openSUSE Factory September 2021

factory@lists.opensuse.org

109 participants
93 discussions

[opensuse-factory] Can we assume that /bin/sh is bash?

by Martin Wilck

Hi Jan, all, I'd like to carry our OBS dicussion to a wider audience (https://build.opensuse.org/request/show/672510). The question is whether we can assume that "/bin/sh" links to bash, in particular whether rpm scriptlets without explicit -p interpreter can be assumed to interpreted by bash. I'm aware that, in principle, /bin/sh is supposed to be the Bourne shell on Unix systems. But as a matter of fact, on current openSUSE, it is not. Unless it's tampered with, /bin/sh is a symlink to /bin/bash. bash is not started in full POSIX mode if invoked as /bin/sh, and even if it's in POSIX mode, it supports some extensions over the POSIX shell spec (e.g. the [[ ]] construct), which makes it behave differently than another shell not supporting [[ ]] would (*). Problably there are more differences, I can't claim to know them all. Here are some arguments why I think it'd be reasonable to assume that /bin/sh is bash on openSUSE: 1. patterns-base-minimal_base depends on bash, and the /bin/sh symlink is a non-configurable part of the "bash" package. 2. we could handle /bin/sh via /etc/alternatives, but we don't. 3. our Wiki suggests testing failing scriplets using "bash -xv" (https://en.opensuse.org/openSUSE:Packaging_scriptlet_snippets) 4. /bin/sh has pointed to bash for a long time (not sure how long exactly). FTR, Fedora basically guarantees (sh == bash) for the purpose of rpm scriptlets (https://fedoraproject.org/wiki/Packaging:Scriptlets). So Fedora <-> openSUSE portability may also be an issue to consider. If we can't assume that /bin/sh is bash, what else can we assume? I recall from earlier work that writing really 100% compatible shell code for all kinds of environments is really hard. E.g., "[" isn't 100% portable either, even though it's part of the POSIX "test" standard (http://pubs.opengroup.org/onlinepubs/9699919799/utilities/test.html). We should have clear rules which syntax expressions can be used in rpm scriptlets, and which can't. IMO we should define one of the various existing shells as a reference by saying "if it's supported by this shell, it's valid scriptlet code". That'd be easier (especially for testing compliance) than referring to a spec. That reference shell doesn't have to be bash, of course. Thanks Martin (*) For example: # ln -s /usr/bin/echo '/usr/bin/[[' # ls -l /bin/sh lrwxrwxrwx 1 root root 4 Feb 8 10:38 /bin/sh -> bash # /bin/sh --posix -c '[[ 2 = 1 ]] && echo yes' # dash -c '[[ 2 = 1 ]] && echo yes' 2 -eq 1 ]] yes -- Dr. Martin Wilck <mwilck(a)suse.com>, Tel. +49 (0)911 74053 2107 SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton HRB 21284 (AG Nürnberg) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org

1 month, 4 weeks

New Tumbleweed snapshot 20210325 released!

