaligned pointer value [-Werror=address-of-packed-member] [ 77s] 351 | if (grub_disk_read (data->disk, inoblk, 0, [ 77s] | ~~~~^~~~~~ [ 77s] ../grub-core/fs/jfs.c: In function 'grub_jfs_mount': [ 77s] ../grub-core/fs/jfs.c:393:27: error: taking address of packed member of 'struct grub_jfs_data' may result in an unaligned pointer value [-Werror=address-of-packed-member] [ 77s] 393 | if (grub_disk_read (data->disk, GRUB_JFS_FS1_INODE_BLK, 0, [ 77s] | ~~~~^~~~~~ [ 77s] ../grub-core/fs/jfs.c: In function 'grub_jfs_opendir': [ 77s] ../grub-core/fs/jfs.c:467:31: error: taking address of packed member of 'struct grub_jfs_data' may result in an unaligned pointer value [-Werror=address-of-packed-member] [ 77s] 467 | if (grub_disk_read (data->disk, blk, 0, [ 77s] | ~~~~^~~~~~ [ 77s] ../grub-core/fs/jfs.c: In function 'grub_jfs_getent': [ 77s] ../grub-core/fs/jfs.c:535:37: error: taking address of packed member of 'struct grub_jfs_data' may result in an unaligned pointer value [-Werror=address-of-packed-member] [ 77s] 535 | if (grub_disk_read (diro->data->disk, next, 0, [ 77s] | ~~~~~~~~~~^~~~~~ [ 77s] ../grub-core/fs/jfs.c:557:44: error: taking address of packed member of 'struct grub_jfs_leaf_dirent' may result in an unaligned pointer value [-Werror=address-of-packed-member] [ 77s] 557 | le_to_cpu16_copy (filename + strpos, leaf->namepart, len < diro->data->namecomponentlen ? len [ 77s] | ~~~~^~~~~~~~~~ [ 77s] ../grub-core/fs/jfs.c:570:48: error: taking address of packed member of 'struct grub_jfs_leaf_next_dirent' may result in an unaligned pointer value [-Werror=address-of-packed-member] [ 77s] 570 | le_to_cpu16_copy (filename + strpos, next_leaf->namepart, len < 15 ? len : 15); [ 77s] | ~~~~~~~~~^~~~~~~~~~ [ 77s] ../grub-core/fs/jfs.c: In function 'grub_jfs_read_file': [ 77s] ../grub-core/fs/jfs.c:629:27: error: taking address of packed member of 'struct grub_jfs_data' may result in an unaligned pointer value [-Werror=address-of-packed-member] [ 77s] 629 | grub_disk_read (data->disk, [ 77s] | ~~~~^~~~~~ [ 77s] cc1: all warnings being treated as errors and similar errors with -Werror=address-of-packed-member -- You are receiving this mail because: You are on the CC list for the bug.

