SUSE-RU-2015:1175-1: moderate: Recommended update for Package Management Stack

sle-updates at lists.suse.com sle-updates at lists.suse.com
Thu Jul 2 10:05:24 MDT 2015


   SUSE Recommended Update: Recommended update for Package Management Stack
______________________________________________________________________________

Announcement ID:    SUSE-RU-2015:1175-1
Rating:             moderate
References:         #725867 #820693 #828631 #832519 #848054 #892431 
                    #893294 #896224 #897301 #899510 #899603 #899781 
                    #899907 #901590 #901691 #903405 #903675 #904737 
                    #906549 #908135 #908345 #908976 #909143 #909244 
                    #909772 #911335 #911658 #914258 #914284 #915461 
                    #915928 #916254 #919709 #921332 #922352 #923800 
                    #925678 #925696 #927319 #929483 #929528 #929593 
                    #929990 #931601 #932393 #933277 
Affected Products:
                    SUSE Linux Enterprise Workstation Extension 12
                    SUSE Linux Enterprise Software Development Kit 12
                    SUSE Linux Enterprise Server 12
                    SUSE Linux Enterprise Desktop 12
______________________________________________________________________________

   An update that solves one vulnerability and has 45 fixes is
   now available.

Description:

   This update provides fixes and enhancements for the Software Update Stack.

   gnome-packagekit:

   - Fix title of license agreement window. (bsc#927319)

   libsolv:

   - Rework splitprovides handling. (bnc#921332)
   - Add product:regflavor attribute. (bnc#896224)
   - Fix bug in reorder_dq_for_jobrules that could lead to crashes.
     (bnc#899907)
   - Fix bug in dislike_old_versions that could lead to a segfault.
     (bnc#922352)
   - Add manpages for the tools.

   libzypp:

   - Add configuration values for gpgcheck, repo_gpgcheck and pkg_gpgcheck to
     zypp.conf. (FATE#314603)
   - Support $releasever_major/$releasever_minor repo variables. (FATE#318354)
   - Support repo variable replacement in service url.
   - Support repo variable replacement in gpg url.
   - Add support for SHA224/384/512.
   - Don't execute scripts in /tmp or /var/tmp, as they could be mounted
     noexec for security reasons. (bnc#915928)
   - Let $ZYPP_REPO_RELEASEVER overwrite $releasever in .repo files.
     (bnc#911658)
   - Parse and offer productRegisterFlavor attribute. (bnc#896224)
   - Improve conflict message for locked packages. (bnc#828631)
   - Fix broken de-escaping in str::splitEscaped. (bnc#909772)
   - Filter PIDs running in a container. (bnc#909143)
   - Suppress informal license (no need to accept) upon update. (bnc#908976)
   - Adapt to gpg-2.1. (bnc#908135)
   - Call rpm with '--noglob'. (bnc#892431)
   - Fix URL path concatenation in MediaCurl. (bnc#901590)
   - Move doxygen html doc to libzypp-devel-doc. (bnc#901691)
   - Support parsing multiple baseurls from a repo file. (bnc#899510)
   - Suppress MediaChangeReport while testing multiple baseurls. (bnc#899510)
   - Fix handling local mirrorlist= files in .repo. (bnc#899510)
   - Prevent POODLE by talking TLS only. (bnc#903405)
   - Fix segmentation fault when dumping rpm header with epoch. (bnc#929483)
   - Handle repository aliases containing ']' correctly. (bnc#929528)
   - Avoid nested exception on user abort. (bnc#931601)
   - Fix SSL client certificate authentication via URL option
     ssl_clientcert/ssl_clientkey. (bnc#932393)

   libzypp-bindings:

   - Enforce Python 2.7 libzypp-bindings is not yet ready for Python 3.
   - Adapt to libzypp changes.

   zypper:

