openSUSE Bugs August 2021

bugs@lists.opensuse.org

1 participants
2817 discussions

[Bug 1036208] New: GNOME:Factory/libostree: remount service not loaded on install

by bugzilla_noreply＠novell.com

http://bugzilla.opensuse.org/show_bug.cgi?id=1036208 Bug ID: 1036208 Summary: GNOME:Factory/libostree: remount service not loaded on install Classification: openSUSE Product: openSUSE.org Version: unspecified Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: 3rd party software Assignee: os.gnome.maintainers(a)gmail.com Reporter: sebix+novell.com(a)sebix.at QA Contact: opensuse-communityscreening(a)forge.provo.novell.com Found By: --- Blocker: --- During my todays zypper dup run, I got this output: ( 72/408) Installing: libostree-2017.3-1.1.x86_64 ......................................................................................................[done] Additional rpm output: Failed to disable unit: No such file or directory Failed to stop ostree-remount.service.service: Unit ostree-remount.service.service not loaded. Is this a bug? The file is there: > find /usr/lib/systemd/ -name "*ostree*" /usr/lib/systemd/system/ostree-prepare-root.service /usr/lib/systemd/system/ostree-remount.service -- You are receiving this mail because: You are on the CC list for the bug.

1 week, 1 day

[Bug 1176388] New: OMEMO plugin for Tumbleweed doesn't work

by bugzilla_noreply＠suse.com

http://bugzilla.opensuse.org/show_bug.cgi?id=1176388 Bug ID: 1176388 Summary: OMEMO plugin for Tumbleweed doesn't work Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: x86-64 OS: openSUSE Tumbleweed Status: NEW Severity: Normal Priority: P5 - None Component: Network Assignee: screening-team-bugs(a)suse.de Reporter: opensuse(a)trummer.xyz QA Contact: qa-bugs(a)suse.de Found By: --- Blocker: --- (from https://build.opensuse.org/package/show/network/gajim#comment-1305719 ) It seems that Gajim 1.2 doesn't work with the old OMEMO plugin version 2.6.29 anymore. The easiest way would be to just update the plugin to the latest version for the 1.2 branch - 2.6.80, see https://dev.gajim.org/gajim/gajim-plugins/-/blob/master/README.md But the Gajim 1.1 branch that Leap 15.2 and 15.1 have only works with the plugin until version 2.6.30: https://dev.gajim.org/gajim/gajim-plugins/-/blob/gajim_1.1/omemo/CHANGELOG -- You are receiving this mail because: You are on the CC list for the bug.

1 week, 1 day

[Bug 1183669] New: AUDIT-0: pleaser: security audit for permissions-file-setuid-bit

by bugzilla_noreply＠suse.com

http://bugzilla.opensuse.org/show_bug.cgi?id=1183669 Bug ID: 1183669 Summary: AUDIT-0: pleaser: security audit for permissions-file-setuid-bit Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team(a)suse.de Reporter: ed-suse.com(a)s5h.net QA Contact: qa-bugs(a)suse.de Found By: --- Blocker: --- Hello, Would you mind performing a security review for me? please is a memory safe sudo alternative that focuses on assigning rules with familiar regex syntax. The pacakge is at https://build.opensuse.org/package/show/home:eneville/pleaser. Upstream source is at https://gitlab.com/edneville/please The message from the build service is: [ 174s] please.x86_64: E: permissions-file-setuid-bit (Badness: 10) /usr/bin/please is packaged with setuid/setgid bits (04755) [ 174s] please.x86_64: E: permissions-file-setuid-bit (Badness: 10) /usr/bin/pleaseedit is packaged with setuid/setgid bits (04755) [ 174s] If the package is intended for inclusion in any SUSE product please open a [ 174s] bug report to request review of the package by the security team. Please [ 174s] refer to [ 174s] https://en.opensuse.org/openSUSE:Package_security_guidelines#audit_bugs for [ 174s] more information. Thank you very much in advance. Ed Neville -- You are receiving this mail because: You are on the CC list for the bug.

