http://bugzilla.opensuse.org/show_bug.cgi?id=1036208
Bug ID: 1036208
Summary: GNOME:Factory/libostree: remount service not loaded on
install
Classification: openSUSE
Product: openSUSE.org
Version: unspecified
Hardware: Other
OS: Other
Status: NEW
Severity: Normal
Priority: P5 - None
Component: 3rd party software
Assignee: os.gnome.maintainers(a)gmail.com
Reporter: sebix+novell.com(a)sebix.at
QA Contact: opensuse-communityscreening(a)forge.provo.novell.com
Found By: ---
Blocker: ---
During my todays zypper dup run, I got this output:
( 72/408) Installing: libostree-2017.3-1.1.x86_64
......................................................................................................[done]
Additional rpm output:
Failed to disable unit: No such file or directory
Failed to stop ostree-remount.service.service: Unit
ostree-remount.service.service not loaded.
Is this a bug? The file is there:
> find /usr/lib/systemd/ -name "*ostree*"
/usr/lib/systemd/system/ostree-prepare-root.service
/usr/lib/systemd/system/ostree-remount.service
--
You are receiving this mail because:
You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1183669
Bug ID: 1183669
Summary: AUDIT-0: pleaser: security audit for
permissions-file-setuid-bit
Classification: openSUSE
Product: openSUSE Tumbleweed
Version: Current
Hardware: Other
OS: Other
Status: NEW
Severity: Normal
Priority: P5 - None
Component: Security
Assignee: security-team(a)suse.de
Reporter: ed-suse.com(a)s5h.net
QA Contact: qa-bugs(a)suse.de
Found By: ---
Blocker: ---
Hello,
Would you mind performing a security review for me?
please is a memory safe sudo alternative that focuses on assigning rules with
familiar regex syntax.
The pacakge is at
https://build.opensuse.org/package/show/home:eneville/pleaser.
Upstream source is at https://gitlab.com/edneville/please
The message from the build service is:
[ 174s] please.x86_64: E: permissions-file-setuid-bit (Badness: 10)
/usr/bin/please is packaged with setuid/setgid bits (04755)
[ 174s] please.x86_64: E: permissions-file-setuid-bit (Badness: 10)
/usr/bin/pleaseedit is packaged with setuid/setgid bits (04755)
[ 174s] If the package is intended for inclusion in any SUSE product
please open a
[ 174s] bug report to request review of the package by the security team.
Please
[ 174s] refer to
[ 174s]
https://en.opensuse.org/openSUSE:Package_security_guidelines#audit_bugs for
[ 174s] more information.
Thank you very much in advance.
Ed Neville
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1189423
Bug ID: 1189423
Summary: VUL-0: tensorflow2: update to 2.6.0, multiple CVEs
Classification: openSUSE
Product: openSUSE Distribution
Version: Leap 15.2
Hardware: Other
OS: Other
Status: NEW
Severity: Normal
Priority: P5 - None
Component: Other
Assignee: cgoll(a)suse.com
Reporter: gabriele.sonnu(a)suse.com
QA Contact: security-team(a)suse.de
Found By: ---
Blocker: ---
excerpt from the changelog:
Security
Fixes a heap out of bounds access in sparse reduction operations
(CVE-2021-37635)
Fixes a floating point exception in SparseDenseCwiseDiv (CVE-2021-37636)
Fixes a null pointer dereference in CompressElement (CVE-2021-37637)
Fixes a null pointer dereference in RaggedTensorToTensor (CVE-2021-37638)
Fixes a null pointer dereference and a heap OOB read arising from
operations restoring tensors (CVE-2021-37639)
Fixes an integer division by 0 in sparse reshaping (CVE-2021-37640)
Fixes a division by 0 in ResourceScatterDiv (CVE-2021-37642)
Fixes a heap OOB in RaggedGather (CVE-2021-37641)
Fixes a std::abort raised from TensorListReserve (CVE-2021-37644)
Fixes a null pointer dereference in MatrixDiagPartOp (CVE-2021-37643)
Fixes an integer overflow due to conversion to unsigned (CVE-2021-37645)
Fixes a bad allocation error in StringNGrams caused by integer conversion
(CVE-2021-37646)
Fixes a null pointer dereference in SparseTensorSliceDataset
(CVE-2021-37647)
Fixes an incorrect validation of SaveV2 inputs (CVE-2021-37648)
Fixes a null pointer dereference in UncompressElement (CVE-2021-37649)
Fixes a segfault and a heap buffer overflow in
