April 2024 - openSUSE Bugs - openSUSE Mailing Lists

[Bug 1223086] New: consider integrity checking in source services mandatory
by bugzilla_noreply＠suse.com 15 May '24

15 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1223086 Bug ID: 1223086 Summary: consider integrity checking in source services mandatory Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team(a)suse.de Reporter: jzerebecki(a)suse.com QA Contact: qa-bugs(a)suse.de Target Milestone: --- Found By: --- Blocker: --- Not sure if this is the right component/product... I have previously asked this similarly via mail, so trying here to not let it drop off the table again: Can we agree to consider the following as security bugs?: In scope: Any source services available in Factory, when no explicit argument like "insecure" is enabled (so a program can find and count them, an exhaustive list of those exception labels will be later defined in source_validator). If a bug is found that makes the output not reproducible or verification of downloads is not cryptographically secure, it is categorised as a security bug to be fixed. Out of scope, for now: How those services are used in packages. For larger context see: https://github.com/openSUSE/obs-service-source_validator/issues/134 -- You are receiving this mail because: You are on the CC list for the bug.

1 3

[Bug 1223504] New: transactional_update cannot deal with new table look of snapper
by bugzilla_noreply＠suse.com 15 May '24

15 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1223504 Bug ID: 1223504 Summary: transactional_update cannot deal with new table look of snapper Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: screening-team-bugs(a)suse.de Reporter: aschnell(a)suse.com QA Contact: qa-bugs(a)suse.de Target Milestone: --- Found By: --- Blocker: --- See https://build.opensuse.org/request/show/1169010. snapper uses unicode symbols for the table lines now. The code in transactional_update cannot deal with that: https://github.com/openSUSE/transactional-update/blob/master/sbin/transacti… transactional_update should use the CSV or JSON output of snapper instead. CSV is partly used already: https://github.com/openSUSE/transactional-update/blob/master/systemd/prepar… -- You are receiving this mail because: You are on the CC list for the bug.

1 11

[Bug 1223400] New: VUL-0: CVE-2024-22391: gdcm: heap-based buffer overflow in the LookupTable:SetLUT functionality
by bugzilla_noreply＠suse.com 14 May '24

14 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1223400 Bug ID: 1223400 Summary: VUL-0: CVE-2024-22391: gdcm: heap-based buffer overflow in the LookupTable:SetLUT functionality Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/403163/ OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Other Assignee: axel.braun(a)gmx.de Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: camila.matos(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- A heap-based buffer overflow vulnerability exists in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22391 https://www.cve.org/CVERecord?id=CVE-2024-22391 https://talosintelligence.com/vulnerability_reports/TALOS-2024-1924 https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1924 -- You are receiving this mail because: You are on the CC list for the bug.

1 3

[Bug 1223401] New: VUL-0: CVE-2024-25569: gdcm: out-of-bounds read in the RAWCodec:DecodeBytes functionality
by bugzilla_noreply＠suse.com 14 May '24

14 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1223401 Bug ID: 1223401 Summary: VUL-0: CVE-2024-25569: gdcm: out-of-bounds read in the RAWCodec:DecodeBytes functionality Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/403164/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Other Assignee: axel.braun(a)gmx.de Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: camila.matos(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- An out-of-bounds read vulnerability exists in the RAWCodec::DecodeBytes functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-25569 https://www.cve.org/CVERecord?id=CVE-2024-25569 https://talosintelligence.com/vulnerability_reports/TALOS-2024-1944 https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1944 -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1221158] New: [Build 20240308-1]nothing provides 'libqwt.so.6()(64bit)' needed by the to be installed qgis-3.18.3-bp156.4.13.x86_64
by bugzilla_noreply＠suse.com 14 May '24