1 week, 4 days

[Bug 1189423] New: VUL-0: tensorflow2: update to 2.6.0, multiple CVEs

by bugzilla_noreply＠suse.com

https://bugzilla.suse.com/show_bug.cgi?id=1189423 Bug ID: 1189423 Summary: VUL-0: tensorflow2: update to 2.6.0, multiple CVEs Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.2 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Other Assignee: cgoll(a)suse.com Reporter: gabriele.sonnu(a)suse.com QA Contact: security-team(a)suse.de Found By: --- Blocker: --- excerpt from the changelog: Security Fixes a heap out of bounds access in sparse reduction operations (CVE-2021-37635) Fixes a floating point exception in SparseDenseCwiseDiv (CVE-2021-37636) Fixes a null pointer dereference in CompressElement (CVE-2021-37637) Fixes a null pointer dereference in RaggedTensorToTensor (CVE-2021-37638) Fixes a null pointer dereference and a heap OOB read arising from operations restoring tensors (CVE-2021-37639) Fixes an integer division by 0 in sparse reshaping (CVE-2021-37640) Fixes a division by 0 in ResourceScatterDiv (CVE-2021-37642) Fixes a heap OOB in RaggedGather (CVE-2021-37641) Fixes a std::abort raised from TensorListReserve (CVE-2021-37644) Fixes a null pointer dereference in MatrixDiagPartOp (CVE-2021-37643) Fixes an integer overflow due to conversion to unsigned (CVE-2021-37645) Fixes a bad allocation error in StringNGrams caused by integer conversion (CVE-2021-37646) Fixes a null pointer dereference in SparseTensorSliceDataset (CVE-2021-37647) Fixes an incorrect validation of SaveV2 inputs (CVE-2021-37648) Fixes a null pointer dereference in UncompressElement (CVE-2021-37649) Fixes a segfault and a heap buffer overflow in {Experimental,}DatasetToTFRecord (CVE-2021-37650) Fixes a heap buffer overflow in FractionalAvgPoolGrad (CVE-2021-37651) Fixes a use after free in boosted trees creation (CVE-2021-37652) Fixes a division by 0 in ResourceGather (CVE-2021-37653) Fixes a heap OOB and a CHECK fail in ResourceGather (CVE-2021-37654) Fixes a heap OOB in ResourceScatterUpdate (CVE-2021-37655) Fixes an undefined behavior arising from reference binding to nullptr in RaggedTensorToSparse (CVE-2021-37656) Fixes an undefined behavior arising from reference binding to nullptr in MatrixDiagV* ops (CVE-2021-37657) Fixes an undefined behavior arising from reference binding to nullptr in MatrixSetDiagV* ops (CVE-2021-37658) Fixes an undefined behavior arising from reference binding to nullptr and heap OOB in binary cwise ops (CVE-2021-37659) Fixes a division by 0 in inplace operations (CVE-2021-37660) Fixes a crash caused by integer conversion to unsigned (CVE-2021-37661) Fixes an undefined behavior arising from reference binding to nullptr in boosted trees (CVE-2021-37662) Fixes a heap OOB in boosted trees (CVE-2021-37664) Fixes vulnerabilities arising from incomplete validation in QuantizeV2 (CVE-2021-37663) Fixes vulnerabilities arising from incomplete validation in MKL requantization (CVE-2021-37665) Fixes an undefined behavior arising from reference binding to nullptr in RaggedTensorToVariant (CVE-2021-37666) Fixes an undefined behavior arising from reference binding to nullptr in unicode encoding (CVE-2021-37667) Fixes an FPE in tf.raw_ops.UnravelIndex (CVE-2021-37668) Fixes a crash in NMS ops caused by integer conversion to unsigned (CVE-2021-37669) Fixes a heap OOB in UpperBound and LowerBound (CVE-2021-37670) Fixes an undefined behavior arising from reference binding to nullptr in map operations (CVE-2021-37671) Fixes a heap OOB in SdcaOptimizerV2 (CVE-2021-37672) Fixes a CHECK-fail in MapStage (CVE-2021-37673) Fixes a vulnerability arising from incomplete validation in MaxPoolGrad (CVE-2021-37674) Fixes an undefined behavior arising from reference binding to nullptr in shape inference (CVE-2021-37676) Fixes a division by 0 in most convolution operators (CVE-2021-37675) Fixes vulnerabilities arising from missing validation in shape inference for Dequantize (CVE-2021-37677) Fixes an arbitrary code execution due to YAML deserialization (CVE-2021-37678) Fixes a heap OOB in nested tf.map_fn with RaggedTensors (CVE-2021-37679) Fixes a division by zero in TFLite (CVE-2021-37680) Fixes an NPE in TFLite (CVE-2021-37681) Fixes a vulnerability arising from use of unitialized value in TFLite (CVE-2021-37682) Fixes an FPE in TFLite division operations (CVE-2021-37683) Fixes an FPE in TFLite pooling operations (CVE-2021-37684) Fixes an infinite loop in TFLite (CVE-2021-37686) Fixes a heap OOB in TFLite (CVE-2021-37685) Fixes a heap OOB in TFLite's Gather* implementations (CVE-2021-37687) Fixes an undefined behavior arising from null pointer dereference in TFLite (CVE-2021-37688) Fixes an undefined behavior arising from null pointer dereference in TFLite MLIR optimizations (CVE-2021-37689) Fixes a FPE in LSH in TFLite (CVE-2021-37691) Fixes a segfault on strings tensors with mismatched dimensions, arising in Go code (CVE-2021-37692) Fixes a use after free and a potential segfault in shape inference functions (CVE-2021-37690) -- You are receiving this mail because: You are on the CC list for the bug.

