July 2024 - openSUSE Bugs - openSUSE Mailing Lists

[Bug 1227395] New: PackageKit updates got installed but in background is something still processing
by bugzilla_noreply＠suse.com 04 Jul '24

04 Jul '24

https://bugzilla.suse.com/show_bug.cgi?id=1227395 Bug ID: 1227395 Summary: PackageKit updates got installed but in background is something still processing Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://openqa.opensuse.org/tests/4315089/modules/upda tes_packagekit_gpk/steps/48 OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Other Assignee: songchuan.kang(a)suse.com Reporter: jpupava(a)suse.com QA Contact: qa-bugs(a)suse.de Target Milestone: --- Found By: openQA Blocker: Yes Created attachment 875881 --> https://bugzilla.suse.com/attachment.cgi?id=875881&action=edit OK pressed while bar was not finished ## Observation I think this started to happen on new Leap 15.6, there is pop-up "Updates installed", but on the bottom is visible bar is still moving and the whole process is not finished, when ok is pressed while the bar is still moving there will be error pop-up, mostly [1] or[2]. [1] https://openqa.opensuse.org/tests/4315089#step/updates_packagekit_gpk/48 [2] https://openqa.opensuse.org/tests/4316769#step/updates_packagekit_gpk/26 ## Reproducible Fails since (at least) Build [20240629-2](https://openqa.opensuse.org/tests/4307738) ## Expected result Last good: [:18445:python-rebulk.1719652841](https://openqa.opensuse.org/tests/4307724) (or more recent) ## Further details Always latest result in this scenario: [latest](https://openqa.opensuse.org/tests/latest?arch=x86_64&distri=opensus… -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1227394] New: [Build 20240703] openQA test fails in qgis: gdal failed to build against poppler 24.06
by bugzilla_noreply＠suse.com 04 Jul '24

04 Jul '24

https://bugzilla.suse.com/show_bug.cgi?id=1227394 Bug ID: 1227394 Summary: [Build 20240703] openQA test fails in qgis: gdal failed to build against poppler 24.06 Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other URL: https://openqa.opensuse.org/tests/4318091/modules/qgis /steps/11 OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Other Assignee: screening-team-bugs(a)suse.de Reporter: dimstar(a)opensuse.org QA Contact: qa-bugs(a)suse.de Target Milestone: --- Found By: openQA Blocker: Yes ## Observation openQA test in scenario opensuse-Tumbleweed-DVD-x86_64-extra_tests_gnome@64bit fails in [qgis](https://openqa.opensuse.org/tests/4318091/modules/qgis/steps/11) ## Test suite description Maintainer: QE Core, asmorodskyi. Extra tests which were designed to run on gnome ## Reproducible Fails since (at least) Build [20240528](https://openqa.opensuse.org/tests/4231828) ## Expected result Last good: [20240527](https://openqa.opensuse.org/tests/4227928) (or more recent) ## Further details Always latest result in this scenario: [latest](https://openqa.opensuse.org/tests/latest?arch=x86_64&distri=opensus… -- You are receiving this mail because: You are on the CC list for the bug.

1 1

[Bug 1177881] VUL-0: CVE-2020-6104,CVE-2020-6105,CVE-2020-6106,CVE-2020-6107,CVE-2020-6108: f2fs-tools: specially crafted f2fs filesystems can cause code execution
by bugzilla_noreply＠suse.com 04 Jul '24

04 Jul '24

https://bugzilla.suse.com/show_bug.cgi?id=1177881 https://bugzilla.suse.com/show_bug.cgi?id=1177881#c3 Wolfgang Frisch <wolfgang.frisch(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #3 from Wolfgang Frisch <wolfgang.frisch(a)suse.com> --- (In reply to Jan Engelhardt from comment #2) > Submissions posted. Thanks. Fixed in all openSUSE codestreams. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1216564] New: Missing directory /usr/share/ca-certificates for charon
by bugzilla_noreply＠suse.com 04 Jul '24

04 Jul '24

https://bugzilla.suse.com/show_bug.cgi?id=1216564 Bug ID: 1216564 Summary: Missing directory /usr/share/ca-certificates for charon Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.5 Hardware: x86-64 OS: openSUSE Leap 15.5 Status: NEW Severity: Major Priority: P5 - None Component: Network Assignee: screening-team-bugs(a)suse.de Reporter: keitarobr(a)gmail.com QA Contact: qa-bugs(a)suse.de Target Milestone: --- Found By: --- Blocker: --- charon-nm is looking for certificates at /usr/share-ca-certificates, but this directory does not exist. Thus it can't validate a valid certificate for an IPSec/IKEv2 VPN server (does not find the GlobalSign root certificates). I solved the issue issuing the following command: sudo ln -s /var/lib/ca-certificates/pem /usr/share/ca-certificates -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1167659] VUL-0: CVE-2020-6582: nrpe: heap-based buffer overflow due to a wrong integer type conversion
by bugzilla_noreply＠suse.com 04 Jul '24

