Hi Jan, all,
I'd like to carry our OBS dicussion to a wider audience
(https://build.opensuse.org/request/show/672510).
The question is whether we can assume that "/bin/sh" links to bash,
in particular whether rpm scriptlets without explicit -p interpreter
can be assumed to interpreted by bash.
I'm aware that, in principle, /bin/sh is supposed to be the Bourne
shell on Unix systems. But as a matter of fact, on current openSUSE, it
is not. Unless it's tampered with, /bin/sh is a symlink to /bin/bash.
bash is not started in full POSIX mode if invoked as /bin/sh, and even
if it's in POSIX mode, it supports some extensions over the POSIX shell
spec (e.g. the [[ ]] construct), which makes it behave differently than
another shell not supporting [[ ]] would (*). Problably there are more
differences, I can't claim to know them all.
Here are some arguments why I think it'd be reasonable to assume that
/bin/sh is bash on openSUSE:
1. patterns-base-minimal_base depends on bash, and the /bin/sh symlink
is a non-configurable part of the "bash" package.
2. we could handle /bin/sh via /etc/alternatives, but we don't.
3. our Wiki suggests testing failing scriplets using "bash -xv"
(https://en.opensuse.org/openSUSE:Packaging_scriptlet_snippets)
4. /bin/sh has pointed to bash for a long time (not sure how long
exactly).
FTR, Fedora basically guarantees (sh == bash) for the purpose of rpm
scriptlets (https://fedoraproject.org/wiki/Packaging:Scriptlets). So
Fedora <-> openSUSE portability may also be an issue to consider.
If we can't assume that /bin/sh is bash, what else can we assume? I
recall from earlier work that writing really 100% compatible shell code
for all kinds of environments is really hard. E.g., "[" isn't 100%
portable either, even though it's part of the POSIX "test" standard
(http://pubs.opengroup.org/onlinepubs/9699919799/utilities/test.html).
We should have clear rules which syntax expressions can be used in rpm
scriptlets, and which can't. IMO we should define one of the various
existing shells as a reference by saying "if it's supported
by this shell, it's valid scriptlet code". That'd be easier (especially
for testing compliance) than referring to a spec. That reference shell
doesn't have to be bash, of course.
Thanks
Martin
(*) For example:
# ln -s /usr/bin/echo '/usr/bin/[['
# ls -l /bin/sh
lrwxrwxrwx 1 root root 4 Feb 8 10:38 /bin/sh -> bash
# /bin/sh --posix -c '[[ 2 = 1 ]] && echo yes'
# dash -c '[[ 2 = 1 ]] && echo yes'
2 -eq 1 ]]
yes
--
Dr. Martin Wilck <mwilck(a)suse.com>, Tel. +49 (0)911 74053 2107
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton
HRB 21284 (AG Nürnberg)
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
PackageKit
checkpolicy (3.1 -> 3.2)
cppcheck (2.3 -> 2.4.1)
cups
e2fsprogs (1.46.1 -> 1.46.2)
elfutils
elfutils-debuginfod
emacs-w3m (1.4.632 -> 1.4.632+396+g051dba16)
enchant (2.2.8 -> 2.2.15)
evolution-data-server
evolution-ews
ffmpeg-4 (4.3.1 -> 4.3.2)
gnome-shell
java-11-openjdk
kernel-firmware (20210208 -> 20210315)
libnettle (3.7.1 -> 3.7.2)
libnice (0.1.17 -> 0.1.18)
libselinux (3.1 -> 3.2)
libselinux-bindings (3.1 -> 3.2)
libsemanage (3.1 -> 3.2)
libtpms (0.7.4 -> 0.7.7)
libvirt
links (2.21 -> 2.22)
man-pages (5.10 -> 5.11)
mc (4.8.25 -> 4.8.26)
openblas_pthreads (0.3.13 -> 0.3.14)
p7zip
perl-Net-HTTP (6.20 -> 6.21)
policycoreutils (3.1 -> 3.2)
python-semanage (3.1 -> 3.2)
redis
rng-tools (6.11 -> 6.12)
rubygem-bootsnap (1.7.2 -> 1.7.3)
rubygem-rspec-rails (5.0.0 -> 5.0.1)
setools (4.3.0 -> 4.4.0)
snapper (0.8.15 -> 0.8.16)
spirv-tools
taglib (1.11.2~git20190725.79bc9ccf -> 1.12)
thunar (4.16.5 -> 4.16.6)
=== Details ===
==== PackageKit ====
Subpackages: PackageKit-backend-zypp PackageKit-gstreamer-plugin PackageKit-gtk3-module PackageKit-lang libpackagekit-glib2-18 typelib-1_0-PackageKitGlib-1_0