1 week, 4 days

[Bug 1170826] New: Go packages miss binutils-gold dependency

by bugzilla_noreply＠novell.com

http://bugzilla.opensuse.org/show_bug.cgi?id=1170826 Bug ID: 1170826 Summary: Go packages miss binutils-gold dependency Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: aarch64 OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Development Assignee: screening-team-bugs(a)suse.de Reporter: guillaume.gardet(a)arm.com QA Contact: qa-bugs(a)suse.de Found By: --- Blocker: --- On arm and aarch64, 'go' requires 'binutils-gold' dependency at runtime, but go packages only require it as BuildRequires. So, binutils-gold must be installed manually, which breaks some builds in OBS, such as rclone [0]. Without 'binutils-gold', we ge the following error: [ 138s] /usr/lib64/go/1.11/pkg/tool/linux_arm64/link: running gcc failed: exit status 1 [ 138s] collect2: fatal error: cannot find 'ld' So, we need to add 'Requires: binutils-gold' to all go1.x packages. [0]: https://build.opensuse.org/package/show/network/rclone -- You are receiving this mail because: You are on the CC list for the bug.

1 week, 5 days

[Bug 1173720] New: No sound after upgrade from Leap 15.1

by bugzilla_noreply＠suse.com

http://bugzilla.opensuse.org/show_bug.cgi?id=1173720 Bug ID: 1173720 Summary: No sound after upgrade from Leap 15.1 Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.2 Hardware: x86-64 OS: SUSE Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: screening-team-bugs(a)suse.de Reporter: alberto.zacchetti(a)tiscali.it QA Contact: qa-bugs(a)suse.de Found By: --- Blocker: --- After upgrading from Leap 15.1 to Leap 15.2, the system no longer plays any sound (even from Yast sound setting) although the snd-hda-intel driver appears to be loaded. The chipset is a C600/X79 and it worked wonderfully on Leap 15.1. Now in Yast I see all the volume controls, but I don't hear any sound on headphones. Also in KDE the only item that appears is the digital output (which I can't verify) while every other analog output has disappeared. -- You are receiving this mail because: You are on the CC list for the bug.

1 week, 5 days

[Bug 1179584] New: Installing python3-gobject but not python3-cairo breaks `pip3 check`

by bugzilla_noreply＠suse.com

http://bugzilla.opensuse.org/show_bug.cgi?id=1179584 Bug ID: 1179584 Summary: Installing python3-gobject but not python3-cairo breaks `pip3 check` Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.2 Hardware: Other OS: openSUSE Leap 15.2 Status: NEW Severity: Normal Priority: P5 - None Component: Other Assignee: screening-team-bugs(a)suse.de Reporter: me(a)manueljacob.de QA Contact: qa-bugs(a)suse.de Found By: --- Blocker: --- Setup: zypper install -y python3-pip python3-gobject Expected behavior: `pip3 check` succeeds and prints ��No broken requirements found.��. Actual behavior: `pip3 check` fails and prints ��pygobject 3.34.0 requires pycairo, which is not installed.��. Workaround: Install package python3-cairo. -- You are receiving this mail because: You are on the CC list for the bug.