by Dominique Leuenberger

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: PackageKit checkpolicy (3.1 -> 3.2) cppcheck (2.3 -> 2.4.1) cups e2fsprogs (1.46.1 -> 1.46.2) elfutils elfutils-debuginfod emacs-w3m (1.4.632 -> 1.4.632+396+g051dba16) enchant (2.2.8 -> 2.2.15) evolution-data-server evolution-ews ffmpeg-4 (4.3.1 -> 4.3.2) gnome-shell java-11-openjdk kernel-firmware (20210208 -> 20210315) libnettle (3.7.1 -> 3.7.2) libnice (0.1.17 -> 0.1.18) libselinux (3.1 -> 3.2) libselinux-bindings (3.1 -> 3.2) libsemanage (3.1 -> 3.2) libtpms (0.7.4 -> 0.7.7) libvirt links (2.21 -> 2.22) man-pages (5.10 -> 5.11) mc (4.8.25 -> 4.8.26) openblas_pthreads (0.3.13 -> 0.3.14) p7zip perl-Net-HTTP (6.20 -> 6.21) policycoreutils (3.1 -> 3.2) python-semanage (3.1 -> 3.2) redis rng-tools (6.11 -> 6.12) rubygem-bootsnap (1.7.2 -> 1.7.3) rubygem-rspec-rails (5.0.0 -> 5.0.1) setools (4.3.0 -> 4.4.0) snapper (0.8.15 -> 0.8.16) spirv-tools taglib (1.11.2~git20190725.79bc9ccf -> 1.12) thunar (4.16.5 -> 4.16.6) === Details === ==== PackageKit ==== Subpackages: PackageKit-backend-zypp PackageKit-gstreamer-plugin PackageKit-gtk3-module PackageKit-lang libpackagekit-glib2-18 typelib-1_0-PackageKitGlib-1_0 - Add PackageKit-remove-transaction-size-limit.patch: Remove large transaction size sanity check (gh#hughsie/PackageKit/commit#ac5c8660) ==== checkpolicy ==== Version update (3.1 -> 3.2) - Update to version 3.2 * Fix a memleak and an integer overflow ==== cppcheck ==== Version update (2.3 -> 2.4.1) - update to 2.4.1: * fix for windows installer, no other changes - update to 2.4: * Detect one definition rule violations * MISRA improvements * ImportProject fixes * Various bug hunting improvements * Fixes when importing AST from clang ==== cups ==== Subpackages: cups-client cups-config libcups2 libcups2-32bit libcupsimage2 - fix-negotiate-authentication-between-CGIs-and-scheduler.patch fixes web UI Kerberos authentication (bsc#1175960) - Remove code comments from expanded scriptlets to reduce size ==== e2fsprogs ==== Version update (1.46.1 -> 1.46.2) Subpackages: e2fsprogs-scrub libcom_err2 libcom_err2-32bit libext2fs2 - e2fsprogs 1.46.2: * tune2fs -c now takes "random" argument * Add support for the FS_NOCOMP_FL flag to chattr and lsattr * Fix warnings when resizing small file systems to a super-large * Fix the debugfs rdump and ls commands so they will work correctly for uid's and gid's => 65536 * Fix the debugfs write and symlink commands so they support targets which contain a pathname * Fix Direct I/O support on block devices where the logical block size is greater 1k * Fix debugfs's logdump so it works on file systems whose block size is greater than 8k * Fix a crash when there is error while e2fsck is trying to open the file system, and e2fsck calls ext2fs_mmp_stop() before MMP has been initialized * Improved error checking in the fast commit replay code in e2fsck * Fix various compiler and Coverity warnings * Update the Spanish translation from the translation project ==== elfutils ==== Subpackages: elfutils-lang libasm1 libdw1 libelf1 - Add disable-run-readelf-self-test.patch in order to disable a failing test-case with GCC 11 (PR27367). ==== elfutils-debuginfod ==== - Enable https://debuginfod.opensuse.org/ debuginfod server by default now. - Add disable-run-readelf-self-test.patch in order to disable a failing test-case with GCC 11 (PR27367). ==== emacs-w3m ==== Version update (1.4.632 -> 1.4.632+396+g051dba16) - Update to version 1.4.632+396+g051dba16: * Don't show a backstage while performing `text-scale-adjust' * Make text-scale-adjust work * Fix it again * shimbun.el (shimbun-xml-parse-buffer): Fix typo * ChangeLog: fix date entries * * shimbun.el (shimbun-xml-parse-buffer): Work around malformed xml * Update copyright years * Docfix so not to be wider than 80 chars * Bugfix 'w3m-previous-image doesn't work' ([emacs-w3m:13747]) * Fix typo in ChangeLog ==== enchant ==== Version update (2.2.8 -> 2.2.15) Subpackages: enchant-2-backend-hunspell enchant-data libenchant-2-2 - Update to version 2.2.15: + Specify that nuspell >= 4.1.0 is