{Experimental,}DatasetToTFRecord (CVE-2021-37650)
Fixes a heap buffer overflow in FractionalAvgPoolGrad (CVE-2021-37651)
Fixes a use after free in boosted trees creation (CVE-2021-37652)
Fixes a division by 0 in ResourceGather (CVE-2021-37653)
Fixes a heap OOB and a CHECK fail in ResourceGather (CVE-2021-37654)
Fixes a heap OOB in ResourceScatterUpdate (CVE-2021-37655)
Fixes an undefined behavior arising from reference binding to nullptr in
RaggedTensorToSparse (CVE-2021-37656)
Fixes an undefined behavior arising from reference binding to nullptr in
MatrixDiagV* ops (CVE-2021-37657)
Fixes an undefined behavior arising from reference binding to nullptr in
MatrixSetDiagV* ops (CVE-2021-37658)
Fixes an undefined behavior arising from reference binding to nullptr and
heap OOB in binary cwise ops (CVE-2021-37659)
Fixes a division by 0 in inplace operations (CVE-2021-37660)
Fixes a crash caused by integer conversion to unsigned (CVE-2021-37661)
Fixes an undefined behavior arising from reference binding to nullptr in
boosted trees (CVE-2021-37662)
Fixes a heap OOB in boosted trees (CVE-2021-37664)
Fixes vulnerabilities arising from incomplete validation in QuantizeV2
(CVE-2021-37663)
Fixes vulnerabilities arising from incomplete validation in MKL
requantization (CVE-2021-37665)
Fixes an undefined behavior arising from reference binding to nullptr in
RaggedTensorToVariant (CVE-2021-37666)
Fixes an undefined behavior arising from reference binding to nullptr in
unicode encoding (CVE-2021-37667)
Fixes an FPE in tf.raw_ops.UnravelIndex (CVE-2021-37668)
Fixes a crash in NMS ops caused by integer conversion to unsigned
(CVE-2021-37669)
Fixes a heap OOB in UpperBound and LowerBound (CVE-2021-37670)
Fixes an undefined behavior arising from reference binding to nullptr in
map operations (CVE-2021-37671)
Fixes a heap OOB in SdcaOptimizerV2 (CVE-2021-37672)
Fixes a CHECK-fail in MapStage (CVE-2021-37673)
Fixes a vulnerability arising from incomplete validation in MaxPoolGrad
(CVE-2021-37674)
Fixes an undefined behavior arising from reference binding to nullptr in
shape inference (CVE-2021-37676)
Fixes a division by 0 in most convolution operators (CVE-2021-37675)
Fixes vulnerabilities arising from missing validation in shape inference
for Dequantize (CVE-2021-37677)
Fixes an arbitrary code execution due to YAML deserialization
(CVE-2021-37678)
Fixes a heap OOB in nested tf.map_fn with RaggedTensors (CVE-2021-37679)
Fixes a division by zero in TFLite (CVE-2021-37680)
Fixes an NPE in TFLite (CVE-2021-37681)
Fixes a vulnerability arising from use of unitialized value in TFLite
(CVE-2021-37682)
Fixes an FPE in TFLite division operations (CVE-2021-37683)
Fixes an FPE in TFLite pooling operations (CVE-2021-37684)
Fixes an infinite loop in TFLite (CVE-2021-37686)
Fixes a heap OOB in TFLite (CVE-2021-37685)
Fixes a heap OOB in TFLite's Gather* implementations (CVE-2021-37687)
Fixes an undefined behavior arising from null pointer dereference in TFLite
(CVE-2021-37688)
Fixes an undefined behavior arising from null pointer dereference in TFLite
MLIR optimizations (CVE-2021-37689)
Fixes a FPE in LSH in TFLite (CVE-2021-37691)
Fixes a segfault on strings tensors with mismatched dimensions, arising in
Go code (CVE-2021-37692)
Fixes a use after free and a potential segfault in shape inference
functions (CVE-2021-37690)
--
You are receiving this mail because:
You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1170826
Bug ID: 1170826
Summary: Go packages miss binutils-gold dependency
Classification: openSUSE
Product: openSUSE Tumbleweed
Version: Current
Hardware: aarch64
OS: Other
Status: NEW
Severity: Normal
Priority: P5 - None
Component: Development
Assignee: screening-team-bugs(a)suse.de
Reporter: guillaume.gardet(a)arm.com
QA Contact: qa-bugs(a)suse.de
Found By: ---
Blocker: ---
On arm and aarch64, 'go' requires 'binutils-gold' dependency at runtime, but go
packages only require it as BuildRequires. So, binutils-gold must be installed
manually, which breaks some builds in OBS, such as rclone [0].