1 14

[Bug 1133579] Package wrong URL prevents successful installation - LEAP 15
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1133579 http://bugzilla.suse.com/show_bug.cgi?id=1133579#c3 Petr Vanek <petr(a)yarpen.cz> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags| |needinfo?(tonysu@su-network | |ing.com) --- Comment #3 from Petr Vanek <petr(a)yarpen.cz> --- Created attachment 804019 --> http://bugzilla.suse.com/attachment.cgi?id=804019&action=edit screenshot of the package installation I just tried to install it into Leap 15.1 beta VM. And all is working fine. What exactly are you trying to do, please? What repos do you have enabled? Refreshed? -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1121200] New: GCC 9: bctoolbox build failsbctoolbox
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.opensuse.org/show_bug.cgi?id=1121200 Bug ID: 1121200 Summary: GCC 9: bctoolbox build failsbctoolbox Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: bnc-team-screening(a)forge.provo.novell.com Reporter: martin.liska(a)suse.com QA Contact: qa-bugs(a)suse.de Found By: --- Blocker: --- https://build.opensuse.org/package/live_build_log/openSUSE:Factory:Staging:… [ 50s] In file included from /usr/include/string.h:494, [ 50s] from /home/abuild/rpmbuild/BUILD/bctoolbox-0.6.0/include/bctoolbox/port.h:38, [ 50s] from /home/abuild/rpmbuild/BUILD/bctoolbox-0.6.0/include/bctoolbox/logging.h:29, [ 50s] from /home/abuild/rpmbuild/BUILD/bctoolbox-0.6.0/src/logging/logging.c:25: [ 50s] In function 'strncat', [ 50s] inlined from 'bctbx_strcat_vprintf' at /home/abuild/rpmbuild/BUILD/bctoolbox-0.6.0/src/logging/logging.c:319:3: [ 50s] /usr/include/bits/string_fortified.h:136:10: error: '__builtin_strncat' output truncated before terminating nul copying as many bytes from a string as its length [-Werror=stringop-truncation] [ 50s] 136 | return __builtin___strncat_chk (__dest, __src, __len, __bos (__dest)); [ 50s] | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ [ 50s] /home/abuild/rpmbuild/BUILD/bctoolbox-0.6.0/src/logging/logging.c: In function 'bctbx_strcat_vprintf': [ 50s] /home/abuild/rpmbuild/BUILD/bctoolbox-0.6.0/src/logging/logging.c:316:11: note: length computed here [ 50s] 316 | retlen = strlen(ret); [ 50s] | ^~~~~~~~~~~ [ 50s] cc1: all warnings being treated as errors [ 50s] make[2]: *** [src/CMakeFiles/bctoolbox.dir/build.make:79: src/CMakeFiles/bctoolbox.dir/logging/logging.c.o] Error 1 [ 50s] make[2]: *** Waiting for unfinished jobs.... [ 51s] make[2]: Leaving directory '/home/abuild/rpmbuild/BUILD/bctoolbox-0.6.0/build' [ 51s] make[1]: *** [CMakeFiles/Makefile2:169: src/CMakeFiles/bctoolbox.dir/all] Error 2 [ 51s] make[1]: Leaving directory '/home/abuild/rpmbuild/BUILD/bctoolbox-0.6.0/build' [ 51s] make: *** [Makefile:155: all] Error 2 [ 51s] error: Bad exit status from /var/tmp/rpm-tmp.Wyuy8e (%build) -- You are receiving this mail because: You are on the CC list for the bug.