04 Jul '24

https://bugzilla.suse.com/show_bug.cgi?id=1167659 https://bugzilla.suse.com/show_bug.cgi?id=1167659#c4 Wolfgang Frisch <wolfgang.frisch(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Assignee|nix(a)opensuse.org |security-team(a)suse.de Status|REOPENED |RESOLVED --- Comment #4 from Wolfgang Frisch <wolfgang.frisch(a)suse.com> --- Fixed in openSUSE:Factory/nrpe openSUSE:Backports:SLE-15-SP5:Update/nrpe openSUSE:Backports:SLE-15-SP6:Update/nrpe -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1144304] VUL-1: CVE-2019-14531: sleuthkit: An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an out of bounds read on iso9660 while parsing System Use Sharing Protocol data in fs/iso9660.c.
by bugzilla_noreply＠suse.com 04 Jul '24

04 Jul '24

https://bugzilla.suse.com/show_bug.cgi?id=1144304 https://bugzilla.suse.com/show_bug.cgi?id=1144304#c1 Wolfgang Frisch <wolfgang.frisch(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|Greg.Freemyer(a)gmail.com |security-team(a)suse.de Status|NEW |IN_PROGRESS --- Comment #1 from Wolfgang Frisch <wolfgang.frisch(a)suse.com> --- Upstream patch: https://github.com/sleuthkit/sleuthkit/commit/ce902f7bce63757e476da7570bfbd… Fixed in: openSUSE:Factory/sleuthkit openSUSE:Backports:SLE-15-SP6:Update/sleuthkit Affected: openSUSE:Backports:SLE-15-SP5:Update/sleuthkit Submission: https://build.opensuse.org/request/show/1185386 -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1166065] VUL-1: CVE-2020-10233: sleuthkit: heap-based buffer over-read in ntfs_dinode_lookup in fs/ntfs.c.
by bugzilla_noreply＠suse.com 04 Jul '24

04 Jul '24

https://bugzilla.suse.com/show_bug.cgi?id=1166065 https://bugzilla.suse.com/show_bug.cgi?id=1166065#c1 Wolfgang Frisch <wolfgang.frisch(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Assignee|Greg.Freemyer(a)gmail.com |security-team(a)suse.de Status|NEW |RESOLVED --- Comment #1 from Wolfgang Frisch <wolfgang.frisch(a)suse.com> --- The upstream fix [1] is present in all supported codestreams. [1] https://github.com/sleuthkit/sleuthkit/pull/1837/commits/0c7d5e7333aeb61dac… -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1166064] VUL-0: CVE-2020-10232: sleuthkit: stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfs_istat() in fs/yaffs.c.
by bugzilla_noreply＠suse.com 04 Jul '24

04 Jul '24

https://bugzilla.suse.com/show_bug.cgi?id=1166064 https://bugzilla.suse.com/show_bug.cgi?id=1166064#c1 Wolfgang Frisch <wolfgang.frisch(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED Assignee|Greg.Freemyer(a)gmail.com |security-team(a)suse.de --- Comment #1 from Wolfgang Frisch <wolfgang.frisch(a)suse.com> --- Fixed in all supported codestreams. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1142201] VUL-1: CVE-2019-1010065: sleuthkit: Integer Overflow. The impact is: Opening crafted disk image triggers crash in tsk/fs/hfs_dent.c:237. The component is: Overflow in fls tool used on HFS image. Bug is
by bugzilla_noreply＠suse.com 04 Jul '24

04 Jul '24

https://bugzilla.suse.com/show_bug.cgi?id=1142201 https://bugzilla.suse.com/show_bug.cgi?id=1142201#c1 Wolfgang Frisch <wolfgang.frisch(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED CC| |wolfgang.frisch(a)suse.com Assignee|Greg.Freemyer(a)gmail.com |security-team(a)suse.de Status|NEW |RESOLVED --- Comment #1 from Wolfgang Frisch <wolfgang.frisch(a)suse.com> --- Fixed in all supported codestreams. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1144306] VUL-1: CVE-2019-14532: sleuthkit: An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off-by-one overwrite due to an underflow on tools/hashtools/hfind.cpp while using a bogus hash table.
by bugzilla_noreply＠suse.com 04 Jul '24

04 Jul '24

https://bugzilla.suse.com/show_bug.cgi?id=1144306 https://bugzilla.suse.com/show_bug.cgi?id=1144306#c1 Wolfgang Frisch <wolfgang.frisch(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CONFIRMED --- Comment #1 from Wolfgang Frisch <wolfgang.frisch(a)suse.com> --- Not fixed by upstream yet, as far as I can tell. https://github.com/sleuthkit/sleuthkit/commits/develop/tools/hashtools/hfin… -- You are receiving this mail because: You are on the CC list for the bug.

1 0