   - Implement and document GPG signature checking. (FATE#314603)
   - Enhance 'Digest verification failed' message and dialog. (FATE#315008)
   - Refresh plugin services on 'lr' 'ls -r' and 'ref'. (bnc#893294,
     FATE#318117) Repositories provided by a plugin service (SUSE Manager)
     must always be (auto-)refreshed to reflect server side changes
     immediately.
   - Allow repo:package to reinstall from a different repo. (bnc#725867)
   - Suppress MediaChangeReport while testing multiple baseurls. (bnc#899510)
   - A date limit must ignore newer patch candidates. (bnc#919709)
   - Notify about volatile changes to service repos. (bnc#916254)
   - Change column header from 'Login' to 'User'. (bnc#915461)
   - Fix wrong exit status using the --xmlout option. (bnc#914258)
   - Add new color/pkglistHighlightAttribute to zypper.conf. (bnc#914284)
   - New global option --releasever: Set the value of the $releasever
     variable in all .repo files. This can be used to switch to new
     distribution repositories when performing a distribution upgrade.
     (bnc#911658)
   - Clarify legacy warning. (bnc#911335)
   - Show new product:registerflavor attribute in 'zypper info'. (bnc#896224)
   - Enhance message text when skipping repos due to an error. (bnc#909244)
   - Fix additional spaces in zypper output and new colorization code.
     (bnc#908345)
   - Properly reset auto-retry counter. (bnc#906549)
   - Improve patch description in man page. (bnc#904737)
   - Warn about repositories with 'gpgcheck=0'. (bnc#848054)
   - Summary: quote names including spaces. (bnc#903675)
   - Warn if legacy CLI options are used. (bnc#899781)
   - Fix prompt returning undefined default value after wrong input.
     (bnc#925696)
   - Fix typo in man page. (bnc#923800)
   - Only use ANSI color codes on terminals. (bnc#925678)
   - Fix table sorting with option --sort-by-priority. (bnc#832519)
   - Clarify 'zypper lp --date' description. (bnc#929593)
   - Warn user that deleting a service repository is a volatile change.
     (bnc#929990)
   - Adapt Enterprise product detection, fixing display of package's support
     status. (bnc#933277)
   - Fix format of sizes in output. (bnc#897301)
   - Clarify comment in zypper.conf. (bnc#820693)


Patch Instructions:

   To install this SUSE Recommended Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Workstation Extension 12:

      zypper in -t patch SUSE-SLE-WE-12-2015-294=1

   - SUSE Linux Enterprise Software Development Kit 12:

      zypper in -t patch SUSE-SLE-SDK-12-2015-294=1

   - SUSE Linux Enterprise Server 12:

      zypper in -t patch SUSE-SLE-SERVER-12-2015-294=1

   - SUSE Linux Enterprise Desktop 12:

      zypper in -t patch SUSE-SLE-DESKTOP-12-2015-294=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Workstation Extension 12 (x86_64):

      PackageKit-debuginfo-0.8.16-11.15
      PackageKit-debugsource-0.8.16-11.15
      PackageKit-gstreamer-plugin-0.8.16-11.15
      PackageKit-gstreamer-plugin-debuginfo-0.8.16-11.15

   - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64):

      PackageKit-debuginfo-0.8.16-11.15
      PackageKit-debugsource-0.8.16-11.15
      PackageKit-devel-0.8.16-11.15
      PackageKit-devel-debuginfo-0.8.16-11.15
      libpackagekit-glib2-devel-0.8.16-11.15
      libsolv-debugsource-0.6.11-8.1
      libsolv-devel-0.6.11-8.1
      libsolv-devel-debuginfo-0.6.11-8.1
      libyui-ncurses-pkg-debugsource-2.46.1-3.4
      libyui-ncurses-pkg-devel-2.46.1-3.4
      libyui-qt-pkg-debugsource-2.44.7-3.2
      libyui-qt-pkg-devel-2.44.7-3.2
      libzypp-debuginfo-14.39.0-10.1
      libzypp-debugsource-14.39.0-10.1
      libzypp-devel-14.39.0-10.1
      perl-solv-0.6.11-8.1
      perl-solv-debuginfo-0.6.11-8.1
      perl-zypp-0.6.4-5.3
      typelib-1_0-PackageKitPlugin-1_0-0.8.16-11.15

   - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):

      PackageKit-0.8.16-11.15
      PackageKit-backend-zypp-0.8.16-11.15
      PackageKit-backend-zypp-debuginfo-0.8.16-11.15
      PackageKit-debuginfo-0.8.16-11.15
      PackageKit-debugsource-0.8.16-11.15
      gnome-packagekit-3.10.1-8.13
      gnome-packagekit-debuginfo-3.10.1-8.13
      gnome-packagekit-debugsource-3.10.1-8.13
      libpackagekit-glib2-16-0.8.16-11.15
      libpackagekit-glib2-16-debuginfo-0.8.16-11.15
      libsolv-debugsource-0.6.11-8.1
      libsolv-tools-0.6.11-8.1
      libsolv-tools-debuginfo-0.6.11-8.1
      libyui-ncurses-pkg-debugsource-2.46.1-3.4
      libyui-ncurses-pkg6-2.46.1-3.4
      libyui-ncurses-pkg6-debuginfo-2.46.1-3.4
      libyui-qt-pkg-debugsource-2.44.7-3.2
      libyui-qt-pkg6-2.44.7-3.2
      libyui-qt-pkg6-debuginfo-2.44.7-3.2
      libzypp-14.39.0-10.1
      libzypp-debuginfo-14.39.0-10.1
      libzypp-debugsource-14.39.0-10.1
      perl-solv-0.6.11-8.1
      perl-solv-debuginfo-0.6.11-8.1
      python-solv-0.6.11-8.1
      python-solv-debuginfo-0.6.11-8.1
      python-zypp-0.6.4-5.3
      typelib-1_0-PackageKitGlib-1_0-0.8.16-11.15
      yast2-pkg-bindings-3.1.20-3.3
      yast2-pkg-bindings-debuginfo-3.1.20-3.3
      yast2-pkg-bindings-debugsource-3.1.20-3.3
      zypper-1.11.32-8.1
      zypper-debuginfo-1.11.32-8.1
      zypper-debugsource-1.11.32-8.1