1 4

[Bug 1069831] Running sa-update from spamassassin gives warning about deprecated regex
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1069831 Lars Vogdt <lars.vogdt(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |lars.vogdt(a)suse.com -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1125768] go1.10 not built for armv7, which prevent docker images to be built
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.opensuse.org/show_bug.cgi?id=1125768 http://bugzilla.opensuse.org/show_bug.cgi?id=1125768#c11 Jeff Kowalczyk <jkowalczyk(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|CONFIRMED |IN_PROGRESS Flags|needinfo?(asarai(a)suse.com) | --- Comment #11 from Jeff Kowalczyk <jkowalczyk(a)suse.com> --- SLE mr #191776 has been submitted and is in review. Once accepted, the following three new items from .changes would be included: ------------------------------------------------------------------- Mon Mar 11 12:54:18 UTC 2019 - Martin Liška - Add gcc9-rsp-clobber.patch in order to fix bsc#1121397. ------------------------------------------------------------------- Mon Feb 18 11:58:06 UTC 2019 - Guillaume GARDET - Enable build for %arm (boo#1125768), with go1.4 as building with gccgo hangs (boo#974800) - Remove unnedded armv6.patch ------------------------------------------------------------------- Thu Jan 24 04:34:37 UTC 2019 - Jeff Kowalczyk - go1.10.8 (released 2019/01/23) security release fixes CVE-2019-6486. * go#29903 crypto/elliptic: CPU DoS vulnerability affecting P-521 and P-384 ------------------------------------------------------------------- -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1132328] Upgrade doubles GRUB_CMDLINE_LINUX_DEFAULT content
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1132328 http://bugzilla.suse.com/show_bug.cgi?id=1132328#c4 Stefan Schubert <schubi(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jreidinger(a)suse.com, | |schubi(a)suse.com Flags|needinfo?(meksykaniec@yahoo |needinfo?(jreidinger(a)suse.c |.com) |om) --- Comment #4 from Stefan Schubert <schubi(a)suse.com> --- Josef, could you please have a look on it ? -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1133245] New: LTO: libsigsegv build fails
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.opensuse.org/show_bug.cgi?id=1133245 Bug ID: 1133245 Summary: LTO: libsigsegv build fails Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: bnc-team-screening(a)forge.provo.novell.com Reporter: martin.liska(a)suse.com QA Contact: qa-bugs(a)suse.de Found By: --- Blocker: --- Fails due to: [ 45s] /usr/include/asm/sigcontext.h:40:8: error: redefinition of 'struct _fpx_sw_bytes' There's some broken configure: Bad configure: checking whether a fault handler according to Hurd works... no checking ucontext.h usability... yes checking ucontext.h presence... yes checking for ucontext.h... yes vs. checking whether a fault handler according to Hurd works... no checking for the fault handler specifics... fault-linux-x86_64-old.h checking if the system supports catching SIGSEGV... no checking for stack direction... grows down -- You are receiving this mail because: You are on the CC list for the bug.

1 23

[Bug 1133274] New: LTO: pcre2 build fails
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.opensuse.org/show_bug.cgi?id=1133274 Bug ID: 1133274 Summary: LTO: pcre2 build fails Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: bnc-team-screening(a)forge.provo.novell.com Reporter: martin.liska(a)suse.com QA Contact: qa-bugs(a)suse.de Found By: --- Blocker: --- Fails due to: run-test fails: [ 104s] FAIL: RunTest (gdb) bt #0 0x00007ffff7ec7fa5 in re_compile_internal () from /lib64/libc.so.6 #1 0x00007ffff7ec896c in regcomp () from /lib64/libc.so.6 #2 0x000055555556a531 in process_pattern () at src/pcre2test.c:5337 #3 0x000055555555d880 in main (argc=<optimized out>, argv=<optimized out>) at src/pcre2test.c:8684 where regcomp from libc is called, but should be: /* Compiling succeeded. Check that the values in the preg block are sensible. It can happen that pcre2test is accidentally linked with a different POSIX library which succeeds, but of course puts different things into preg. In this situation, calling regfree() may cause a segfault (or invalid free() in valgrind), so ensure that preg.re_pcre2_code is NULL, which suppresses the calling of regfree() on exit. */ -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1131849] Internal error: input/output error in y2start_helpers.rb.63.in "write"
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1131849 http://bugzilla.suse.com/show_bug.cgi?id=1131849#c4 Stefan Schubert <schubi(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |NORESPONSE --- Comment #4 from Stefan Schubert <schubi(a)suse.com> --- Feel free to reopen the bug if you have time for answering the questions. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1132704] YaST2 Docker Module Does Not Delete Docker Images
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1132704 http://bugzilla.suse.com/show_bug.cgi?id=1132704#c3 Stefan Schubert <schubi(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo?(spartanagm(a)live.c | |om) | --- Comment #3 from Stefan Schubert <schubi(a)suse.com> --- We have gotten the answer :-) -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1130663] Yast bootloader with Raspi crashes system
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1130663 http://bugzilla.suse.com/show_bug.cgi?id=1130663#c8 Stefan Schubert <schubi(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution|--- |NORESPONSE --- Comment #8 from Stefan Schubert <schubi(a)suse.com> --- (In reply to Stefan Schubert from comment #5) > Eric, feel free to reopen the bug if you have requested information. Still no response..... -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1133590] "localhost" should not be default hostname
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1133590 http://bugzilla.suse.com/show_bug.cgi?id=1133590#c8 Stefan Schubert <schubi(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED Flags|needinfo?(tonysu@su-network | |ing.com) | --- Comment #8 from Stefan Schubert <schubi(a)suse.com> --- So, lets close it.... -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1133313] VUL-0: chromium: multiple security fixes in 74.0.3729.108
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1133313 Swamp Workflow Management <swamp(a)suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|obs:running:10145:important |obs:running:10145:important | |obs:running:10142:important -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1094934] command 'yast remote allow set=yes' says: Internal error. Please report a bug report
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1094934 Swamp Workflow Management <swamp(a)suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|obs:running:10094:moderate | -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1132943] Kernel 5.0.8: xhci_hcd and thunderbolt modules are crashing
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1132943 Takashi Iwai <tiwai(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ptesarik(a)suse.com -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1133274] LTO: pcre2 build fails
by bugzilla_noreply＠novell.com 02 May '19