1 week, 6 days

[Bug 1185647] New: GNOME Software not updating RPM packages

by bugzilla_noreply＠suse.com

http://bugzilla.opensuse.org/show_bug.cgi?id=1185647 Bug ID: 1185647 Summary: GNOME Software not updating RPM packages Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: MicroOS Assignee: kubic-bugs(a)opensuse.org Reporter: dfaggioli(a)suse.com QA Contact: qa-bugs(a)suse.de Found By: --- Blocker: --- So, with Snapshot 20210427, pkcon now works for installing packages, e.g., from a terminal (although, it does follow weak dependencies, but that's another issue). However, updating via GNOME Software does not work yet. So, this is the situation right after install: dario@localhost:~> sudo snapper list # | Type | Pre # | Date | User | Used Space | Cleanup | Description | Userdata ---+--------+-------+---------------------------------+------+------------+---------+-----------------------+-------------- 0 | single | | | root | | | current | 1* | single | | Wed 05 May 2021 07:17:32 AM UTC | root | 43.02 MiB | | first root filesystem | 2 | single | | Wed 05 May 2021 07:24:05 AM UTC | root | 36.47 MiB | number | after installation | important=yes In GNOME Software, I see the notification of some updates, I can go to the proper tab, click 'Download' and then click 'Restart & Install'. At which point, on the GUI, I see this error message: "Unable to install updates: GDBus.Error:org.gtk.GDBus.UnmappedGError.Quark._pk_2dengine_2derror-2dquark.Code1:Failed to create symlink: Read-only file system" If I go ahead, after the reboot, the updates have not been installed. This is the status of system snapshots: dario@localhost:~> sudo snapper list [sudo] password for root: # | Type | Pre # | Date | User | Used Space | Cleanup | Description | Userdata ---+--------+-------+---------------------------------+------+------------+---------+-----------------------+------------------------------------- 0 | single | | | root | | | current | 1* | single | | Wed 05 May 2021 07:17:32 AM UTC | root | 144.00 KiB | | first root filesystem | 2 | single | | Wed 05 May 2021 07:24:05 AM UTC | root | 36.47 MiB | number | after installation | important=yes 3 | single | | Wed 05 May 2021 10:51:00 AM UTC | root | 19.75 MiB | | Snapshot Update of #1 | transactional-update-in-progress=yes 4 | single | | Wed 05 May 2021 10:55:47 AM UTC | root | 19.75 MiB | | Snapshot Update of #1 | transactional-update-in-progress=yes 5 | single | | Wed 05 May 2021 11:06:10 AM UTC | root | 19.75 MiB | | Snapshot Update of #1 | transactional-update-in-progress=yes 6 | single | | Wed 05 May 2021 11:06:48 AM UTC | root | 160.00 KiB | | Snapshot Update of #1 | transactional-update-in-progress=yes In journalctl, I see a bunch of lines like these: May 05 11:07:19 localhost.localdomain systemd[1706]: \x2esnapshots-6-snapshot-.snapshots.mount: Succeeded. May 05 11:07:19 localhost.localdomain systemd[1706]: \x2esnapshots-6-snapshot-boot-writable.mount: Succeeded. May 05 11:07:19 localhost.localdomain systemd[1706]: \x2esnapshots-6-snapshot-root.mount: Succeeded. May 05 11:07:19 localhost.localdomain systemd[1706]: \x2esnapshots-6-snapshot-sys-fs-fuse-connections.mount: Succeeded. May 05 11:07:19 localhost.localdomain systemd[1706]: \x2esnapshots-6-snapshot-sys-kernel-config.mount: Succeeded. May 05 11:07:19 localhost.localdomain systemd[1706]: \x2esnapshots-6-snapshot-sys-kernel-tracing.mount: Succeeded. May 05 11:07:19 localhost.localdomain systemd[1706]: \x2esnapshots-6-snapshot-sys.mount: Succeeded. May 05 11:07:19 localhost.localdomain systemd[1706]: tmp-transactional\x2dupdate\x2djNF9Qy-proc.mount: Succeeded. May 05 11:07:19 localhost.localdomain systemd[1706]: tmp-transactional\x2dupdate\x2djNF9Qy-dev.mount: Succeeded. May 05 11:07:19 localhost.localdomain systemd[1706]: tmp-transactional\x2dupdate\x2djNF9Qy-sys-kernel-config.mount: Succeeded. May 05 11:07:19 localhost.localdomain systemd[1706]: tmp-transactional\x2dupdate\x2djNF9Qy-sys-kernel-tracing.mount: Succeeded. May 05 11:07:19 localhost.localdomain systemd[1706]: tmp-transactional\x2dupdate\x2djNF9Qy-sys-kernel-debug.mount: Succeeded. May 05 11:07:19 localhost.localdomain systemd[1706]: tmp-transactional\x2dupdate\x2djNF9Qy-sys-fs-selinux.mount: Succeeded. May 05 11:07:19 localhost.localdomain systemd[1706]: tmp-transactional\x2dupdate\x2djNF9Qy-sys-fs-bpf.mount: Succeeded. May 05 11:07:19 localhost.localdomain systemd[1706]: tmp-transactional\x2dupdate\x2djNF9Qy-sys-fs-pstore.mount: Succeeded. May 05 11:07:19 localhost.localdomain systemd[1706]: tmp-transactional\x2dupdate\x2djNF9Qy-sys-fs-cgroup.mount: Succeeded. May 05 11:07:19 localhost.localdomain systemd[1706]: tmp-transactional\x2dupdate\x2djNF9Qy-sys-kernel-security.mount: Succeeded. May 05 11:07:19 localhost.localdomain systemd[1706]: tmp-transactional\x2dupdate\x2djNF9Qy-sys-fs-fuse-connections.mount: Succeeded. May 05 11:07:19 localhost.localdomain systemd[1706]: tmp-transactional\x2dupdate\x2djNF9Qy-sys.mount: Succeeded. May 05 11:07:19 localhost.localdomain systemd[1706]: tmp-transactional\x2dupdate\x2djNF9Qy.mount: Succeeded. PackageKit logs does not seem to me to contain anything related to this operation, but I'm happy to provide further info. After a few seconds, `snapper list` is slightly different (probably due to the fact that, right after boot, packagekit was scanning for updates): dario@localhost:~> sudo snapper list # | Type | Pre # | Date | User | Used Space | Cleanup | Description | Userdata ---+--------+-------+---------------------------------+------+------------+---------+-----------------------+------------------------------------- 0 | single | | | root | | | current | 1* | single | | Wed 05 May 2021 07:17:32 AM UTC | root | 19.72 MiB | | first root filesystem | 2 | single | | Wed 05 May 2021 07:24:05 AM UTC | root | 36.47 MiB | number | after installation | important=yes 3 | single | | Wed 05 May 2021 10:51:00 AM UTC | root | 19.75 MiB | | Snapshot Update of #1 | transactional-update-in-progress=yes 4 | single | | Wed 05 May 2021 10:55:47 AM UTC | root | 19.75 MiB | | Snapshot Update of #1 | transactional-update-in-progress=yes 5 | single | | Wed 05 May 2021 11:06:10 AM UTC | root | 19.75 MiB | | Snapshot Update of #1 | transactional-update-in-progress=yes Of course, the expected results would be that packages are actually updated/installed. -- You are receiving this mail because: You are on the CC list for the bug.