14 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1221158 Bug ID: 1221158 Summary: [Build 20240308-1]nothing provides 'libqwt.so.6()(64bit)' needed by the to be installed qgis-3.18.3-bp156.4.13.x86_64 Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://openqa.opensuse.org/tests/3996712/modules/qgis /steps/21 OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: screening-team-bugs(a)suse.de Reporter: richard.fan(a)suse.com QA Contact: qa-bugs(a)suse.de Target Milestone: --- Found By: openQA Blocker: Yes ## Desctiption Install package qgis fails qgis 1m 59s failed avWL9-0- WgXp8-0- zFi8o-4- lttd2-1- 2z3eG-0- ppOCg-0- JgRME-0- sUnaF Processing conflicts - 0 0| 2024-03-08 00:37:43 <3> susetest(3272) [zypp::solver] SATResolver.cc(solving):849 So… # wait_serial expected: "SCRIPT_FINISHEDsUnaF-\\d+-" # Result: sUnaF Processing conflicts - 0 0| 2024-03-08 00:37:43 <3> susetest(3272) [zypp::solver] SATResolver.cc(solving):849 Solverrun finished with an ERROR 0| 2024-03-08 00:37:43 <2> susetest(3272) [zypp::solver] SATResolver.cc(resolvePool):921 SATResolver::resolvePool() done. Ret:0 0| 2024-03-08 00:37:43 <1> susetest(3272) [zypp::solver] Resolver.cc(problems):414 Resolver::problems() 0| 2024-03-08 00:37:43 <1> susetest(3272) [zypp::solver] SATResolver.cc(problems):1353 Encountered problems! Here are the solutions: 0| 2024-03-08 00:37:43 <1> susetest(3272) [zypp::solver] SATResolver.cc(problems):1353 0| 2024-03-08 00:37:43 <1> susetest(3272) [zypp::solver] SATResolver.cc(problems):1357 Problem 1: 0| 2024-03-08 00:37:43 <1> susetest(3272) [zypp::solver] SATResolver.cc(problems):1358 ==================================== 0| 2024-03-08 00:37:43 <1> susetest(3272) [zypp::solver] SATResolver.cc(problems):1362 nothing provides 'libqwt.so.6()(64bit)' needed by the to be installed qgis-3.18.3-bp156.4.13.x86_64 0| 2024-03-08 00:37:43 <1> susetest(3272) [zypp::solver] SATResolver.cc(problems):1363 ------------------------------------ 0| 2024-03-08 00:37:43 <1> susetest(3272) [libsolv++] PoolImpl.cc(logSat):131 solver statistics: 0 learned rules, 0 unsolvable, 0 minimization steps EOL SCRIPT_FINISHEDsUnaF-0- ## Observation openQA test in scenario opensuse-15.6-DVD-Updates-x86_64-extra_tests_gnome@64bit fails in [qgis](https://openqa.opensuse.org/tests/3996712/modules/qgis/steps/21) ## Test suite description Maintainer: QE Core, asmorodskyi. Extra tests which were designed to run on gnome ## Reproducible Fails since (at least) Build [20240308-1](https://openqa.opensuse.org/tests/3996554) ## Expected result Last good: (unknown) (or more recent) ## Further details Always latest result in this scenario: [latest](https://openqa.opensuse.org/tests/latest?arch=x86_64&distri=opensus… -- You are receiving this mail because: You are on the CC list for the bug.

1 5

[Bug 1217776] New: rpm-build pulling Qt6 dependency without need
by bugzilla_noreply＠suse.com 13 May '24

13 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1217776 Bug ID: 1217776 Summary: rpm-build pulling Qt6 dependency without need Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: KDE Workspace (Plasma) Assignee: opensuse-kde-bugs(a)opensuse.org Reporter: mrueckert(a)suse.com QA Contact: qa-bugs(a)suse.de Target Milestone: --- Found By: --- Blocker: --- ``` zypper in obs-service-source_validator Loading repository data... Reading installed packages... [TechPreview] $ZYPP_SINGLE_RPMTRANS=1 : New rpm install backend is enabled If you find any bugs or issues please let us know: https://bugzilla.opensuse.org/ Component: libzypp (or zypper) And please attach the /var/log/zypper.log to the bug report. Resolving package dependencies... The following 15 NEW packages are going to be installed: gcc13-c++ gcc-c++ libqt5-qtdeclarative-tools libQt6JsonRpc6 libQt6LanguageServer6 libQt6QmlCompiler6 libstdc++6-devel-gcc13 obs-service-source_validator python-rpm-packaging qml-autoreqprov qt6-base-common-devel qt6-declarative-tools qt6-macros rpm-build rpm-build-perl 15 new packages to install. Overall download size: 29,6 MiB. Already cached: 0 B. After the operation, additional 107,8 MiB will be used. ``` I tracked this down to `zypper in rpm-build` which then triggers: ``` rpm -q --requires libQt6Qml6 (qml-autoreqprov if rpm-build) ``` on some Qt devel package I could understand a dependency like this. but for a library package this feels excessive. source_validator/rpmbuild should not build a Qt6 devel stack. -- You are receiving this mail because: You are on the CC list for the bug.