required. + Fix some space leaks in the tests. + The nuspell backend is updated for newer versions. + Make the enchant program output its version to standard output, not standard error. This may help some programs that use this output. + Fix a bug in the Voikko and Zemberek back-ends that could cause spell checking and suggestion to fail. + Make enchant silently ignore -B flag, for better Emacs compatibility. + Make enchant_broker_list_dicts sort the tags, so that enchant-lsmod?s output is sorted. + Minor build system improvement: don?t use -D_FORTIFY_SOURCE, which can cause problems on Windows, and should be configured by the compiler vendor if desired. + Fix Hunspell backend to treat apostrophes as Hunspell does: if either straight or curly apostrophe is a word character, allow both. + Fix a couple of space leaks in the Nuspell back end. - Drop Fix_back-ends_that_want_a_NUL-terminated_string.patch: fixed upstream. ==== evolution-data-server ==== Subpackages: evolution-data-server-lang libcamel-1_2-62 libebackend-1_2-10 libebook-1_2-20 libebook-contacts-1_2-3 libecal-2_0-1 libedata-book-1_2-26 libedata-cal-2_0-1 libedataserver-1_2-25 libedataserverui-1_2-2 - Add evolution-data-server-boo1182882.patch: fix buffer overrun when parsing base64 data (boo#1182882). ==== evolution-ews ==== Subpackages: evolution-ews-lang - Add evolution-ews-boo1182882.patch: fix buffer overrun when parsing base64 data (boo#1182882). ==== ffmpeg-4 ==== Version update (4.3.1 -> 4.3.2) Subpackages: libavcodec58_91 libavdevice58_10 libavfilter7_85 libavformat58_45 libavresample4_0 libavutil56_51 libpostproc55_7 libswresample3_7 libswscale5_7 - update to 4.3.2: * lots of oss-fuzz reported overflow fixes, see included ChangeLog - drop ffmpeg.git-ba3e771a42c29ee02c34e7769cfc1b2dbc5c760a.patch 0001-lavf-srt-fix-build-fail-when-used-the-libsrt-1.4.1.patch 0001-avformat-vividas-improve-extradata-packing-checks-in.patch: upstream ==== gnome-shell ==== Subpackages: gnome-shell-calendar gnome-shell-lang - Disable gnome-shell-jsc#SLE-16051-Input-method-recommendation.patch: Clears existing keyboard on gnome-shell restart (boo#1183823). - Update gnome-shell-jsc#SLE-16051-Input-method-recommendation.patch: Modify the Japanese input engine load order which will more fit for our community(bnc#1183475); ==== java-11-openjdk ==== Subpackages: java-11-openjdk-headless - Added patches: * system-crypto-policy.patch + Let OpenJDK use system crypto policies unless explicitely told not to * nss-security-provider.patch + Add the NSS security provider with configuration in generated nss.cfg file * keytool-default-rsa.patch + Make keytool generate RSA keys by default, since only the LEGACY system crypto policy allows DSA ==== kernel-firmware ==== Version update (20210208 -> 20210315) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd - Update to version 20210315 (git commit 3568f962908c): * linux-firmware: Update firmware file for Intel Bluetooth AX210 * linux-firmware: Update firmware file for Intel Bluetooth AX200 * linux-firmware: Update firmware file for Intel Bluetooth AX201 * rtw88: 8822c: Update normal firmware to v9.9.6 * iwlwifi: add new FWs from core59-66 release * iwlwifi: update 9000-family firmwares * iwlwifi: update 7265D firmware * Mellanox: Add new mlxsw_spectrum firmware xx.2008.2406 * linux-firmware: add frimware for mediatek bluetooth chip (MT7921) * rtw89: 8852a: add firmware v0.9.12.2 * WHENCE: add missing symlink for BananaPi M3 * Add symlink for BananaPi M2 to brcmfmac43430-sdio config * brcm: Fix Raspberry Pi 4B NVRAM file * silabs: add new firmware for WF200 * amdgpu: add initial firmware for green sardine * rtw88: RTL8822C: Update normal firmware to v9.9.5 - Drop obsoleted patch: Revert-brcm-rpi4-boardflags3-bit.patch - Update topics and aliases ==== libnettle ==== Version update (3.7.1 -> 3.7.2) Subpackages: libhogweed6 libhogweed6-32bit libnettle8 libnettle8-32bit - GNU Nettle 3.7.2: * fix a bug in ECDSA signature verification that could lead to a denial of service attack (via an assertion failure) or possibly incorrect results (boo#1183835) * fix