- Add PackageKit-remove-transaction-size-limit.patch: Remove large transaction
size sanity check (gh#hughsie/PackageKit/commit#ac5c8660)
==== checkpolicy ====
Version update (3.1 -> 3.2)
- Update to version 3.2
* Fix a memleak and an integer overflow
==== cppcheck ====
Version update (2.3 -> 2.4.1)
- update to 2.4.1:
* fix for windows installer, no other changes
- update to 2.4:
* Detect one definition rule violations
* MISRA improvements
* ImportProject fixes
* Various bug hunting improvements
* Fixes when importing AST from clang
==== cups ====
Subpackages: cups-client cups-config libcups2 libcups2-32bit libcupsimage2
- fix-negotiate-authentication-between-CGIs-and-scheduler.patch
fixes web UI Kerberos authentication (bsc#1175960)
- Remove code comments from expanded scriptlets to reduce size
==== e2fsprogs ====
Version update (1.46.1 -> 1.46.2)
Subpackages: e2fsprogs-scrub libcom_err2 libcom_err2-32bit libext2fs2
- e2fsprogs 1.46.2:
* tune2fs -c now takes "random" argument
* Add support for the FS_NOCOMP_FL flag to chattr and lsattr
* Fix warnings when resizing small file systems to a super-large
* Fix the debugfs rdump and ls commands so they will work correctly
for uid's and gid's => 65536
* Fix the debugfs write and symlink commands so they support
targets which contain a pathname
* Fix Direct I/O support on block devices where the logical block
size is greater 1k
* Fix debugfs's logdump so it works on file systems whose block
size is greater than 8k
* Fix a crash when there is error while e2fsck is trying to open
the file system, and e2fsck calls ext2fs_mmp_stop() before MMP
has been initialized
* Improved error checking in the fast commit replay code in e2fsck
* Fix various compiler and Coverity warnings
* Update the Spanish translation from the translation project
==== elfutils ====
Subpackages: elfutils-lang libasm1 libdw1 libelf1
- Add disable-run-readelf-self-test.patch in order to disable
a failing test-case with GCC 11 (PR27367).
==== elfutils-debuginfod ====
- Enable https://debuginfod.opensuse.org/ debuginfod server
by default now.
- Add disable-run-readelf-self-test.patch in order to disable
a failing test-case with GCC 11 (PR27367).
==== emacs-w3m ====
Version update (1.4.632 -> 1.4.632+396+g051dba16)
- Update to version 1.4.632+396+g051dba16:
* Don't show a backstage while performing `text-scale-adjust'
* Make text-scale-adjust work
* Fix it again
* shimbun.el (shimbun-xml-parse-buffer): Fix typo
* ChangeLog: fix date entries
* * shimbun.el (shimbun-xml-parse-buffer): Work around malformed xml
* Update copyright years
* Docfix so not to be wider than 80 chars
* Bugfix 'w3m-previous-image doesn't work' ([emacs-w3m:13747])
* Fix typo in ChangeLog
==== enchant ====
Version update (2.2.8 -> 2.2.15)
Subpackages: enchant-2-backend-hunspell enchant-data libenchant-2-2
- Update to version 2.2.15:
+ Specify that nuspell >= 4.1.0 is required.
+ Fix some space leaks in the tests.
+ The nuspell backend is updated for newer versions.
+ Make the enchant program output its version to standard output,
not standard error. This may help some programs that use this
output.
+ Fix a bug in the Voikko and Zemberek back-ends that could cause
spell checking and suggestion to fail.
+ Make enchant silently ignore -B flag, for better Emacs
compatibility.
+ Make enchant_broker_list_dicts sort the tags, so that
enchant-lsmod?s output is sorted.
+ Minor build system improvement: don?t use -D_FORTIFY_SOURCE,
which can cause problems on Windows, and should be configured
by the compiler vendor if desired.
+ Fix Hunspell backend to treat apostrophes as Hunspell does: if
either straight or curly apostrophe is a word character, allow
both.
+ Fix a couple of space leaks in the Nuspell back end.