1 3

[Bug 1221691] New: GCC 14: hfsutils package fails
by bugzilla_noreply＠suse.com 13 May '24

13 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1221691 Bug ID: 1221691 Summary: GCC 14: hfsutils package fails Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Other Assignee: screening-team-bugs(a)suse.de Reporter: michal.jires(a)suse.com QA Contact: qa-bugs(a)suse.de CC: valentin.lefebvre(a)suse.com Blocks: 1220571 Target Milestone: --- Found By: --- Blocker: --- Building hfsutils with GCC 14 fails here: https://build.opensuse.org/package/live_build_log/openSUSE:Factory:Staging:… Due to (exhaustive list of errors): tclhfs.c: In function ‘direntstr’: tclhfs.c:193:26: error: passing argument 2 of ‘Tcl_Merge’ from incompatible pointer type [-Wincompatible-pointer-types] 193 | return Tcl_Merge(argc, argv); | ^~~~ | | | char ** In file included from /usr/include/tcl.h:2421, from tclhfs.c:37: /usr/include/tclDecls.h:584:66: note: expected ‘const char * const*’ but argument is of type ‘char **’ 584 | EXTERN char * Tcl_Merge(int argc, CONST84 char *const *argv); | ^ tclhfs.c: In function ‘file_ref’: tclhfs.c:510:36: error: passing argument 3 of ‘Tcl_CreateCommand’ from incompatible pointer type [-Wincompatible-pointer-types] 510 | file_cmd, fref, file_del); | ^~~~~~~~ | | | int (*)(void *, Tcl_Interp *, int, char **) /usr/include/tclDecls.h:303:67: note: expected ‘int (*)(void *, Tcl_Interp *, int, const char **)’ but argument is of type ‘int (*)(void *, Tcl_Interp *, int, char **)’ 303 | const char *cmdName, Tcl_CmdProc *proc, | ~~~~~~~~~~~~~^~~~ tclhfs.c: In function ‘vol_cmd’: tclhfs.c:892:61: error: passing argument 4 of ‘Tcl_SplitList’ from incompatible pointer type [-Wincompatible-pointer-types] 892 | if (Tcl_SplitList(interp, interp->result, &listc, &listv) != TCL_OK) | ^~~~~~ | | | char *** /usr/include/tclDecls.h:722:49: note: expected ‘const char ***’ but argument is of type ‘char ***’ 722 | CONST84 char ***argvPtr); | ^ tclhfs.c:904:37: error: passing argument 2 of ‘Tcl_Merge’ from incompatible pointer type [-Wincompatible-pointer-types] 904 | result = Tcl_Merge(listc, listv); | ^~~~~ | | | char ** tclhfs.c:1037:54: error: passing argument 4 of ‘Tcl_SplitList’ from incompatible pointer type [-Wincompatible-pointer-types] 1037 | if (Tcl_SplitList(interp, argv[2], &listc, &listv) != TCL_OK) | ^~~~~~ | | | char *** tclhfs.c:1049:37: error: passing argument 2 of ‘Tcl_Merge’ from incompatible pointer type [-Wincompatible-pointer-types] 1049 | result = Tcl_Merge(fargc, fargv); | ^~~~~ | | | char ** tclhfs.c: In function ‘cmd_hfs’: tclhfs.c:1238:25: error: passing argument 3 of ‘Tcl_CreateCommand’ from incompatible pointer type [-Wincompatible-pointer-types] 1238 | vol_cmd, vref, vol_del); | ^~~~~~~ | | | int (*)(void *, Tcl_Interp *, int, char **) tclhfs.c:1310:54: error: passing argument 4 of ‘Tcl_SplitList’ from incompatible pointer type [-Wincompatible-pointer-types] 1310 | if (Tcl_SplitList(interp, argv[5], &listc, &listv) != TCL_OK) | ^~~~~~ | | | char *** tclhfs.c: In function ‘Hfs_Init’: tclhfs.c:1480:38: error: passing argument 3 of ‘Tcl_CreateCommand’ from incompatible pointer type [-Wincompatible-pointer-types] 1480 | Tcl_CreateCommand(interp, "hfs", cmd_hfs, 0, 0); | ^~~~~~~ | | | int (*)(void *, Tcl_Interp *, int, char **) tclhfs.c:1481:38: error: passing argument 3 of ‘Tcl_CreateCommand’ from incompatible pointer type [-Wincompatible-pointer-types] 1481 | Tcl_CreateCommand(interp, "exit", cmd_exit, 0, 0); | ^~~~~~~~ | | | int (*)(void *, Tcl_Interp *, int, char **) See the meta bug#1220571 for more info. -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1221732] New: VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 123.0.6312.58
by bugzilla_noreply＠suse.com 13 May '24