a few related problems where scalars are required to be canonically reduced modulo the ECC group order, but in fact may be slightly larger ==== libnice ==== Version update (0.1.17 -> 0.1.18) Subpackages: gstreamer-libnice libnice10 - Update descriptions to be closer to the other GNOME packages. - Update to 0.1.18: * Remove the autotools build system, now only meson is available * Accept receiving messages in multiple steps over TCP * Accept duplicated ports as last option instead of spinning forever * Use sendmmsg if possible to send multiple packets in one call * Fail gathering if no port is available * Hide the implementation of NiceCandidate, this hides some parts that were previously visible * Enable TURN server connects where both TCP and UDP use the same port number * Don't count rejected STUN messages as keepalive packets * On Windows, the improvements and fixes - use crypto library instead of CryptGenRandom() which is deprecated - use GetBestInterfaceEx() for UWP compatibility - fix the listing of interfaces to use the correct APIs - implement ignoring interfaces * Add buildrquires: gobject-introspection-devel and meson * The move from autoFOO to meson ==== libselinux ==== Version update (3.1 -> 3.2) Subpackages: libselinux1 libselinux1-32bit selinux-tools - Switch to pcre2: + Replace pcre-devel BuildRequires with pkgconfig(libpcre2-8) + Pass USE_PCRE2=y to make. + Replace pkgconfig(libpcre) Requires in -devel static with pkgconfig(libpcre2-8). - Update to version 3.2: * Use mmap()'ed kernel status page instead of netlink by default. See "KERNEL STATUS PAGE" section in avc_init(3) for more details. * New log callback levels for enforcing and policy load notices - SELINUX_POLICYLOAD, SELINUX_SETENFORCE * Changed userspace AVC setenforce and policy load messages to audit format. ==== libselinux-bindings ==== Version update (3.1 -> 3.2) - Switch to pcre2: + Replace pcre-devel BuildRequires with pkgconfig(libpcre2-8) + Pass USE_PCRE2=y to make. - Update to version 3.2: * Use mmap()'ed kernel status page instead of netlink by default. See "KERNEL STATUS PAGE" section in avc_init(3) for more details. * New log callback levels for enforcing and policy load notices - SELINUX_POLICYLOAD, SELINUX_SETENFORCE * Changed userspace AVC setenforce and policy load messages to audit format. ==== libsemanage ==== Version update (3.1 -> 3.2) - Link to correct so version - Minor spec file cleanups - Move configuration file to separate libsemanage-conf package to allow for parallel installation in future versions - Update to version 3.2 * dropped old and deprecated symbols and functions libsemanage version was bumped to libsemanage.so.2 * libsemanage tries to sync data to prevent empty files in SELinux module store ==== libtpms ==== Version update (0.7.4 -> 0.7.7) - Update to version 0.7.7 * CryptSym: fix AES output IV (bsc#1183729, CVE-2021-3446) * tpm2: Fix public key context save due to ANY_OBJECT_Marshal usage * tpm2: Address some Coverity issues (false positives) * tpm1.2: Backported ASAN/UBSAN related fixes * tpm2: Return properly sized array for b parameter for NIST P521 (HLK) * tpm2: Addressed issues detected by UBSAN * tpm2: Addressed issues detected by cppcheck (false positives) ==== libvirt ==== Subpackages: libvirt-bash-completion libvirt-client libvirt-daemon libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lxc libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs - spec: Fix exec-restart of virtlockd and virtlogd on package upgrade bsc#1183411 - spec: Move netcat-openbsd requirement from the libs to the daemon subpackage. It is only needed by the daemon and introduces an unneeded dependency for users of libvirt-libs. ==== links ==== Version update (2.21 -> 2.22) - update to 2.22: * Save and restore the terminal using xterm escape codes * Save and restore the console using "cons.saver" from Midnight Commander * Support UTF-8 frames * Fixed a bug in displaying non-printable characters ==== man-pages ==== Version update (5.10 -> 5.11) - version update to 5.11 http://linux-man-pages.blogspot.com/2021/03/man-pages-511-is-released.html - modified patches % man-pages-tty_ioctl.patch (refreshed) ==== mc ==== Version update (4.8.25 -> 4.8.26) Subpackages: mc-lang - Midnight Commander 4.8.26: * Support file names of any length * Implement persistent command line buffer for subshell (bash >= 4, zsh and fish are supported) * Implement shadows of dialog windows and menus * Allow running clipboard commands if DISPLAY is not set * Add support of "alacritty", "tmux", and "tmux-256color" terminals * VFS: Support wim archive format (using wimtools) * VFS: Support pak archive format (using unar) * Editor: Add Swift syntax highlighting * Various bug fixes ==== openblas_pthreads ==== Version update (0.3.13 -> 0.3.14) - Update openblas-ppc64be_up2_p8.patch trimed by previous sr (still need changes in Makefile.system) - Update to version 0.3.14 common: * Fixed a race condition on thread shutdown in non-OpenMP builds * Fixed custom BUFFERSIZE option getting ignored in gmake builds * Fixed CMAKE compilation of the TRMM kernels for GENERIC platforms * Added CBLAS interfaces for CROTG, ZROTG, CSROT and ZDROT * Improved performance of OMATCOPY_RT across all platforms * Changed perl scripts to use env instead of a hardcoded /usr/bin/perl * Fixed potential misreading of the GCC compiler version in the build scripts * Fixed convergence problems in LAPACK complex GGEV/GGES (Reference-LAPACK #477) * Reduced the stacksize requirements for running the LAPACK testsuite (Reference-LAPACK #335) RISC V: * Fixed compilation on RISCV (missing entry in getarch) POWER: * Fixed compilation for DYNAMIC_ARCH with clang and with older gcc versions * Added support for compilation on FreeBSD/ppc64le * Added optimized POWER10 kernels for SSCAL, DSCAL, CSCAL, ZSCAL * Added optimized POWER10 kernels for SROT, DROT, CDOT, SASUM, DASUM * Improved SSWAP, DSWAP, CSWAP, ZSWAP performance on POWER10 * Improved SCOPY and CCOPY performance on POWER10 * Improved SGEMM and DGEMM performance on POWER10 * Added support for compilation with the NVIDIA HPC compiler x86_64: * Added an optimized bfloat16 GEMM kernel for Cooperlake * Added CPUID autodetection for Intel Rocket Lake and Tiger Lake cpus * Improved the performance of SASUM,DASUM,SROT,DROT on AMD Ryzen cpus * Added support for compilation with the NAG Fortran compiler * Fixed recognition of the AMD AOCC compiler * Fixed compilation for DYNAMIC_ARCH with clang on Windows * Added support for running the BLAS/CBLAS tests on Windows * Fixed signatures of the tls callback functions for Windows x64 * Fixed various issues with fma intrinsics support handling ARM: * Support compilation for embedded Cortex M4 targets via a new option EMBEDDED ARM64: * Fixed the THUNDERX2T99 and NEOVERSEN1 DNRM2/ZNRM2 kernels for inputs with Inf * Added support for the DYNAMIC_LIST option * Added support for compilation with the NVIDIA HPC compiler * Added support for compiling with the NAG Fortran compiler - Remove 0001-Require-gcc-11-for-builtin_cpu_is-power10.patch 0002-patch-to-support-power10-in-builtin_cpu_is-was-backp.patch Upstream fixed in a different way. ==== p7zip ==== Subpackages: p7zip-full - Add patch from Debian to fix build with GCC 11 (boo#1181880) * 0001-Fix-g-warning.patch ==== perl-Net-HTTP ==== Version update (6.20 -> 6.21) - updated to 6.21 see /usr/share/doc/packages/perl-Net-HTTP/Changes 6.21 2021-03-18 21:56:42Z - Accept PeerAddr of 0. (GH#72) (trwyant) ==== policycoreutils ==== Version update (3.1 -> 3.2) Subpackages: policycoreutils-lang python3-policycoreutils - Update to version 3.2 * Tools using sepolgen, e.g. audit2allow, print extended permissions in hexadecimal * sepolgen sorts extended rules like normal ones * `setfiles` doesn't abort on labeling errors - Refreshed get_os_version.patch ==== python-semanage ==== Version update (3.1 -> 3.2) - Minor spec file cleanups - Update to version 3.2 * dropped old and deprecated symbols and functions libsemanage version was bumped to libsemanage.so.2 * libsemanage tries to sync data to prevent empty files in SELinux module store ==== redis ==== - replaced /var/run with /run for all PID file