- Drop Fix_back-ends_that_want_a_NUL-terminated_string.patch: fixed
upstream.
==== evolution-data-server ====
Subpackages: evolution-data-server-lang libcamel-1_2-62 libebackend-1_2-10 libebook-1_2-20 libebook-contacts-1_2-3 libecal-2_0-1 libedata-book-1_2-26 libedata-cal-2_0-1 libedataserver-1_2-25 libedataserverui-1_2-2
- Add evolution-data-server-boo1182882.patch: fix buffer overrun
when parsing base64 data (boo#1182882).
==== evolution-ews ====
Subpackages: evolution-ews-lang
- Add evolution-ews-boo1182882.patch: fix buffer overrun when
parsing base64 data (boo#1182882).
==== ffmpeg-4 ====
Version update (4.3.1 -> 4.3.2)
Subpackages: libavcodec58_91 libavdevice58_10 libavfilter7_85 libavformat58_45 libavresample4_0 libavutil56_51 libpostproc55_7 libswresample3_7 libswscale5_7
- update to 4.3.2:
* lots of oss-fuzz reported overflow fixes, see included ChangeLog
- drop
ffmpeg.git-ba3e771a42c29ee02c34e7769cfc1b2dbc5c760a.patch
0001-lavf-srt-fix-build-fail-when-used-the-libsrt-1.4.1.patch
0001-avformat-vividas-improve-extradata-packing-checks-in.patch: upstream
==== gnome-shell ====
Subpackages: gnome-shell-calendar gnome-shell-lang
- Disable
gnome-shell-jsc#SLE-16051-Input-method-recommendation.patch:
Clears existing keyboard on gnome-shell restart (boo#1183823).
- Update gnome-shell-jsc#SLE-16051-Input-method-recommendation.patch:
Modify the Japanese input engine load order which will more fit
for our community(bnc#1183475);
==== java-11-openjdk ====
Subpackages: java-11-openjdk-headless
- Added patches:
* system-crypto-policy.patch
+ Let OpenJDK use system crypto policies unless explicitely told
not to
* nss-security-provider.patch
+ Add the NSS security provider with configuration in generated
nss.cfg file
* keytool-default-rsa.patch
+ Make keytool generate RSA keys by default, since only the
LEGACY system crypto policy allows DSA
==== kernel-firmware ====
Version update (20210208 -> 20210315)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd
- Update to version 20210315 (git commit 3568f962908c):
* linux-firmware: Update firmware file for Intel Bluetooth AX210
* linux-firmware: Update firmware file for Intel Bluetooth AX200
* linux-firmware: Update firmware file for Intel Bluetooth AX201
* rtw88: 8822c: Update normal firmware to v9.9.6
* iwlwifi: add new FWs from core59-66 release
* iwlwifi: update 9000-family firmwares
* iwlwifi: update 7265D firmware
* Mellanox: Add new mlxsw_spectrum firmware xx.2008.2406
* linux-firmware: add frimware for mediatek bluetooth chip (MT7921)
* rtw89: 8852a: add firmware v0.9.12.2
* WHENCE: add missing symlink for BananaPi M3
* Add symlink for BananaPi M2 to brcmfmac43430-sdio config
* brcm: Fix Raspberry Pi 4B NVRAM file
* silabs: add new firmware for WF200
* amdgpu: add initial firmware for green sardine
* rtw88: RTL8822C: Update normal firmware to v9.9.5
- Drop obsoleted patch:
Revert-brcm-rpi4-boardflags3-bit.patch
- Update topics and aliases
==== libnettle ====
Version update (3.7.1 -> 3.7.2)
Subpackages: libhogweed6 libhogweed6-32bit libnettle8 libnettle8-32bit
- GNU Nettle 3.7.2:
* fix a bug in ECDSA signature verification that could lead to a
denial of service attack (via an assertion failure) or possibly
incorrect results (boo#1183835)
* fix a few related problems where scalars are required to be
canonically reduced modulo the ECC group order, but in fact may
be slightly larger
==== libnice ====
Version update (0.1.17 -> 0.1.18)
Subpackages: gstreamer-libnice libnice10
- Update descriptions to be closer to the other GNOME packages.