Without 'binutils-gold', we ge the following error:
[ 138s] /usr/lib64/go/1.11/pkg/tool/linux_arm64/link: running gcc failed: exit
status 1
[ 138s] collect2: fatal error: cannot find 'ld'
So, we need to add 'Requires: binutils-gold' to all go1.x packages.
[0]: https://build.opensuse.org/package/show/network/rclone
--
You are receiving this mail because:
You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1173720
Bug ID: 1173720
Summary: No sound after upgrade from Leap 15.1
Classification: openSUSE
Product: openSUSE Distribution
Version: Leap 15.2
Hardware: x86-64
OS: SUSE Other
Status: NEW
Severity: Normal
Priority: P5 - None
Component: Basesystem
Assignee: screening-team-bugs(a)suse.de
Reporter: alberto.zacchetti(a)tiscali.it
QA Contact: qa-bugs(a)suse.de
Found By: ---
Blocker: ---
After upgrading from Leap 15.1 to Leap 15.2, the system no longer plays any
sound (even from Yast sound setting) although the snd-hda-intel driver appears
to be loaded. The chipset is a C600/X79 and it worked wonderfully on Leap 15.1.
Now in Yast I see all the volume controls, but I don't hear any sound on
headphones. Also in KDE the only item that appears is the digital output (which
I can't verify) while every other analog output has disappeared.
--
You are receiving this mail because:
You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1179584
Bug ID: 1179584
Summary: Installing python3-gobject but not python3-cairo
breaks `pip3 check`
Classification: openSUSE
Product: openSUSE Distribution
Version: Leap 15.2
Hardware: Other
OS: openSUSE Leap 15.2
Status: NEW
Severity: Normal
Priority: P5 - None
Component: Other
Assignee: screening-team-bugs(a)suse.de
Reporter: me(a)manueljacob.de
QA Contact: qa-bugs(a)suse.de
Found By: ---
Blocker: ---
Setup:
zypper install -y python3-pip python3-gobject
Expected behavior:
`pip3 check` succeeds and prints ���No broken requirements found.���.
Actual behavior:
`pip3 check` fails and prints ���pygobject 3.34.0 requires pycairo, which is not
installed.���.
Workaround:
Install package python3-cairo.
--
You are receiving this mail because:
You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1185647
Bug ID: 1185647
Summary: GNOME Software not updating RPM packages
Classification: openSUSE
Product: openSUSE Tumbleweed
Version: Current
Hardware: Other
OS: Other
Status: NEW
Severity: Normal
Priority: P5 - None
Component: MicroOS
Assignee: kubic-bugs(a)opensuse.org
Reporter: dfaggioli(a)suse.com
QA Contact: qa-bugs(a)suse.de
Found By: ---
Blocker: ---
So, with Snapshot 20210427, pkcon now works for installing packages, e.g., from
a terminal (although, it does follow weak dependencies, but that's another
issue).
However, updating via GNOME Software does not work yet.