paths ==== rng-tools ==== Version update (6.11 -> 6.12) - update to 6.12: * Fix compiler warning over log message format * Fix some typos in force-reseed documentation in rngd man page * Improve --list option so that we properly capture entropy sources that are available and configured on at build time, but failed initalization at run time (due to lack of hw, or some other error, etc) * Drop the use of libsysfs - we only used it to access a single file, and we can do so with a simple open/read/close. Given the lack of maintenance of libsysfs, we can save lots of effort by dropping this lib ==== rubygem-bootsnap ==== Version update (1.7.2 -> 1.7.3) Subpackages: ruby2.7-rubygem-bootsnap ruby3.0-rubygem-bootsnap - updated to version 1.7.3 * Disable YAML precompilation when encountering YAML tags. (#351) ==== rubygem-rspec-rails ==== Version update (5.0.0 -> 5.0.1) - updated to version 5.0.1 [Full Changelog](https://github.com/rspec/rspec-rails/compare/v5.0.0...v5.0.1) Bug Fixes: * Limit multibyte example descriptions when used in system tests for #method_name which ends up as screenshot names etc. (@y-yagi, #2405, #2487) ==== setools ==== Version update (4.3.0 -> 4.4.0) - Update to the version 4.4.0: * Added support for old Boolean name substitution in seinfo and sesearch. * Added sechecker tool which is a configuration file driven analysis tool. ==== snapper ==== Version update (0.8.15 -> 0.8.16) Subpackages: libsnapper5 snapper-zypp-plugin - fixed creating root config (root prefix handling) (gh#openSUSE/snapper#627) ==== spirv-tools ==== - Add -Wno-error ==== taglib ==== Version update (1.11.2~git20190725.79bc9ccf -> 1.12) Subpackages: libtag1 libtag_c0 - Add missing zlib dependency in devel package - reference download url of tarball - Update to version 1.12: * Added support for WinRT. * Added support for Linux on POWER. * Added support for classical music tags of iTunes 12.5. * Added support for file descriptor to FileStream. * Added support for 'cmID', 'purl', 'egid' MP4 atoms. * Added support for 'GRP1' ID3v2 frame. * Added support for extensible WAV subformat. * Enabled FileRef to detect file types based on the stream content. * Dropped support for Windows 9x and NT 4.0 or older. * Check for mandatory header objects in ASF files. * More tolerant handling of RIFF padding, WAV files, broken MPEG streams. * Improved calculation of Ogg, Opus, Speex, WAV, MP4 bitrates. * Improved Windows compatibility by storing FLAC picture after comments. * Fixed numerical genres in ID3v2.3.0 'TCON' frames. * Fixed consistency of API removing MP4 items when empty values are set. * Fixed consistency of API preferring COMM frames with no description. * Fixed OOB read on invalid Ogg FLAC files (CVE-2018-11439). * Fixed handling of empty MPEG files. * Fixed parsing MP4 mdhd timescale. * Fixed reading MP4 atoms with zero length. * Fixed reading FLAC files with zero-sized seektables. * Fixed handling of lowercase field names in Vorbis Comments. * Fixed handling of 'rate' atoms in MP4 files. * Fixed handling of invalid UTF-8 sequences. * Fixed possible file corruptions when saving Ogg files. * Fixed handling of non-audio blocks, sampling rates, DSD audio in WavPack files. * TableOfContentsFrame::toString() improved. * UserTextIdentificationFrame::toString() improved. * Marked FileRef::create() deprecated. * Marked MPEG::File::save() with boolean parameters deprecated, provide overloads with enum parameters. * Several smaller bug fixes and performance improvements. - Remove obsolete patches: * taglib-versionbump.patch * 0001-Changed-libdir-includedir-variables-to-change-based-.patch ==== thunar ==== Version update (4.16.5 -> 4.16.6) Subpackages: libthunarx-3-0 thunar-lang - Update to version 4.16.6 * Reload current directory before selecting new files (gxo#xfce/thunar#524) * tree-view: Hide menu-item "properties" for unmounted devices * Removed 'the root folder has no parent' dialog box * Revamp documentation to modernize/uniformize accross components * Remove watches on shortcuts (gxo#xfce/thunar#513, gxo#xfce/thunar#47) * Translation Updates