- Update to 0.1.18:
* Remove the autotools build system, now only meson is available
* Accept receiving messages in multiple steps over TCP
* Accept duplicated ports as last option instead of spinning forever
* Use sendmmsg if possible to send multiple packets in one call
* Fail gathering if no port is available
* Hide the implementation of NiceCandidate, this hides some parts
that were previously visible
* Enable TURN server connects where both TCP and UDP use the same
port number
* Don't count rejected STUN messages as keepalive packets
* On Windows, the improvements and fixes
- use crypto library instead of CryptGenRandom() which
is deprecated
- use GetBestInterfaceEx() for UWP compatibility
- fix the listing of interfaces to use the correct APIs
- implement ignoring interfaces
* Add buildrquires: gobject-introspection-devel and meson
* The move from autoFOO to meson
==== libselinux ====
Version update (3.1 -> 3.2)
Subpackages: libselinux1 libselinux1-32bit selinux-tools
- Switch to pcre2:
+ Replace pcre-devel BuildRequires with pkgconfig(libpcre2-8)
+ Pass USE_PCRE2=y to make.
+ Replace pkgconfig(libpcre) Requires in -devel static with
pkgconfig(libpcre2-8).
- Update to version 3.2:
* Use mmap()'ed kernel status page instead of netlink by default.
See "KERNEL STATUS PAGE" section in avc_init(3) for more details.
* New log callback levels for enforcing and policy load notices -
SELINUX_POLICYLOAD, SELINUX_SETENFORCE
* Changed userspace AVC setenforce and policy load messages to audit
format.
==== libselinux-bindings ====
Version update (3.1 -> 3.2)
- Switch to pcre2:
+ Replace pcre-devel BuildRequires with pkgconfig(libpcre2-8)
+ Pass USE_PCRE2=y to make.
- Update to version 3.2:
* Use mmap()'ed kernel status page instead of netlink by default.
See "KERNEL STATUS PAGE" section in avc_init(3) for more details.
* New log callback levels for enforcing and policy load notices -
SELINUX_POLICYLOAD, SELINUX_SETENFORCE
* Changed userspace AVC setenforce and policy load messages to audit
format.
==== libsemanage ====
Version update (3.1 -> 3.2)
- Link to correct so version
- Minor spec file cleanups
- Move configuration file to separate libsemanage-conf package to allow
for parallel installation in future versions
- Update to version 3.2
* dropped old and deprecated symbols and functions
libsemanage version was bumped to libsemanage.so.2
* libsemanage tries to sync data to prevent empty files in SELinux module
store
==== libtpms ====
Version update (0.7.4 -> 0.7.7)
- Update to version 0.7.7
* CryptSym: fix AES output IV (bsc#1183729, CVE-2021-3446)
* tpm2: Fix public key context save due to ANY_OBJECT_Marshal usage
* tpm2: Address some Coverity issues (false positives)
* tpm1.2: Backported ASAN/UBSAN related fixes
* tpm2: Return properly sized array for b parameter for NIST P521
(HLK)
* tpm2: Addressed issues detected by UBSAN
* tpm2: Addressed issues detected by cppcheck (false positives)
==== libvirt ====
Subpackages: libvirt-bash-completion libvirt-client libvirt-daemon libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lxc libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs
- spec: Fix exec-restart of virtlockd and virtlogd on package upgrade
bsc#1183411
- spec: Move netcat-openbsd requirement from the libs to the daemon
subpackage. It is only needed by the daemon and introduces an
unneeded dependency for users of libvirt-libs.
