Update Info

openSUSE-2022-10143


Optional update for libdnf, librepo


Type: optional
Severity: moderate
Issued: 2022-10-12
Description:
This update for libdnf, librepo fixes the following issues:

libdnf was updated to 0.65.0:

+ Add support for excluding packages to be installed as weak dependencies
+ Add support for autodetecting packages to be excluded from being installed as weak dependencies
+ Turn off strict validation of modulemd documents (rh#2004853, rh#2007166, rh#2007167)
+ Implement logic for demodularization of modular rpms (rh#1805260)
+ DnfContext: fix handling of default module profiles
+ ModuleMetadata: gracefully handle modules with no defaults
+ Remove failovermethod config option (rh#1961083)

Update to 0.63.1

+ ModuleProfile: add isDefault()
+ ModulePackage: add getDefaultProfile()
+ Add new dnf_context_module_install() C API
+ Fix a crash when [media] section in .treeinfo is missing for bootable media (rh#1946024)
+ Add hy_query_get_advisory_pkgs to C API (rh#1960561)
+ Add dnf_advisorypkg_get_advisory()
+ DNF does not fail on non UTF-8 file names in a package (rh#1893176)
+ Improve error-reporting for modular functions

Update to 0.62.0

+ Change order of TransactionItemReason (rh#1921063)
+ Add two new comperators for security filters (rh#1918475)
+ Apply security filters for candidates with lower priority
+ Fix: Goal - translation of messages in global maps
+ Enhance description of modular solvables
+ Improve performance for module query 
+ Change mechanism of modular errata applicability (rh#1804234)
+ dnf_transaction_commit(): Remove second call to rpmtsSetVSFlags
+ Fix a couple of memory leaks
+ Fix: Setting of librepo handle in newHandle function
+ Remove failsafe data when module is not enabled (rh#1847035)
+ Expose librepo's checksum functions via SWIG
+ Fix: Mising check of "hy_split_nevra()" return code
+ Do not allow 1 as installonly_limit value (rh#1926261)
+ Fix check whether the subkey can be used for signing
+ Hardening: add signature check with rpmcliVerifySignatures 
  (CVE-2021-3445, CVE-2021-3421, CVE-2021-20271, rh#1932079, rh#1932089, rh#1932090, boo#1183779)
+ Add a config option sslverifystatus, defaults to false (rh#1814383)
+ [context] Add API for distro-sync

- Fix dependency for repo-config-zypp subpackage to work with SLE

Update to 0.60.0

+ Fix repo.fresh() implementation
+ Fix: Fully set ssl in newHandle function
+ [conf] Add options for working with certificates used with proxy
+ Apply proxy certificate options
+ lock: Switch return-if-fail to assert to quiet gcc -fanalyzer
+ build-sys: Clean up message about Python bindings
+ Modify module NSVCA parsing - context definition (rh#1926771)
+ [context] Fix: dnf_package_is_installonly (rh#1928056)
+ Fix problematic language
+ Add getApplicablePackages to advisory and isApplicable to advisorymodule
+ Keep isAdvisoryApplicable to preserve API
+ Run ModulePackageContainerTest tests in tmpdir, merge interdependent
+ [context] Support config file option "proxy_auth_method", defaults "any"
+ Properly handle multiple collections in updateinfo.xml (rh#1804234)
+ Support main config file option "installonlypkgs"
+ Support main config file option "protected_packages"

- Add repo-config-zypp subpackage to allow easily using Zypper repository configuration

- Add patch to move directory for dnf state data to /usr/lib/sysimage

Update to version 0.58.0

+ Option: Add reset() method
+ Add OptionBinds::getOption() method
+ [context] Add dnf_repo_conf_from_gkeyfile() and dnf_repo_conf_reset()
+ [context] Add support for options: minrate, throttle, bandwidth, timeout
+ [context] Remove g_key_file_get_string() from dnf_repo_set_keyfile_data()
+ Allow loading ext metadata even if only cache (solv) is present
+ Add ASAN_OPTIONS for test_libdnf_main
+ [context,API] Functions for accessing main/global configuration options
+ [context,API] Function for adding setopt
+ Add getter for modular obsoletes from ModuleMetadata
+ Add ModulePackage.getStaticContext() and getRequires()
+ Add compatible layer for MdDocuments v2
+ Fix modular queries with the new solver
+ Improve formatting of error string for modules
+ Change mechanism of module conflicts
+ Fix load/update FailSafe