2 months

Call for testers: zypp tech preview

by Benjamin Zeller

In the last months the zypp team worked on the basics for speeding up and modernizing the zypper/libzypp codebase. Some of those projects are now available to Tumbleweed and can be enabled and tested. Please keep in mind that those changes currently are tech previews, so zypper might crash or even break your system. New RPM transaction backend for zypper: Traditionally zypper executes rpm separately for each operation in a transaction. This requires some hacks and workarounds and is not fully compatible to running all operations in one single transaction. It is also a lot slower for big transactions ( like dup with many packages ). Therefore we have implemented a new backend that runs all operations in a single big transaction via librpm. It can be enabled by setting: ZYPP_SINGLE_RPMTRANS=1 in zyppers environment. Issues/Changes with ZYPP_SINGLE_RPMTRANS=1 zypper ... : - Changes how file conflicts work, since they are now executed by librpm we are not able to generate a callback to ask the user if the error should be ignored. In the presence of file conflicts, the transaction will report an error and will not execute unless --replacefiles is also used. - Currently there is also a issue that could potentially break your system in very specific preconditions. We put in a safety net that will protect you on Tumbleweed, however it still remains a issue for all systems that are PREUsrMerge and use the single transaction mode to apply the update. For example if you are on Leap and want to upgrade to Tumbleweed. This is the bug in question: https://bugzilla.suse.com/show_bug.cgi?id=1189788 - Breaks Yast / PackageKit softwaremanager if enabled system wide: Due to changes in the reporting , especially new reports, this would break the Yast software manager and Packagekit, so if you use one of the two technologies enable this feature explicitly per command: `env ZYPP_SINGLE_RPMTRANS=1 zypper dup`. New zypper HTTP backend: Another project we have been working on is parallelizing downloads, for this a new async downloader backend was implemented. While it currently won't have massive impact on performance due to the frontend code not requesting files asynchronously, it will do some additional mirror rating and as soon as we update the frontend code will bring more benefits. This can be enabled via setting the env var: ZYPP_MEDIANETWORK=1 If you find any bugs or issues please let us know. Preferably via: https://bugzilla.opensuse.org/ Product: openSUSE Tumbleweed Component: libzypp (or zypper if available) And please attach the /var/log/zypper.log to the bugreport. -- Benjamin Zeller<bzeller(a)suse.de> Systems Programmer SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nuremberg, Germany Tel: +49-911-74053-0; Fax: +49-911-7417755;https://www.suse.com/ (HRB 36809, AG Nürnberg) Managing Director: Felix Imendörffer

3 months, 2 weeks

newlib in cross arm compilers missing nano

by Alin Marin Elena

How newlib in cross compilers is built at the moment is missing libg_nano and libc_nano. possible other bits too. this is cross-arm-none-newlib-devel this has a consequence not being able to build qmk for example/ also symling to /usr/bin/arm-suse-linux-gnueabi-size seems to miss. this is in cross-arm-binutils Regards, Alin Without Questions there are no Answers! ______________________________________________________________________ Dr. Alin Marin ELENA http://alin.elena.space/ ______________________________________________________________________

4 months, 3 weeks

useradd - adjust defaults to other tools and distributions?

by Thorsten Kukuk

Hi, After the discussion the last days about creating users and the defaults used for it, I looked at our defaults and where we deriviate from upstream, other Linux distributions and other tools we use already today. We change explicit: USERGROUPS_ENAB from "yes" to "no". All other tools we provide and other distros do create usergroups by default, so I suggest to change it back to "USERGROUPS_ENAB yes". CREATE_HOME from "yes" to "no". I did never understand why we disabled this. All other tools we provide and other distros create the home directory by default. I would suggest to change that back to "yes". FORCE_SHADOW from "yes" to "no". I also don't understand this change. We should revert that change, so we don't need the hacks in other places to split passwd later during installation. If we enforce the shadow usage later, why not from the beginning? HOME_MODE not set We should set "HOME_MODE 0700" as other distros do. Any comments? Thorsten -- Thorsten Kukuk, Distinguished Engineer, Senior Architect SLES & MicroOS SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nuernberg, Germany Managing Director: Felix Imendoerffer (HRB 36809, AG Nürnberg)

5 months

QtWebkit will be removed from openSUSE Tumbleweed soon

by Christophe Giboudeaux

Hello, QtWebKit was a rendering engine for web content released with Qt until 5.6. It was replaced with QtWebEngine after that. Despite a community fork in 2016, nothing really happened to keep it alive and secure. Quoting the QtWebKit release page on Github: "WARNING: This release is based on old WebKit revision with known unpatched vulnerabilities. Please use it carefully and avoid visiting untrusted websites and using it for transmission of sensitive data." It's time to drop it from openSUSE Tumbleweed. The good news, most QtWebKit remaining users were just caused by obsolete 'BuildRequires'. Most were cleaned during the week end. Pending SRs: - FreeCAD (SR#902666 replaces the dependency) - qgis (SR#903291 disables the optional dependency) - owncloud-client (it needs an unrelated code fix) - notepadqq (SR#903352 replaces the old version with a git snapshot) Packages that could use snapshots: - quiterss The upstream website looks down. There are 2 github repo (QuiteRSS/quiterss2 and QuiteRSS/quiterss). Both don't have hard dependency on QtWebKit. - leechcraft Last release in 2014. We're already using snapshots. QtWebKit looks optional. The less good news, a couple packages also have to be dropped. KDE packages that will be dropped: - trojita (no activity upstream) - kwebkitpart - kdewebkit Packages with no upstream activity and/or no alternative port: - wkhtmltopdf which is a dependency for python-hide-code and python-pdfkit - swift-im - smtube - goldendict Christophe