02 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1133274 http://bugzilla.suse.com/show_bug.cgi?id=1133274#c1 --- Comment #1 from Jason Sikes <jsikes(a)suse.com> --- (In reply to Martin Liška from comment #0) > Fails due to: > > run-test fails: > [ 104s] FAIL: RunTest > > (gdb) bt > #0 0x00007ffff7ec7fa5 in re_compile_internal () from /lib64/libc.so.6 > #1 0x00007ffff7ec896c in regcomp () from /lib64/libc.so.6 > #2 0x000055555556a531 in process_pattern () at src/pcre2test.c:5337 > #3 0x000055555555d880 in main (argc=<optimized out>, argv=<optimized out>) > at src/pcre2test.c:8684 > > where regcomp from libc is called, but should be: > > ... When compiling with LTO the libc version of regcomp() is chosen to be linked rather than the pcre2 version. Weird. Upstream has decided to fix this by prefacing the POSIX function names with "pcre2_" thus removing the ambiguity from the link step. Upstream has released version 10.33 which removes the ambiguity. Now updating Factory pcre2 to 10.33. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1132777] Gnome software not installed by default leading to lack of "folders" in application overview
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1132777 http://bugzilla.suse.com/show_bug.cgi?id=1132777#c4 --- Comment #4 from Swamp Workflow Management <swamp(a)suse.de> --- This is an autogenerated message for OBS integration: This bug (1132777) was mentioned in https://build.opensuse.org/request/show/699942 Factory / patterns-gnome -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1132943] Kernel 5.0.8: xhci_hcd and thunderbolt modules are crashing
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1132943 http://bugzilla.suse.com/show_bug.cgi?id=1132943#c22 --- Comment #22 from Takashi Iwai <tiwai(a)suse.com> --- The upstream reverted the commit, 2c2a2fb1e2a9256714338875bede6b7cbd4b9542 Revert "ACPICA: Clear status of GPEs before enabling them" I pushed the revert patch to my user branch now. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1132946] Missing support for whirlpool HMAC authentication in NetworkManager-openvpn
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1132946 http://bugzilla.suse.com/show_bug.cgi?id=1132946#c1 --- Comment #1 from Swamp Workflow Management <swamp(a)suse.de> --- This is an autogenerated message for OBS integration: This bug (1132946) was mentioned in https://build.opensuse.org/request/show/699923 15.0 / NetworkManager-openvpn -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 992305] VUL-0: chromium: 52.0.2743.116 security release
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

1 0

[Bug 958373] pcre version 8.33 has security vulnerabilities
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

1 0

[Bug 958373] pcre version 8.33 has security vulnerabilities
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