==== links ====
Version update (2.21 -> 2.22)
- update to 2.22:
* Save and restore the terminal using xterm escape codes
* Save and restore the console using "cons.saver" from
Midnight Commander
* Support UTF-8 frames
* Fixed a bug in displaying non-printable characters
==== man-pages ====
Version update (5.10 -> 5.11)
- version update to 5.11
http://linux-man-pages.blogspot.com/2021/03/man-pages-511-is-released.html
- modified patches
% man-pages-tty_ioctl.patch (refreshed)
==== mc ====
Version update (4.8.25 -> 4.8.26)
Subpackages: mc-lang
- Midnight Commander 4.8.26:
* Support file names of any length
* Implement persistent command line buffer for subshell
(bash >= 4, zsh and fish are supported)
* Implement shadows of dialog windows and menus
* Allow running clipboard commands if DISPLAY is not set
* Add support of "alacritty", "tmux", and "tmux-256color" terminals
* VFS: Support wim archive format (using wimtools)
* VFS: Support pak archive format (using unar)
* Editor: Add Swift syntax highlighting
* Various bug fixes
==== openblas_pthreads ====
Version update (0.3.13 -> 0.3.14)
- Update openblas-ppc64be_up2_p8.patch trimed by previous sr
(still need changes in Makefile.system)
- Update to version 0.3.14
common:
* Fixed a race condition on thread shutdown in non-OpenMP builds
* Fixed custom BUFFERSIZE option getting ignored in gmake builds
* Fixed CMAKE compilation of the TRMM kernels for GENERIC platforms
* Added CBLAS interfaces for CROTG, ZROTG, CSROT and ZDROT
* Improved performance of OMATCOPY_RT across all platforms
* Changed perl scripts to use env instead of a hardcoded /usr/bin/perl
* Fixed potential misreading of the GCC compiler version in the build scripts
* Fixed convergence problems in LAPACK complex GGEV/GGES (Reference-LAPACK #477)
* Reduced the stacksize requirements for running the LAPACK testsuite (Reference-LAPACK #335)
RISC V:
* Fixed compilation on RISCV (missing entry in getarch)
POWER:
* Fixed compilation for DYNAMIC_ARCH with clang and with older gcc versions
* Added support for compilation on FreeBSD/ppc64le
* Added optimized POWER10 kernels for SSCAL, DSCAL, CSCAL, ZSCAL
* Added optimized POWER10 kernels for SROT, DROT, CDOT, SASUM, DASUM
* Improved SSWAP, DSWAP, CSWAP, ZSWAP performance on POWER10
* Improved SCOPY and CCOPY performance on POWER10
* Improved SGEMM and DGEMM performance on POWER10
* Added support for compilation with the NVIDIA HPC compiler
x86_64:
* Added an optimized bfloat16 GEMM kernel for Cooperlake
* Added CPUID autodetection for Intel Rocket Lake and Tiger Lake cpus
* Improved the performance of SASUM,DASUM,SROT,DROT on AMD Ryzen cpus
* Added support for compilation with the NAG Fortran compiler
* Fixed recognition of the AMD AOCC compiler
* Fixed compilation for DYNAMIC_ARCH with clang on Windows
* Added support for running the BLAS/CBLAS tests on Windows
* Fixed signatures of the tls callback functions for Windows x64
* Fixed various issues with fma intrinsics support handling
ARM:
* Support compilation for embedded Cortex M4 targets via a new option EMBEDDED
ARM64:
* Fixed the THUNDERX2T99 and NEOVERSEN1 DNRM2/ZNRM2 kernels for inputs with Inf
* Added support for the DYNAMIC_LIST option
* Added support for compilation with the NVIDIA HPC compiler
* Added support for compiling with the NAG Fortran compiler
- Remove 0001-Require-gcc-11-for-builtin_cpu_is-power10.patch
0002-patch-to-support-power10-in-builtin_cpu_is-was-backp.patch
Upstream fixed in a different way.
==== p7zip ====
Subpackages: p7zip-full
- Add patch from Debian to fix build with GCC 11 (boo#1181880)
* 0001-Fix-g-warning.patch
==== perl-Net-HTTP ====
Version update (6.20 -> 6.21)
- updated to 6.21
see /usr/share/doc/packages/perl-Net-HTTP/Changes
6.21 2021-03-18 21:56:42Z
- Accept PeerAddr of 0. (GH#72) (trwyant)
==== policycoreutils ====
Version update (3.1 -> 3.2)
Subpackages: policycoreutils-lang python3-policycoreutils
- Update to version 3.2
* Tools using sepolgen, e.g. audit2allow, print extended permissions in
hexadecimal
* sepolgen sorts extended rules like normal ones
* `setfiles` doesn't abort on labeling errors
- Refreshed get_os_version.patch
==== python-semanage ====
Version update (3.1 -> 3.2)
- Minor spec file cleanups
- Update to version 3.2
* dropped old and deprecated symbols and functions
libsemanage version was bumped to libsemanage.so.2
* libsemanage tries to sync data to prevent empty files in SELinux module
store
==== redis ====
- replaced /var/run with /run for all PID file paths
==== rng-tools ====
Version update (6.11 -> 6.12)
- update to 6.12:
* Fix compiler warning over log message format
* Fix some typos in force-reseed documentation in rngd man page
* Improve --list option so that we properly capture entropy sources
that are available and configured on at build time, but failed
initalization at run time (due to lack of hw, or some other error, etc)
* Drop the use of libsysfs - we only used it to access a single file,
and we can do so with a simple open/read/close.