So, this is the situation right after install:
dario@localhost:~> sudo snapper list
# | Type | Pre # | Date | User | Used Space |
Cleanup | Description | Userdata
---+--------+-------+---------------------------------+------+------------+---------+-----------------------+--------------
0 | single | | | root | |
| current |
1* | single | | Wed 05 May 2021 07:17:32 AM UTC | root | 43.02 MiB |
| first root filesystem |
2 | single | | Wed 05 May 2021 07:24:05 AM UTC | root | 36.47 MiB |
number | after installation | important=yes
In GNOME Software, I see the notification of some updates, I can go to the
proper tab, click 'Download' and then click 'Restart & Install'. At which
point, on the GUI, I see this error message:
"Unable to install updates:
GDBus.Error:org.gtk.GDBus.UnmappedGError.Quark._pk_2dengine_2derror-2dquark.Code1:Failed
to create symlink: Read-only file system"
If I go ahead, after the reboot, the updates have not been installed. This is
the status of system snapshots:
dario@localhost:~> sudo snapper list
[sudo] password for root:
# | Type | Pre # | Date | User | Used Space |
Cleanup | Description | Userdata
---+--------+-------+---------------------------------+------+------------+---------+-----------------------+-------------------------------------
0 | single | | | root | |
| current |
1* | single | | Wed 05 May 2021 07:17:32 AM UTC | root | 144.00 KiB |
| first root filesystem |
2 | single | | Wed 05 May 2021 07:24:05 AM UTC | root | 36.47 MiB |
number | after installation | important=yes
3 | single | | Wed 05 May 2021 10:51:00 AM UTC | root | 19.75 MiB |
| Snapshot Update of #1 | transactional-update-in-progress=yes
4 | single | | Wed 05 May 2021 10:55:47 AM UTC | root | 19.75 MiB |
| Snapshot Update of #1 | transactional-update-in-progress=yes
5 | single | | Wed 05 May 2021 11:06:10 AM UTC | root | 19.75 MiB |
| Snapshot Update of #1 | transactional-update-in-progress=yes
6 | single | | Wed 05 May 2021 11:06:48 AM UTC | root | 160.00 KiB |
| Snapshot Update of #1 | transactional-update-in-progress=yes
In journalctl, I see a bunch of lines like these:
May 05 11:07:19 localhost.localdomain systemd[1706]:
\x2esnapshots-6-snapshot-.snapshots.mount: Succeeded.
May 05 11:07:19 localhost.localdomain systemd[1706]:
\x2esnapshots-6-snapshot-boot-writable.mount: Succeeded.
May 05 11:07:19 localhost.localdomain systemd[1706]:
\x2esnapshots-6-snapshot-root.mount: Succeeded.
May 05 11:07:19 localhost.localdomain systemd[1706]:
\x2esnapshots-6-snapshot-sys-fs-fuse-connections.mount: Succeeded.
May 05 11:07:19 localhost.localdomain systemd[1706]:
\x2esnapshots-6-snapshot-sys-kernel-config.mount: Succeeded.
May 05 11:07:19 localhost.localdomain systemd[1706]:
\x2esnapshots-6-snapshot-sys-kernel-tracing.mount: Succeeded.
May 05 11:07:19 localhost.localdomain systemd[1706]:
\x2esnapshots-6-snapshot-sys.mount: Succeeded.
May 05 11:07:19 localhost.localdomain systemd[1706]:
tmp-transactional\x2dupdate\x2djNF9Qy-proc.mount: Succeeded.
May 05 11:07:19 localhost.localdomain systemd[1706]:
tmp-transactional\x2dupdate\x2djNF9Qy-dev.mount: Succeeded.
May 05 11:07:19 localhost.localdomain systemd[1706]:
tmp-transactional\x2dupdate\x2djNF9Qy-sys-kernel-config.mount: Succeeded.
May 05 11:07:19 localhost.localdomain systemd[1706]:
tmp-transactional\x2dupdate\x2djNF9Qy-sys-kernel-tracing.mount: Succeeded.
May 05 11:07:19 localhost.localdomain systemd[1706]:
tmp-transactional\x2dupdate\x2djNF9Qy-sys-kernel-debug.mount: Succeeded.
May 05 11:07:19 localhost.localdomain systemd[1706]:
tmp-transactional\x2dupdate\x2djNF9Qy-sys-fs-selinux.mount: Succeeded.
May 05 11:07:19 localhost.localdomain systemd[1706]:
tmp-transactional\x2dupdate\x2djNF9Qy-sys-fs-bpf.mount: Succeeded.