1 0

[Bug 912316] fail2ban failed to start after install but.. jail.local have errors
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

http://bugzilla.novell.com/show_bug.cgi?id=912316 SMASH SMASH <smash_bz(a)suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard| | | |CVSSv2:NVD:CVE-2012-6684:4. | |3:(AV:N/AC:M/Au:N/C:N/I:P/A | |:N) | |CVSSv2:RedHat:CVE-2012-6684 | |:4.3:(AV:N/AC:M/Au:N/C:N/I: | |P/A:N) -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 901968] VUL-0: CVE-2014-3566: serf: libserf: supports insecure SSL protocol versions
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

1 0

[Bug 902476] tor: disable SSL3 (POODLE)
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

1 0

[Bug 894370] VUL-0: MozillaFirefox 32/31.1 security release
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

1 0

[Bug 848783] New: glibc / known bug: "options rotate" in /etc/resolv.conf causes DNS name reolution FAIL with IPv6 resolver addresses; patch available
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

https://bugzilla.novell.com/show_bug.cgi?id=848783 https://bugzilla.novell.com/show_bug.cgi?id=848783#c0 Summary: glibc / known bug: "options rotate" in /etc/resolv.conf causes DNS name reolution FAIL with IPv6 resolver addresses; patch available Classification: openSUSE Product: openSUSE 12.3 Version: Final Platform: All OS/Version: openSUSE 12.3 Status: NEW Severity: Major Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening(a)forge.provo.novell.com ReportedBy: darx+opensuse(a)sent.com QAContact: qa-bugs(a)suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:25.0) Gecko/20100101 Firefox/25.0 on uname -a Linux darxdev.int 3.7.10-1.16-xen #1 SMP Fri May 31 20:21:23 UTC 2013 (97c14ba) x86_64 x86_64 x86_64 GNU/Linux with rpm -qa | grep -i glibc | sort glibc-2.17-4.7.1.x86_64 glibc-32bit-2.17-4.7.1.x86_64 glibc-debuginfo-2.17-4.7.1.x86_64 glibc-devel-2.17-4.7.1.x86_64 glibc-devel-static-2.17-4.7.1.x86_64 glibc-extra-2.17-4.7.1.x86_64 glibc-i18ndata-2.17-4.7.1.noarch glibc-info-2.17-4.7.1.noarch glibc-locale-2.17-4.7.1.x86_64 glibc-utils-2.17-4.7.1.x86_64 linux-glibc-devel-3.7.1-2.1.3.noarch with either IPv4 resolvers cat /etc/resolv.conf nameserver 8.8.8.8 nameserver 8.8.4.4 or IPv6 resolvers cat /etc/resolv.conf nameserver 2001:4860:4860::8888 nameserver 2001:4860:4860::8844 'svn co' works as expected; in both cases: S="www.nlnetlabs.nl" T="svn/nsd/tags/NSD_4_0_0_REL/tpkg/manual" svn co http://$S/$T test ... Checked out revision 4089. next, adding "options rotate" to resolv.conf, with IPv4 rolvers, cat /etc/resolv.conf nameserver 8.8.8.8 nameserver 8.8.4.4 options rotate 'svn co' still works, svn co http://$S/$T test ... Checked out revision 4089. but with IPv6, FAILS cat /etc/resolv.conf nameserver 2001:4860:4860::8888 nameserver 2001:4860:4860::8844 options rotate svn co http://$S/$T test ... svn: E670002: Unable to connect to a repository at URL 'http://www.nlnetlabs.nl/svn/nsd/tags/NSD_4_0_0_REL/tpkg/manual' svn: E670002: Name or service not known note, using numeric IP for SVN still works, svn co http://[2001:7b8:206:1::1]/$T test ... Checked out revision 4089. this appears to be due to a glibc bug, https://bugzilla.redhat.com/show_bug.cgi?id=841787 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627531 https://bugzilla.redhat.com/show_bug.cgi?id=804630 https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/915272 1st link has a patch, but for an different version of glibc, and on redhat Reproducible: Always Steps to Reproduce: 1. 2. 3. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 30