1 week, 6 days

[Bug 1181533] New: Is not possible to set date with UTC format and 2038 year using hwclock

by bugzilla_noreply＠suse.com

https://bugzilla.suse.com/show_bug.cgi?id=1181533 Bug ID: 1181533 Summary: Is not possible to set date with UTC format and 2038 year using hwclock Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: x86-64 OS: openSUSE Tumbleweed Status: NEW Severity: Major Priority: P5 - None Component: Basesystem Assignee: screening-team-bugs(a)suse.de Reporter: ionut_n2001(a)yahoo.com QA Contact: qa-bugs(a)suse.de Found By: --- Blocker: --- Hi SUSE Team, I try to set date with UTC format and 2038 Year. This is not working. Steps for reproduce: # date -s "Jan 20 15:42:59 UTC 2038" # hwclock -w # hwclock -s hwclock: settimeofday() failed: Invalid argument -- You are receiving this mail because: You are on the CC list for the bug.

1 week, 6 days

[Bug 1176233] New: Unable to install nvidia driver 450.66

by bugzilla_noreply＠suse.com

http://bugzilla.opensuse.org/show_bug.cgi?id=1176233 Bug ID: 1176233 Summary: Unable to install nvidia driver 450.66 Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: x86-64 OS: openSUSE Tumbleweed Status: NEW Severity: Critical Priority: P5 - None Component: Kernel Assignee: kernel-bugs(a)opensuse.org Reporter: juergen-fuhrmann(a)web.de QA Contact: qa-bugs(a)suse.de Found By: --- Blocker: --- Hi on a fresh install of tumbleweed (kernel 5.8) (and btw also on Leap 15.2 with Kernel 5.3) the nvidia driver 450.66 installation fails. The culprit seems to be that the make system complains about missing scripts/Makefile.kcsan Trying to report this to nvidia as well... -- You are receiving this mail because: You are on the CC list for the bug.

2 weeks

Jump to page:

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openSUSE Bugs August 2021