May 05 11:07:19 localhost.localdomain systemd[1706]:
tmp-transactional\x2dupdate\x2djNF9Qy-sys-fs-pstore.mount: Succeeded.
May 05 11:07:19 localhost.localdomain systemd[1706]:
tmp-transactional\x2dupdate\x2djNF9Qy-sys-fs-cgroup.mount: Succeeded.
May 05 11:07:19 localhost.localdomain systemd[1706]:
tmp-transactional\x2dupdate\x2djNF9Qy-sys-kernel-security.mount: Succeeded.
May 05 11:07:19 localhost.localdomain systemd[1706]:
tmp-transactional\x2dupdate\x2djNF9Qy-sys-fs-fuse-connections.mount: Succeeded.
May 05 11:07:19 localhost.localdomain systemd[1706]:
tmp-transactional\x2dupdate\x2djNF9Qy-sys.mount: Succeeded.
May 05 11:07:19 localhost.localdomain systemd[1706]:
tmp-transactional\x2dupdate\x2djNF9Qy.mount: Succeeded.
PackageKit logs does not seem to me to contain anything related to this
operation, but I'm happy to provide further info.
After a few seconds, `snapper list` is slightly different (probably due to the
fact that, right after boot, packagekit was scanning for updates):
dario@localhost:~> sudo snapper list
# | Type | Pre # | Date | User | Used Space |
Cleanup | Description | Userdata
---+--------+-------+---------------------------------+------+------------+---------+-----------------------+-------------------------------------
0 | single | | | root | |
| current |
1* | single | | Wed 05 May 2021 07:17:32 AM UTC | root | 19.72 MiB |
| first root filesystem |
2 | single | | Wed 05 May 2021 07:24:05 AM UTC | root | 36.47 MiB |
number | after installation | important=yes
3 | single | | Wed 05 May 2021 10:51:00 AM UTC | root | 19.75 MiB |
| Snapshot Update of #1 | transactional-update-in-progress=yes
4 | single | | Wed 05 May 2021 10:55:47 AM UTC | root | 19.75 MiB |
| Snapshot Update of #1 | transactional-update-in-progress=yes
5 | single | | Wed 05 May 2021 11:06:10 AM UTC | root | 19.75 MiB |
| Snapshot Update of #1 | transactional-update-in-progress=yes
Of course, the expected results would be that packages are actually
updated/installed.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1181533
Bug ID: 1181533
Summary: Is not possible to set date with UTC format and 2038
year using hwclock
Classification: openSUSE
Product: openSUSE Tumbleweed
Version: Current
Hardware: x86-64
OS: openSUSE Tumbleweed
Status: NEW
Severity: Major
Priority: P5 - None
Component: Basesystem
Assignee: screening-team-bugs(a)suse.de
Reporter: ionut_n2001(a)yahoo.com
QA Contact: qa-bugs(a)suse.de
Found By: ---
Blocker: ---
Hi SUSE Team,
I try to set date with UTC format and 2038 Year.
This is not working.
Steps for reproduce:
# date -s "Jan 20 15:42:59 UTC 2038"
# hwclock -w
# hwclock -s
hwclock: settimeofday() failed: Invalid argument
--
You are receiving this mail because:
You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1176233
Bug ID: 1176233
Summary: Unable to install nvidia driver 450.66
Classification: openSUSE
Product: openSUSE Tumbleweed
Version: Current
Hardware: x86-64
OS: openSUSE Tumbleweed
Status: NEW
Severity: Critical
Priority: P5 - None
Component: Kernel
Assignee: kernel-bugs(a)opensuse.org
Reporter: juergen-fuhrmann(a)web.de
QA Contact: qa-bugs(a)suse.de
Found By: ---
Blocker: ---
Hi on a fresh install of tumbleweed (kernel 5.8)
(and btw also on Leap 15.2 with Kernel 5.3) the nvidia driver 450.66
installation fails.
The culprit seems to be that the make system complains about missing
scripts/Makefile.kcsan
Trying to report this to nvidia as well...
--
You are receiving this mail because:
You are on the CC list for the bug.