13 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1221732 Bug ID: 1221732 Summary: VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 123.0.6312.58 Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.5 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team(a)suse.de Reporter: Andreas.Stieger(a)gmx.de QA Contact: qa-bugs(a)suse.de CC: Andreas.Stieger(a)gmx.de, gmbr3(a)opensuse.org, m.szczepaniak.000(a)gmail.com Target Milestone: --- Found By: --- Blocker: --- From https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-des… CVE-2024-2625: Object lifecycle issue in V8 CVE-2024-2626: Out of bounds read in Swiftshader CVE-2024-2627: Use after free in Canvas CVE-2024-2628: Inappropriate implementation in Downloads CVE-2024-2629: Incorrect security UI in iOS CVE-2024-2630: Inappropriate implementation in iOS CVE-2024-2631: Inappropriate implementation in iOS -- You are receiving this mail because: You are on the CC list for the bug.

1 4

[Bug 1218678] New: VUL-0: CVE-2022-36763: EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of co ...
by bugzilla_noreply＠suse.com 13 May '24

13 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1218678 Bug ID: 1218678 Summary: VUL-0: CVE-2022-36763: EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of co ... Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/390488/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: guillaume.gardet(a)opensuse.org Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: stoyan.manolov(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36763 https://www.cve.org/CVERecord?id=CVE-2022-36763 https://github.com/tianocore/edk2/security/advisories/GHSA-xvv8-66cq-prwr -- You are receiving this mail because: You are on the CC list for the bug.

1 12

[Bug 1222707] New: VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 123.0.6312.122
by bugzilla_noreply＠suse.com 13 May '24

13 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1222707 Bug ID: 1222707 Summary: VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 123.0.6312.122 Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Security Assignee: Andreas.Stieger(a)gmx.de Reporter: thomas.leroy(a)suse.com QA Contact: security-team(a)suse.de CC: m.szczepaniak.000(a)gmail.com Target Milestone: --- Found By: --- Blocker: --- The Stable channel has been updated to 123.0.6312.122/.123 for Windows 123.0.6312.122/.123/.124 for Mac and 123.0.6312.122 to Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed. This update includes 3 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. High CVE-2024-3157: Out of bounds write in Compositing. Reported by DarkNavy on 2024-03-26 High CVE-2024-3516: Heap buffer overflow in ANGLE. Reported by Bao (zx) Pham and Toan (suto) Pham of Qrious Secure on 2024-03-09 High CVE-2024-3515: Use after free in Dawn. Reported by wgslfuzz on 2024-03-25 https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-des… -- You are receiving this mail because: You are on the CC list for the bug.

1 5