[Bug 864716] New: AUDIT-0: libKF5Auth4.x86_64: W: suse-dbus-unauthorized-service /etc/dbus-1/system.d/org.kde.kf5auth.conf
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

https://bugzilla.novell.com/show_bug.cgi?id=864716 https://bugzilla.novell.com/show_bug.cgi?id=864716#c0 Summary: AUDIT-0: libKF5Auth4.x86_64: W: suse-dbus-unauthorized-service /etc/dbus-1/system.d/org.kde.kf5auth.conf Classification: openSUSE Product: openSUSE Factory Version: 13.2 Milestone 0 Platform: Other OS/Version: Other Status: NEW Severity: Major Priority: P5 - None Component: Security AssignedTo: security-team(a)suse.de ReportedBy: hrvoje.senjan(a)gmail.com QAContact: qa-bugs(a)suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.91 Safari/537.36 SUSE/33.0.1750.91 Source can be found at KDE:Frameworks5/kauth. As with kinit package, code is just ported to Qt5/KF5. org.kde.kf5auth.conf was renamed from org.kde.auth.conf so it can be co-installed with kdelibs4 package(s) Thus - asking for whitelist =) Thanks! Reproducible: Always -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 83

[Bug 785121] network/bind: VUL-0: CVE-2012-5166: bind: Specially crafted RDATA causes bind to stop working
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

http://bugzilla.suse.com/show_bug.cgi?id=785121 Marcus Meissner <meissner(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Alias| |CVE-2012-5166 -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 802278] New: Update to OpenStack 2012.2.3 (including security fixes)
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

https://bugzilla.novell.com/show_bug.cgi?id=802278 https://bugzilla.novell.com/show_bug.cgi?id=802278#c0 Summary: Update to OpenStack 2012.2.3 (including security fixes) Classification: openSUSE Product: openSUSE 12.3 Version: RC 1 Platform: Other OS/Version: Other Status: NEEDINFO Severity: Normal Priority: P5 - None Component: Other AssignedTo: bnc-team-screening(a)forge.provo.novell.com ReportedBy: vuntz(a)suse.com QAContact: qa-bugs(a)suse.de InfoProvider: maintenance(a)opensuse.org Found By: --- Blocker: --- I'd like to update the following packages in 12.3: openstack-cinder, openstack-dashboard, openstack-glance, openstack-keystone, openstack-nova, openstack-quantum, openstack-swift. This is an update to the 2012.2.3 release which only contains bug fixes, as well as three security fixes (in nova, glance and keystone): https://lists.launchpad.net/openstack/msg20515.html https://lists.launchpad.net/openstack/msg20517.html https://lists.launchpad.net/openstack/msg20689.html (note that the packages have a 2012.2.4+git version; that's because we package from git, which is now tracking 2012.2.4) At the same time, we should update openstack-quickstart (to make it work in 12.3) and python-django_openstack_auth (contains compatibility fixes for 12.3). Here are links to the diffs: https://build.opensuse.org/package/rdiff?opackage=openstack-cinder&oproject… https://build.opensuse.org/package/rdiff?opackage=openstack-dashboard&oproj… https://build.opensuse.org/package/rdiff?opackage=openstack-glance&oproject… https://build.opensuse.org/package/rdiff?opackage=openstack-keystone&oproje… https://build.opensuse.org/package/rdiff?opackage=openstack-nova&oproject=o… https://build.opensuse.org/package/rdiff?opackage=openstack-quantum&oprojec… https://build.opensuse.org/package/rdiff?opackage=openstack-swift&oproject=… https://build.opensuse.org/package/rdiff?opackage=openstack-quickstart&opro… https://build.opensuse.org/package/rdiff?opackage=python-django_openstack_a… -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 17

