SUSE-SU-2022:1131-1

Описание

This update for libsolv, libzypp, zypper fixes the following issues:

Security relevant fix:

• Harden package signature checks (bsc#1184501).

libsolv to 0.7.22:

• reworked choice rule generation to cover more usecases
• support SOLVABLE_PREREQ_IGNOREINST in the ordering code (bsc#1196514)
• support parsing of Debian's Multi-Arch indicator
• fix segfault on conflict resolution when using bindings
• fix split provides not working if the update includes a forbidden vendor change
• support strict repository priorities new solver flag: SOLVER_FLAG_STRICT_REPO_PRIORITY
• support zstd compressed control files in debian packages
• add an ifdef allowing to rename Solvable dependency members ('requires' is a keyword in C++20)
• support setting/reading userdata in solv files new functions: repowriter_set_userdata, solv_read_userdata
• support queying of the custom vendor check function new function: pool_get_custom_vendorcheck
• support solv files with an idarray block
• allow accessing the toolversion at runtime

libzypp to 17.30.0:

• ZConfig: Update solver settings if target changes (bsc#1196368)
• Fix possible hang in singletrans mode (bsc#1197134)
• Do 2 retries if mount is still busy.
• Fix package signature check (bsc#1184501) Pay attention that header and payload are secured by a valid signature and report more detailed which signature is missing.
• Retry umount if device is busy (bsc#1196061, closes #381) A previously released ISO image may need a bit more time to release it's loop device. So we wait a bit and retry.
• Fix serializing/deserializing type mismatch in zypp-rpm protocol (bsc#1196925)
• Fix handling of ISO media in releaseAll (bsc#1196061)
• Hint on common ptf resolver conflicts (bsc#1194848)
• Hint on ptf<>patch resolver conflicts (bsc#1194848)

zypper to 1.14.52:

• info: print the packages upstream URL if available (fixes #426)
• info: Fix SEGV with not installed PTFs (bsc#1196317)
• Don't prevent less restrictive umasks (bsc#1195999)