6 months, 2 weeks

Re: openSUSE:Factory - rstudio - Build fail notification

by Dan Čermák

Hi all, I no longer have the time and patience to keep rstudio up to date and building in Factory and have unassigned myself as the maintainer. As it ftbfs at the moment, it will be deleted soon (TM). If you want to keep it in Factory, please try to fix the current build failures and ask in the devel project to become the maintainer. Cheers, Dan -- Dan Čermák <dcermak(a)suse.com> Software Engineer Development tools SUSE Software Solutions Germany GmbH Maxfeldstr. 5 90409 Nuremberg Germany (HRB 36809, AG Nürnberg) Managing Director: Felix Imendörffer

7 months

Tumbleweed with /bin /sbin /lib /lib64 move why is /opt not moved?

by Larry Len Rainey

7 months

Packaging issue for libz1/libz-ng-compat1

by Guillaume Gardet

Hi, In Tumbleweed, we have libz-ng-compat1 which can be a drop-in replacement of libz1. The problem is zypper drop the previous package, before installing the new one, but the lib is required to extract the new RPM. Any idea how to solve this problem in the spec file? Log: ******************************************************************************** sudo zypper in libz-ng-compat1 Loading repository data... Reading installed packages... Resolving package dependencies... Problem: the to be installed libz-ng-compat1-2.0.5-1.1.aarch64 conflicts with 'libz1' provided by the installed libz1-1.2.11-18.10.aarch64 Solution 1: deinstallation of libz1-1.2.11-18.10.aarch64 Solution 2: do not install libz-ng-compat1-2.0.5-1.1.aarch64 Choose from above solutions by number or cancel [1/2/c/d/?] (c): 1 Resolving dependencies... Resolving package dependencies... The following NEW package is going to be installed: libz-ng-compat1 The following package is going to be REMOVED: libz1 1 new package to install, 1 to remove. Overall download size: 67.9 KiB. Already cached: 0 B. After the operation, 5.7 KiB will be freed. Continue? [y/n/v/...? shows all options] (y): Retrieving package libz-ng-compat1-2.0.5-1.1.aarch64 (1/1), 67.9 KiB (142.4 KiB unpacked) Retrieving: libz-ng-compat1-2.0.5-1.1.aarch64.rpm ......................................................................................................................................................................................................................[done] Checking for file conflicts: ...........................................................................................................................................................................................................................................[done] (1/2) Removing libz1-1.2.11-18.10.aarch64 ..............................................................................................................................................................................................................................[done] (2/2) Installing: libz-ng-compat1-2.0.5-1.1.aarch64 ...................................................................................................................................................................................................................[error] Installation of libz-ng-compat1-2.0.5-1.1.aarch64 failed: Error: Subprocess failed. Error: RPM failed: rpm: error while loading shared libraries: libz.so.1: cannot open shared object file: No such file or directory Abort, retry, ignore? [a/r/i] (a): Problem occurred during or after installation or removal of packages: Installation has been aborted as directed. Please see the above error message for a hint. ******************************************************************************** Cheers, Guillaume

7 months, 1 week

openSUSE:Factory - Build fail notification

by DimStar / Dominique Leuenberger

Dear Package maintainers and hackers. Below package(s) in openSUSE:Factory have been failing to build for at least 4 weeks. We tried to send out notifications to the configured bugowner/maintainers of the package(s), but so far no fix has been submitted. This probably means that the maintainer/bugowner did not yet find the time to look into the matter and he/she would certainly appreciate help to get this sorted. - libraqm - plasma-mycroft - rabbitmq-server Unless somebody is stepping up and submitting fixes, the listed package(s) are going to be removed from openSUSE:Factory. Kind regards, DimStar / Dominique Leuenberger <dimstar(a)opensuse.org>

7 months, 1 week

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

openSUSE Factory September 2021