Given the lack of maintenance of libsysfs, we can save lots of
effort by dropping this lib
==== rubygem-bootsnap ====
Version update (1.7.2 -> 1.7.3)
Subpackages: ruby2.7-rubygem-bootsnap ruby3.0-rubygem-bootsnap
- updated to version 1.7.3
* Disable YAML precompilation when encountering YAML tags. (#351)
==== rubygem-rspec-rails ====
Version update (5.0.0 -> 5.0.1)
- updated to version 5.0.1
[Full Changelog](https://github.com/rspec/rspec-rails/compare/v5.0.0...v5.0.1)
Bug Fixes:
* Limit multibyte example descriptions when used in system tests for #method_name
which ends up as screenshot names etc. (@y-yagi, #2405, #2487)
==== setools ====
Version update (4.3.0 -> 4.4.0)
- Update to the version 4.4.0:
* Added support for old Boolean name substitution in seinfo and sesearch.
* Added sechecker tool which is a configuration file driven analysis tool.
==== snapper ====
Version update (0.8.15 -> 0.8.16)
Subpackages: libsnapper5 snapper-zypp-plugin
- fixed creating root config (root prefix handling)
(gh#openSUSE/snapper#627)
==== spirv-tools ====
- Add -Wno-error
==== taglib ====
Version update (1.11.2~git20190725.79bc9ccf -> 1.12)
Subpackages: libtag1 libtag_c0
- Add missing zlib dependency in devel package
- reference download url of tarball
- Update to version 1.12:
* Added support for WinRT.
* Added support for Linux on POWER.
* Added support for classical music tags of iTunes 12.5.
* Added support for file descriptor to FileStream.
* Added support for 'cmID', 'purl', 'egid' MP4 atoms.
* Added support for 'GRP1' ID3v2 frame.
* Added support for extensible WAV subformat.
* Enabled FileRef to detect file types based on the stream content.
* Dropped support for Windows 9x and NT 4.0 or older.
* Check for mandatory header objects in ASF files.
* More tolerant handling of RIFF padding, WAV files, broken MPEG streams.
* Improved calculation of Ogg, Opus, Speex, WAV, MP4 bitrates.
* Improved Windows compatibility by storing FLAC picture after comments.
* Fixed numerical genres in ID3v2.3.0 'TCON' frames.
* Fixed consistency of API removing MP4 items when empty values are set.
* Fixed consistency of API preferring COMM frames with no description.
* Fixed OOB read on invalid Ogg FLAC files (CVE-2018-11439).
* Fixed handling of empty MPEG files.
* Fixed parsing MP4 mdhd timescale.
* Fixed reading MP4 atoms with zero length.
* Fixed reading FLAC files with zero-sized seektables.
* Fixed handling of lowercase field names in Vorbis Comments.
* Fixed handling of 'rate' atoms in MP4 files.
* Fixed handling of invalid UTF-8 sequences.
* Fixed possible file corruptions when saving Ogg files.
* Fixed handling of non-audio blocks, sampling rates, DSD audio in WavPack files.
* TableOfContentsFrame::toString() improved.
* UserTextIdentificationFrame::toString() improved.
* Marked FileRef::create() deprecated.
* Marked MPEG::File::save() with boolean parameters deprecated,
provide overloads with enum parameters.
* Several smaller bug fixes and performance improvements.
- Remove obsolete patches:
* taglib-versionbump.patch
* 0001-Changed-libdir-includedir-variables-to-change-based-.patch
==== thunar ====
Version update (4.16.5 -> 4.16.6)
Subpackages: libthunarx-3-0 thunar-lang
- Update to version 4.16.6
* Reload current directory before selecting new files
(gxo#xfce/thunar#524)
* tree-view: Hide menu-item "properties" for unmounted devices
* Removed 'the root folder has no parent' dialog box
* Revamp documentation to modernize/uniformize accross components
* Remove watches on shortcuts (gxo#xfce/thunar#513,
gxo#xfce/thunar#47)
* Translation Updates
In the last months the zypp team worked on the basics for speeding up
and modernizing the zypper/libzypp codebase.
Some of those projects are now available to Tumbleweed and can be
enabled and tested.
Please keep in mind that those changes currently are tech previews, so
zypper might crash or even break your system.