[Bug 785121] New: network/bind: VUL-0: CVE-2012-5166: bind: Specially crafted RDATA causes bind to stop working
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

https://bugzilla.novell.com/show_bug.cgi?id=785121 https://bugzilla.novell.com/show_bug.cgi?id=785121#c0 Summary: network/bind: VUL-0: CVE-2012-5166: bind: Specially crafted RDATA causes bind to stop working Classification: openSUSE Product: openSUSE.org Version: unspecified Platform: Other URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012 -5166 OS/Version: Other Status: NEW Keywords: security_vulnerability Severity: Critical Priority: P5 - None Component: 3rd party software AssignedTo: ug(a)suse.com ReportedBy: bernhard.schmidt(a)lrz-muenchen.de QAContact: opensuse-communityscreening(a)forge.provo.novell.com Found By: --- Blocker: --- A nameserver can be locked up if it can be induced to load a specially crafted combination of resource records. CVE: CVE-2012-5166 Document Version: 2.0 Posting date: 9 October 2012 Program Impacted: BIND Versions affected: 9.2.x -> 9.6.x, 9.4-ESV->9.4-ESV-R5-P1, 9.6-ESV->9.6-ESV-R7-P3, 9.7.0->9.7.6-P3, 9.8.0->9.8.3-P3, 9.9.0->9.9.1-P3 Severity: Critical Exploitable: Remotely Please update to 9.9.1-P4 There is already #784602 for SuSE shipped packages (also not yet fixed) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 4

[Bug 757783] New: clone() with CLONE_NEWPID leaks kernel memory
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

https://bugzilla.novell.com/show_bug.cgi?id=757783 https://bugzilla.novell.com/show_bug.cgi?id=757783#c0 Summary: clone() with CLONE_NEWPID leaks kernel memory Classification: openSUSE Product: openSUSE 12.1 Version: Final Platform: x86-64 OS/Version: openSUSE 12.1 Status: NEW Severity: Critical Priority: P5 - None Component: Kernel AssignedTo: kernel-maintainers(a)forge.provo.novell.com ReportedBy: ccrssaa(a)karelia.ru QAContact: qa-bugs(a)suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:11.0) Gecko/20120312 Firefox/11.0 SeaMonkey/2.8 Server with vsftpd running started to die in agony with kswapd eating 100% cpu after upgrading to openSUSE 12.1. Turned out that vsftpd isolates each process using CLONE_NEWPID and 3.1.9-1.4 kernel does not free pid_namespace slabs. Reproducible: Always Steps to Reproduce: 1. test.c: #include <stdio.h> #include <errno.h> #include <signal.h> #include <sched.h> #include <linux/sched.h> #include <unistd.h> #include <sys/syscall.h> int main(int argc, char *argv[]) { int i, ret; for (i = 0; i < 10000; i++) { if (0 == (ret = syscall(__NR_clone, CLONE_NEWPID | CLONE_NEWIPC | CLONE_NEWNET | SIGCHLD, NULL))) return 0; if (-1 == ret) { perror("clone"); break; } } return 0; } simulates vsftpd sysdeputil.c 2. gcc -Wall test.c 3. run ./a.out as root Actual Results: # cat /proc/slabinfo | grep namespace pid_namespace 0 0 2112 3 2 : tunables 24 12 8 : slabdata 0 0 0 user_namespace 0 0 1072 7 2 : tunables 24 12 8 : slabdata 0 0 0 net_namespace 0 0 2560 3 2 : tunables 24 12 8 : slabdata 0 0 0 # ./a.out # sleep 60 # cat /proc/slabinfo | grep namespace pid_namespace 10000 10002 2112 3 2 : tunables 24 12 8 : slabdata 3334 3334 0 user_namespace 0 0 1072 7 2 : tunables 24 12 8 : slabdata 0 0 0 net_namespace 0 0 2560 3 2 : tunables 24 12 8 : slabdata 0 0 0 net_namespace slabs are freed but pid_namespace stays forever. Expected Results: # ./a.out # sleep 60 # cat /proc/slabinfo | grep namespace pid_namespace 0 0 2112 3 2 : tunables 24 12 8 : slabdata 0 0 0 net_namespace 0 0 2944 2 2 : tunables 24 12 8 : slabdata 0 0 0 TWIMC: switched from vsftpd to proftpd as a workaround. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 57