   - SUSE Linux Enterprise Server 12 (noarch):

      PackageKit-lang-0.8.16-11.15
      gnome-packagekit-lang-3.10.1-8.13
      zypper-log-1.11.32-8.1

   - SUSE Linux Enterprise Desktop 12 (x86_64):

      PackageKit-0.8.16-11.15
      PackageKit-backend-zypp-0.8.16-11.15
      PackageKit-backend-zypp-debuginfo-0.8.16-11.15
      PackageKit-debuginfo-0.8.16-11.15
      PackageKit-debugsource-0.8.16-11.15
      PackageKit-gstreamer-plugin-0.8.16-11.15
      PackageKit-gstreamer-plugin-debuginfo-0.8.16-11.15
      gnome-packagekit-3.10.1-8.13
      gnome-packagekit-debuginfo-3.10.1-8.13
      gnome-packagekit-debugsource-3.10.1-8.13
      libpackagekit-glib2-16-0.8.16-11.15
      libpackagekit-glib2-16-debuginfo-0.8.16-11.15
      libsolv-debugsource-0.6.11-8.1
      libsolv-tools-0.6.11-8.1
      libsolv-tools-debuginfo-0.6.11-8.1
      libyui-ncurses-pkg-debugsource-2.46.1-3.4
      libyui-ncurses-pkg6-2.46.1-3.4
      libyui-ncurses-pkg6-debuginfo-2.46.1-3.4
      libyui-qt-pkg-debugsource-2.44.7-3.2
      libyui-qt-pkg6-2.44.7-3.2
      libyui-qt-pkg6-debuginfo-2.44.7-3.2
      libzypp-14.39.0-10.1
      libzypp-debuginfo-14.39.0-10.1
      libzypp-debugsource-14.39.0-10.1
      python-solv-0.6.11-8.1
      python-solv-debuginfo-0.6.11-8.1
      python-zypp-0.6.4-5.3
      typelib-1_0-PackageKitGlib-1_0-0.8.16-11.15
      yast2-pkg-bindings-3.1.20-3.3
      yast2-pkg-bindings-debuginfo-3.1.20-3.3
      yast2-pkg-bindings-debugsource-3.1.20-3.3
      zypper-1.11.32-8.1
      zypper-debuginfo-1.11.32-8.1
      zypper-debugsource-1.11.32-8.1

   - SUSE Linux Enterprise Desktop 12 (noarch):

      PackageKit-lang-0.8.16-11.15
      gnome-packagekit-lang-3.10.1-8.13
      zypper-log-1.11.32-8.1


References:

   https://www.suse.com/security/cve/CVE-2014-3566.html
   https://bugzilla.suse.com/725867
   https://bugzilla.suse.com/820693
   https://bugzilla.suse.com/828631
   https://bugzilla.suse.com/832519
   https://bugzilla.suse.com/848054
   https://bugzilla.suse.com/892431
   https://bugzilla.suse.com/893294
   https://bugzilla.suse.com/896224
   https://bugzilla.suse.com/897301
   https://bugzilla.suse.com/899510
   https://bugzilla.suse.com/899603
   https://bugzilla.suse.com/899781
   https://bugzilla.suse.com/899907
   https://bugzilla.suse.com/901590
   https://bugzilla.suse.com/901691
   https://bugzilla.suse.com/903405
   https://bugzilla.suse.com/903675
   https://bugzilla.suse.com/904737
   https://bugzilla.suse.com/906549
   https://bugzilla.suse.com/908135
   https://bugzilla.suse.com/908345
   https://bugzilla.suse.com/908976
   https://bugzilla.suse.com/909143
   https://bugzilla.suse.com/909244
   https://bugzilla.suse.com/909772
   https://bugzilla.suse.com/911335
   https://bugzilla.suse.com/911658
   https://bugzilla.suse.com/914258
   https://bugzilla.suse.com/914284
   https://bugzilla.suse.com/915461
   https://bugzilla.suse.com/915928
   https://bugzilla.suse.com/916254
   https://bugzilla.suse.com/919709
   https://bugzilla.suse.com/921332
   https://bugzilla.suse.com/922352
   https://bugzilla.suse.com/923800
   https://bugzilla.suse.com/925678
   https://bugzilla.suse.com/925696
   https://bugzilla.suse.com/927319
   https://bugzilla.suse.com/929483
   https://bugzilla.suse.com/929528
   https://bugzilla.suse.com/929593
   https://bugzilla.suse.com/929990
   https://bugzilla.suse.com/931601
   https://bugzilla.suse.com/932393
   https://bugzilla.suse.com/933277



More information about the sle-updates mailing list