New RPM transaction backend for zypper:
Traditionally zypper executes rpm separately for each operation in a
transaction. This requires some hacks and workarounds and is not fully
compatible to running all operations in one single transaction.
It is also a lot slower for big transactions ( like dup with many
packages ). Therefore we have implemented a new backend that runs all
operations in a single big transaction via librpm. It can be enabled by
setting: ZYPP_SINGLE_RPMTRANS=1 in zyppers environment.
Issues/Changes with ZYPP_SINGLE_RPMTRANS=1 zypper ... :
- Changes how file conflicts work, since they are now executed by librpm
we are not able to generate a callback to ask the user if the error
should be ignored.
In the presence of file conflicts, the transaction will report an
error and will not execute unless --replacefiles is also used.
- Currently there is also a issue that could potentially break your
system in very specific preconditions. We put in a safety net that will
protect you on Tumbleweed,
however it still remains a issue for all systems that are PREUsrMerge
and use the single transaction mode to apply the update.
For example if you are on Leap and want to upgrade to Tumbleweed.
This is the bug in question:
https://bugzilla.suse.com/show_bug.cgi?id=1189788
- Breaks Yast / PackageKit softwaremanager if enabled system wide: Due
to changes in the reporting , especially new reports, this would break
the Yast software manager and Packagekit,
so if you use one of the two technologies enable this feature
explicitly per command: `env ZYPP_SINGLE_RPMTRANS=1 zypper dup`.
New zypper HTTP backend:
Another project we have been working on is parallelizing downloads, for
this a new async downloader backend was implemented.
While it currently won't have massive impact on performance due to the
frontend code not requesting files asynchronously,
it will do some additional mirror rating and as soon as we update the
frontend code will bring more benefits.
This can be enabled via setting the env var: ZYPP_MEDIANETWORK=1
If you find any bugs or issues please let us know.
Preferably via:
https://bugzilla.opensuse.org/
Product: openSUSE Tumbleweed
Component: libzypp (or zypper if available)
And please attach the /var/log/zypper.log to the bugreport.
--
Benjamin Zeller<bzeller(a)suse.de>
Systems Programmer
SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nuremberg, Germany
Tel: +49-911-74053-0; Fax: +49-911-7417755;https://www.suse.com/
(HRB 36809, AG Nürnberg)
Managing Director: Felix Imendörffer
How newlib in cross compilers is built at the moment is missing
libg_nano and libc_nano. possible other bits too.
this is cross-arm-none-newlib-devel
this has a consequence not being able to build qmk for example/
also symling to /usr/bin/arm-suse-linux-gnueabi-size seems to miss.
this is in cross-arm-binutils
Regards,
Alin
Without Questions there are no Answers!
______________________________________________________________________
Dr. Alin Marin ELENA
http://alin.elena.space/
______________________________________________________________________
Hi,
After the discussion the last days about creating users and the defaults
used for it, I looked at our defaults and where we deriviate from upstream,
other Linux distributions and other tools we use already today.
We change explicit:
USERGROUPS_ENAB from "yes" to "no".
All other tools we provide and other distros do create usergroups by
default, so I suggest to change it back to "USERGROUPS_ENAB yes".
CREATE_HOME from "yes" to "no".
I did never understand why we disabled this. All other tools we provide
and other distros create the home directory by default. I would suggest
to change that back to "yes".
FORCE_SHADOW from "yes" to "no".
I also don't understand this change. We should revert that change, so
we don't need the hacks in other places to split passwd later during
installation. If we enforce the shadow usage later, why not from the
beginning?
HOME_MODE not set
We should set "HOME_MODE 0700" as other distros do.
Any comments?
Thorsten
--
Thorsten Kukuk, Distinguished Engineer, Senior Architect SLES & MicroOS
SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nuernberg, Germany
Managing Director: Felix Imendoerffer (HRB 36809, AG Nürnberg)
Hello,
QtWebKit was a rendering engine for web content released with Qt until 5.6. It
was replaced with QtWebEngine after that.
Despite a community fork in 2016, nothing really happened to keep it alive and
secure.
Quoting the QtWebKit release page on Github:
"WARNING: This release is based on old WebKit revision with known unpatched
vulnerabilities.
Please use it carefully and avoid visiting untrusted websites and using it for
transmission of sensitive data."
It's time to drop it from openSUSE Tumbleweed.
The good news, most QtWebKit remaining users were just caused by obsolete
'BuildRequires'. Most were cleaned during the week end.
