SUSE-SU-2022:1130-1

Описание

This update for libsolv, libzypp, zypper fixes the following issues:

Security relevant fix:

• Harden package signature checks (bsc#1184501).

libsolv to 0.7.22:

• reworked choice rule generation to cover more usecases

• support SOLVABLE_PREREQ_IGNOREINST in the ordering code (bsc#1196514)

• support parsing of Debian's Multi-Arch indicator

• fix segfault on conflict resolution when using bindings

• fix split provides not working if the update includes a forbidden vendor change

• support strict repository priorities new solver flag: SOLVER_FLAG_STRICT_REPO_PRIORITY

• support zstd compressed control files in debian packages

• add an ifdef allowing to rename Solvable dependency members ('requires' is a keyword in C++20)

• support setting/reading userdata in solv files new functions: repowriter_set_userdata, solv_read_userdata

• support queying of the custom vendor check function new function: pool_get_custom_vendorcheck

• support solv files with an idarray block

• allow accessing the toolversion at runtime

libzypp to 17.30.0:

• ZConfig: Update solver settings if target changes (bsc#1196368)
• Fix possible hang in singletrans mode (bsc#1197134)
• Do 2 retries if mount is still busy.
• Fix package signature check (bsc#1184501) Pay attention that header and payload are secured by a valid signature and report more detailed which signature is missing.
• Retry umount if device is busy (bsc#1196061, closes #381) A previously released ISO image may need a bit more time to release it's loop device. So we wait a bit and retry.
• Fix serializing/deserializing type mismatch in zypp-rpm protocol (bsc#1196925)
• Fix handling of ISO media in releaseAll (bsc#1196061)
• Hint on common ptf resolver conflicts (bsc#1194848)
• Hint on ptf<>patch resolver conflicts (bsc#1194848)

zypper to 1.14.52:

• info: print the packages upstream URL if available (fixes #426)
• info: Fix SEGV with not installed PTFs (bsc#1196317)
• Don't prevent less restrictive umasks (bsc#1195999)