[Bug 715172] New: Review request for connman DBUS and polkit service files
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

https://bugzilla.novell.com/show_bug.cgi?id=715172 https://bugzilla.novell.com/show_bug.cgi?id=715172#c0 Summary: Review request for connman DBUS and polkit service files Classification: openSUSE Product: openSUSE 12.1 Version: Factory Platform: Other OS/Version: Other Status: NEW Severity: Major Priority: P5 - None Component: Network AssignedTo: security-team(a)suse.de ReportedBy: mvyskocil(a)suse.com QAContact: qa(a)suse.de CC: vbotka(a)suse.com Found By: --- Blocker: --- I would like to push Connection Manager (connman) to openSUSE Factory. It's the alternative of NetworkManager written by Intel for Moblin. It installs two DBUS service files and one for polkit /etc/dbus-1/system.d/connman.conf /etc/dbus-1/system.d/connman-nmcompat.conf /usr/share/polkit-1/actions/net.connman.policy Package is in home:mvyskocil:connman connman https://build.opensuse.org/package/show?package=connman&project=home%3Amvys… -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 11

[Bug 1133501] VUL-1: CVE-2019-11505: GraphicsMagick,ImageMagick: heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1133501 Swamp Workflow Management <swamp(a)suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|maint:planned:update |maint:planned:update | |obs:running:10143:moderate | |obs:running:10144:moderate -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1133498] VUL-1: CVE-2019-11506: GraphicsMagick: heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possi
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1133498 Swamp Workflow Management <swamp(a)suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard| |obs:running:10143:moderate | |obs:running:10144:moderate -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1128355] Falling or unstable test suite in python-pycurl
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1128355 Swamp Workflow Management <swamp(a)suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard| |obs:running:10138:moderate -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1127231] Finalised object warnings in tweener.js
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1127231 Swamp Workflow Management <swamp(a)suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard| |obs:running:10134:moderate -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1133313] VUL-0: chromium: multiple security fixes in 74.0.3729.108
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1133313 Swamp Workflow Management <swamp(a)suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard| |obs:running:10145:important -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 771811] postfix update does not regenerate the maps
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

http://bugzilla.suse.com/show_bug.cgi?id=771811 Swamp Workflow Management <swamp(a)suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|ibs:running:5392:low |ibs:running:5392:low |ibs:running:5391:low |ibs:running:5391:low |obs:running:10085:moderate | -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1016491] postfix raported to log "warning: group or other writable:" on each symlink in config.
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1016491 Swamp Workflow Management <swamp(a)suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|obs:running:10085:moderate | -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1133090] New: python-python-memcached update to 1.59
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1133090 Bug ID: 1133090 Summary: python-python-memcached update to 1.59 Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.3 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: bnc-team-screening(a)forge.provo.novell.com Reporter: meissner(a)suse.com QA Contact: qa-bugs(a)suse.de Found By: --- Blocker: --- python-python-memcached update to 1.59 -- You are receiving this mail because: You are on the CC list for the bug.

1 8

[Bug 1132054] VUL-0: CVE-2019-11008: GraphicsMagick,ImageMagick: a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c allows remote attackers to cause DOS or other unspecified impact
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1132054 Swamp Workflow Management <swamp(a)suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|obs:running:10088:moderate |obs:running:10088:moderate |obs:running:10098:moderate |obs:running:10098:moderate | |obs:running:10143:moderate | |obs:running:10144:moderate -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1114592] Package gcc7-info, gnat info pages, info dir section erroneous
by bugzilla_noreply＠novell.com 01 May '19

01 May '19

http://bugzilla.suse.com/show_bug.cgi?id=1114592 Swamp Workflow Management <swamp(a)suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard| |obs:running:10132:moderate -- You are receiving this mail because: You are on the CC list for the bug.

1 0