Pending SRs:
- FreeCAD (SR#902666 replaces the dependency)
- qgis (SR#903291 disables the optional dependency)
- owncloud-client (it needs an unrelated code fix)
- notepadqq (SR#903352 replaces the old version with a git snapshot)
Packages that could use snapshots:
- quiterss
The upstream website looks down. There are 2 github repo (QuiteRSS/quiterss2
and QuiteRSS/quiterss). Both don't have hard dependency on QtWebKit.
- leechcraft
Last release in 2014. We're already using snapshots. QtWebKit looks
optional.
The less good news, a couple packages also have to be dropped.
KDE packages that will be dropped:
- trojita (no activity upstream)
- kwebkitpart
- kdewebkit
Packages with no upstream activity and/or no alternative port:
- wkhtmltopdf which is a dependency for python-hide-code and python-pdfkit
- swift-im
- smtube
- goldendict
Christophe
Hi all,
I no longer have the time and patience to keep rstudio up to date and
building in Factory and have unassigned myself as the maintainer. As it
ftbfs at the moment, it will be deleted soon (TM).
If you want to keep it in Factory, please try to fix the current build
failures and ask in the devel project to become the maintainer.
Cheers,
Dan
--
Dan Čermák <dcermak(a)suse.com>
Software Engineer Development tools
SUSE Software Solutions Germany GmbH
Maxfeldstr. 5
90409 Nuremberg
Germany
(HRB 36809, AG Nürnberg)
Managing Director: Felix Imendörffer
Hi,
In Tumbleweed, we have libz-ng-compat1 which can be a drop-in replacement of libz1.
The problem is zypper drop the previous package, before installing the new one, but the lib is required to extract the new RPM.
Any idea how to solve this problem in the spec file?
Log:
********************************************************************************
sudo zypper in libz-ng-compat1
Loading repository data...
Reading installed packages...
Resolving package dependencies...
Problem: the to be installed libz-ng-compat1-2.0.5-1.1.aarch64 conflicts with 'libz1' provided by the installed libz1-1.2.11-18.10.aarch64
Solution 1: deinstallation of libz1-1.2.11-18.10.aarch64
Solution 2: do not install libz-ng-compat1-2.0.5-1.1.aarch64
Choose from above solutions by number or cancel [1/2/c/d/?] (c): 1
Resolving dependencies...
Resolving package dependencies...
The following NEW package is going to be installed:
libz-ng-compat1
The following package is going to be REMOVED:
libz1
1 new package to install, 1 to remove.
Overall download size: 67.9 KiB. Already cached: 0 B. After the operation, 5.7 KiB will be freed.
Continue? [y/n/v/...? shows all options] (y):
Retrieving package libz-ng-compat1-2.0.5-1.1.aarch64 (1/1), 67.9 KiB (142.4 KiB unpacked)
Retrieving: libz-ng-compat1-2.0.5-1.1.aarch64.rpm ......................................................................................................................................................................................................................[done]
Checking for file conflicts: ...........................................................................................................................................................................................................................................[done]
(1/2) Removing libz1-1.2.11-18.10.aarch64 ..............................................................................................................................................................................................................................[done]
(2/2) Installing: libz-ng-compat1-2.0.5-1.1.aarch64 ...................................................................................................................................................................................................................[error]
Installation of libz-ng-compat1-2.0.5-1.1.aarch64 failed:
Error: Subprocess failed. Error: RPM failed: rpm: error while loading shared libraries: libz.so.1: cannot open shared object file: No such file or directory
Abort, retry, ignore? [a/r/i] (a):
Problem occurred during or after installation or removal of packages:
Installation has been aborted as directed.
Please see the above error message for a hint.
********************************************************************************
Cheers,
Guillaume
Dear Package maintainers and hackers.
Below package(s) in openSUSE:Factory have been failing to build for at
least 4 weeks. We tried to send out notifications to the
configured bugowner/maintainers of the package(s), but so far no
fix has been submitted. This probably means that the
maintainer/bugowner did not yet find the time to look into the
matter and he/she would certainly appreciate help to get this
sorted.
- libraqm
- plasma-mycroft
- rabbitmq-server
Unless somebody is stepping up and submitting fixes, the listed
package(s) are going to be removed from openSUSE:Factory.
Kind regards,
DimStar / Dominique Leuenberger <dimstar(a)opensuse.org>