SUSE-RU-2015:1175-1: moderate: Recommended update for Package Management Stack
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Thu Jul 2 10:05:24 MDT 2015
SUSE Recommended Update: Recommended update for Package Management Stack
______________________________________________________________________________
Announcement ID: SUSE-RU-2015:1175-1
Rating: moderate
References: #725867 #820693 #828631 #832519 #848054 #892431
#893294 #896224 #897301 #899510 #899603 #899781
#899907 #901590 #901691 #903405 #903675 #904737
#906549 #908135 #908345 #908976 #909143 #909244
#909772 #911335 #911658 #914258 #914284 #915461
#915928 #916254 #919709 #921332 #922352 #923800
#925678 #925696 #927319 #929483 #929528 #929593
#929990 #931601 #932393 #933277
Affected Products:
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Desktop 12
______________________________________________________________________________
An update that solves one vulnerability and has 45 fixes is
now available.
Description:
This update provides fixes and enhancements for the Software Update Stack.
gnome-packagekit:
- Fix title of license agreement window. (bsc#927319)
libsolv:
- Rework splitprovides handling. (bnc#921332)
- Add product:regflavor attribute. (bnc#896224)
- Fix bug in reorder_dq_for_jobrules that could lead to crashes.
(bnc#899907)
- Fix bug in dislike_old_versions that could lead to a segfault.
(bnc#922352)
- Add manpages for the tools.
libzypp:
- Add configuration values for gpgcheck, repo_gpgcheck and pkg_gpgcheck to
zypp.conf. (FATE#314603)
- Support $releasever_major/$releasever_minor repo variables. (FATE#318354)
- Support repo variable replacement in service url.
- Support repo variable replacement in gpg url.
- Add support for SHA224/384/512.
- Don't execute scripts in /tmp or /var/tmp, as they could be mounted
noexec for security reasons. (bnc#915928)
- Let $ZYPP_REPO_RELEASEVER overwrite $releasever in .repo files.
(bnc#911658)
- Parse and offer productRegisterFlavor attribute. (bnc#896224)
- Improve conflict message for locked packages. (bnc#828631)
- Fix broken de-escaping in str::splitEscaped. (bnc#909772)
- Filter PIDs running in a container. (bnc#909143)
- Suppress informal license (no need to accept) upon update. (bnc#908976)
- Adapt to gpg-2.1. (bnc#908135)
- Call rpm with '--noglob'. (bnc#892431)
- Fix URL path concatenation in MediaCurl. (bnc#901590)
- Move doxygen html doc to libzypp-devel-doc. (bnc#901691)
- Support parsing multiple baseurls from a repo file. (bnc#899510)
- Suppress MediaChangeReport while testing multiple baseurls. (bnc#899510)
- Fix handling local mirrorlist= files in .repo. (bnc#899510)
- Prevent POODLE by talking TLS only. (bnc#903405)
- Fix segmentation fault when dumping rpm header with epoch. (bnc#929483)
- Handle repository aliases containing ']' correctly. (bnc#929528)
- Avoid nested exception on user abort. (bnc#931601)
- Fix SSL client certificate authentication via URL option
ssl_clientcert/ssl_clientkey. (bnc#932393)
libzypp-bindings:
- Enforce Python 2.7 libzypp-bindings is not yet ready for Python 3.
- Adapt to libzypp changes.
zypper:
- Implement and document GPG signature checking. (FATE#314603)
- Enhance 'Digest verification failed' message and dialog. (FATE#315008)
- Refresh plugin services on 'lr' 'ls -r' and 'ref'. (bnc#893294,
FATE#318117) Repositories provided by a plugin service (SUSE Manager)
must always be (auto-)refreshed to reflect server side changes
immediately.
- Allow repo:package to reinstall from a different repo. (bnc#725867)
- Suppress MediaChangeReport while testing multiple baseurls. (bnc#899510)
- A date limit must ignore newer patch candidates. (bnc#919709)
- Notify about volatile changes to service repos. (bnc#916254)
- Change column header from 'Login' to 'User'. (bnc#915461)
- Fix wrong exit status using the --xmlout option. (bnc#914258)
- Add new color/pkglistHighlightAttribute to zypper.conf. (bnc#914284)
- New global option --releasever: Set the value of the $releasever
variable in all .repo files. This can be used to switch to new
distribution repositories when performing a distribution upgrade.
(bnc#911658)
- Clarify legacy warning. (bnc#911335)
- Show new product:registerflavor attribute in 'zypper info'. (bnc#896224)
- Enhance message text when skipping repos due to an error. (bnc#909244)
- Fix additional spaces in zypper output and new colorization code.
(bnc#908345)
- Properly reset auto-retry counter. (bnc#906549)
- Improve patch description in man page. (bnc#904737)
- Warn about repositories with 'gpgcheck=0'. (bnc#848054)
- Summary: quote names including spaces. (bnc#903675)
- Warn if legacy CLI options are used. (bnc#899781)
- Fix prompt returning undefined default value after wrong input.
(bnc#925696)
- Fix typo in man page. (bnc#923800)
- Only use ANSI color codes on terminals. (bnc#925678)
- Fix table sorting with option --sort-by-priority. (bnc#832519)
- Clarify 'zypper lp --date' description. (bnc#929593)
- Warn user that deleting a service repository is a volatile change.
(bnc#929990)
- Adapt Enterprise product detection, fixing display of package's support
status. (bnc#933277)
- Fix format of sizes in output. (bnc#897301)
- Clarify comment in zypper.conf. (bnc#820693)
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Workstation Extension 12:
zypper in -t patch SUSE-SLE-WE-12-2015-294=1
- SUSE Linux Enterprise Software Development Kit 12:
zypper in -t patch SUSE-SLE-SDK-12-2015-294=1
- SUSE Linux Enterprise Server 12:
zypper in -t patch SUSE-SLE-SERVER-12-2015-294=1
- SUSE Linux Enterprise Desktop 12:
zypper in -t patch SUSE-SLE-DESKTOP-12-2015-294=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Workstation Extension 12 (x86_64):
PackageKit-debuginfo-0.8.16-11.15
PackageKit-debugsource-0.8.16-11.15
PackageKit-gstreamer-plugin-0.8.16-11.15
PackageKit-gstreamer-plugin-debuginfo-0.8.16-11.15
- SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64):
PackageKit-debuginfo-0.8.16-11.15
PackageKit-debugsource-0.8.16-11.15
PackageKit-devel-0.8.16-11.15
PackageKit-devel-debuginfo-0.8.16-11.15
libpackagekit-glib2-devel-0.8.16-11.15
libsolv-debugsource-0.6.11-8.1
libsolv-devel-0.6.11-8.1
libsolv-devel-debuginfo-0.6.11-8.1
libyui-ncurses-pkg-debugsource-2.46.1-3.4
libyui-ncurses-pkg-devel-2.46.1-3.4
libyui-qt-pkg-debugsource-2.44.7-3.2
libyui-qt-pkg-devel-2.44.7-3.2
libzypp-debuginfo-14.39.0-10.1
libzypp-debugsource-14.39.0-10.1
libzypp-devel-14.39.0-10.1
perl-solv-0.6.11-8.1
perl-solv-debuginfo-0.6.11-8.1
perl-zypp-0.6.4-5.3
typelib-1_0-PackageKitPlugin-1_0-0.8.16-11.15
- SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):
PackageKit-0.8.16-11.15
PackageKit-backend-zypp-0.8.16-11.15
PackageKit-backend-zypp-debuginfo-0.8.16-11.15
PackageKit-debuginfo-0.8.16-11.15
PackageKit-debugsource-0.8.16-11.15
gnome-packagekit-3.10.1-8.13
gnome-packagekit-debuginfo-3.10.1-8.13
gnome-packagekit-debugsource-3.10.1-8.13
libpackagekit-glib2-16-0.8.16-11.15
libpackagekit-glib2-16-debuginfo-0.8.16-11.15
libsolv-debugsource-0.6.11-8.1
libsolv-tools-0.6.11-8.1
libsolv-tools-debuginfo-0.6.11-8.1
libyui-ncurses-pkg-debugsource-2.46.1-3.4
libyui-ncurses-pkg6-2.46.1-3.4
libyui-ncurses-pkg6-debuginfo-2.46.1-3.4
libyui-qt-pkg-debugsource-2.44.7-3.2
libyui-qt-pkg6-2.44.7-3.2
libyui-qt-pkg6-debuginfo-2.44.7-3.2
libzypp-14.39.0-10.1
libzypp-debuginfo-14.39.0-10.1
libzypp-debugsource-14.39.0-10.1
perl-solv-0.6.11-8.1
perl-solv-debuginfo-0.6.11-8.1
python-solv-0.6.11-8.1
python-solv-debuginfo-0.6.11-8.1
python-zypp-0.6.4-5.3
typelib-1_0-PackageKitGlib-1_0-0.8.16-11.15
yast2-pkg-bindings-3.1.20-3.3
yast2-pkg-bindings-debuginfo-3.1.20-3.3
yast2-pkg-bindings-debugsource-3.1.20-3.3
zypper-1.11.32-8.1
zypper-debuginfo-1.11.32-8.1
zypper-debugsource-1.11.32-8.1
- SUSE Linux Enterprise Server 12 (noarch):
PackageKit-lang-0.8.16-11.15
gnome-packagekit-lang-3.10.1-8.13
zypper-log-1.11.32-8.1
- SUSE Linux Enterprise Desktop 12 (x86_64):
PackageKit-0.8.16-11.15
PackageKit-backend-zypp-0.8.16-11.15
PackageKit-backend-zypp-debuginfo-0.8.16-11.15
PackageKit-debuginfo-0.8.16-11.15
PackageKit-debugsource-0.8.16-11.15
PackageKit-gstreamer-plugin-0.8.16-11.15
PackageKit-gstreamer-plugin-debuginfo-0.8.16-11.15
gnome-packagekit-3.10.1-8.13
gnome-packagekit-debuginfo-3.10.1-8.13
gnome-packagekit-debugsource-3.10.1-8.13
libpackagekit-glib2-16-0.8.16-11.15
libpackagekit-glib2-16-debuginfo-0.8.16-11.15
libsolv-debugsource-0.6.11-8.1
libsolv-tools-0.6.11-8.1
libsolv-tools-debuginfo-0.6.11-8.1
libyui-ncurses-pkg-debugsource-2.46.1-3.4
libyui-ncurses-pkg6-2.46.1-3.4
libyui-ncurses-pkg6-debuginfo-2.46.1-3.4
libyui-qt-pkg-debugsource-2.44.7-3.2
libyui-qt-pkg6-2.44.7-3.2
libyui-qt-pkg6-debuginfo-2.44.7-3.2
libzypp-14.39.0-10.1
libzypp-debuginfo-14.39.0-10.1
libzypp-debugsource-14.39.0-10.1
python-solv-0.6.11-8.1
python-solv-debuginfo-0.6.11-8.1
python-zypp-0.6.4-5.3
typelib-1_0-PackageKitGlib-1_0-0.8.16-11.15
yast2-pkg-bindings-3.1.20-3.3
yast2-pkg-bindings-debuginfo-3.1.20-3.3
yast2-pkg-bindings-debugsource-3.1.20-3.3
zypper-1.11.32-8.1
zypper-debuginfo-1.11.32-8.1
zypper-debugsource-1.11.32-8.1
- SUSE Linux Enterprise Desktop 12 (noarch):
PackageKit-lang-0.8.16-11.15
gnome-packagekit-lang-3.10.1-8.13
zypper-log-1.11.32-8.1
References:
https://www.suse.com/security/cve/CVE-2014-3566.html
https://bugzilla.suse.com/725867
https://bugzilla.suse.com/820693
https://bugzilla.suse.com/828631
https://bugzilla.suse.com/832519
https://bugzilla.suse.com/848054
https://bugzilla.suse.com/892431
https://bugzilla.suse.com/893294
https://bugzilla.suse.com/896224
https://bugzilla.suse.com/897301
https://bugzilla.suse.com/899510
https://bugzilla.suse.com/899603
https://bugzilla.suse.com/899781
https://bugzilla.suse.com/899907
https://bugzilla.suse.com/901590
https://bugzilla.suse.com/901691
https://bugzilla.suse.com/903405
https://bugzilla.suse.com/903675
https://bugzilla.suse.com/904737
https://bugzilla.suse.com/906549
https://bugzilla.suse.com/908135
https://bugzilla.suse.com/908345
https://bugzilla.suse.com/908976
https://bugzilla.suse.com/909143
https://bugzilla.suse.com/909244
https://bugzilla.suse.com/909772
https://bugzilla.suse.com/911335
https://bugzilla.suse.com/911658
https://bugzilla.suse.com/914258
https://bugzilla.suse.com/914284
https://bugzilla.suse.com/915461
https://bugzilla.suse.com/915928
https://bugzilla.suse.com/916254
https://bugzilla.suse.com/919709
https://bugzilla.suse.com/921332
https://bugzilla.suse.com/922352
https://bugzilla.suse.com/923800
https://bugzilla.suse.com/925678
https://bugzilla.suse.com/925696
https://bugzilla.suse.com/927319
https://bugzilla.suse.com/929483
https://bugzilla.suse.com/929528
https://bugzilla.suse.com/929593
https://bugzilla.suse.com/929990
https://bugzilla.suse.com/931601
https://bugzilla.suse.com/932393
https://bugzilla.suse.com/933277
More information about the sle-updates
mailing list