Update to version 0.55.2

+ Improve performance of query installed() and available()
+ Swdb: Add a method to get the current transaction
+ [modules] Add special handling for src artifacts (rh#1809314)
+ Better msgs if "basecachedir" or "proxy_password" isn't set (rh#1888946)
+ Add new options module_stream_switch
+ Support allow_vendor_change setting in dnf context API

Update to version 0.55.0

+ Add vendor to dnf API (rh#1876561)
+ Add formatting function for solver error
+ Add error types in ModulePackageContainer
+ Implement module enable for context part
+ Improve string formatting for translation
+ Remove redundant printf and change logging info to notice (rh#1827424)
+ Add allow_vendor_change option (rh#1788371) (rh#1788371)

Update to version 0.54.2

+ history: Fix dnf history rollback when a package was removed (rh#1683134)
+ Add support for HY_GT, HY_LT in query nevra_strict
+ Fix parsing empty lines in config files
+ Accept '==' as an operator in reldeps (rh#1847946)
+ Add log file level main config option (rh#1802074)
+ Add protect_running_kernel configuration option (rh#1698145)
+ Context part of libdnf cannot assume zchunk is on (rh#1851841, rh#1779104)
+ Fix memory leak of resultingModuleIndex and handle g_object refs
+ Redirect librepo logs to libdnf logs with different source
+ Add hy_goal_lock
+ Enum/String conversions for Transaction Store/Replay
+ utils: Add a method to decode URLs
+ Unify hawkey.log line format with the rest of the logs

Update to version 0.48.0

+ Add prereq_ignoreinst & regular_requires properties for pkg (rh#1543449)
+ Reset active modules when no module enabled or default (rh#1767351)
+ Add comment option to transaction (rh#1773679)
+ Failing to get module defauls is a recoverable error
+ Baseurl is not exclusive with mirrorlist/metalink (rh#1775184)
+ Add new function to reset all modules in C API (dnf_context_reset_all_modules)
+ [context] Fix to preserve additionalMetadata content (rh#1808677)
+ Fix filtering of DepSolvables with source rpms (rh#1812596)
+ Add setter for running kernel protection setting
+ Handle situation when an unprivileged user cannot create history database (rh#1634385)
+ Add query filter: latest by priority
+ Add DNF_NO_PROTECTED flag to allow empty list of protected packages
+ Remove 'dim' option from terminal colors to make them more readable (rh#1807774, rh#1814563)
+ [context] Error when main config file can't be opened (rh#1794864)
+ [context] Add function function dnf_context_is_set_config_file_path
+ swdb: Catch only SQLite3 exceptions and simplify the messages
+ MergedTransaction list multiple comments (rh#1773679)
+ Modify CMake to pull *.po files from weblate
+ Optimize DependencyContainer creation from an existing queue
+ fix a memory leak in dnf_package_get_requires()
+ Fix memory leaks on g_build_filename()
+ Fix memory leak in dnf_context_setup()
+ Add `hy_goal_favor` and `hy_goal_disfavor`
+ Define a cleanup function for `DnfPackageSet`
+ dnf-repo: fix dnf_repo_get_public_keys double-free
+ Do not cache RPMDB
+ Use single-quotes around string literals used in SQL statements
+ SQLite3: Do not close the database if it wasn't opened (rh#1761976)
+ Don't create a new history DB connection for in-memory DB
+ transaction/Swdb: Use a single logger variable in constructor
+ utils: Add a safe version of pathExists()
+ swdb: Handle the case when pathExists() fails on e.g. permission
+ Repo: prepend "file://" if a local path is used as baseurl
+ Move urlEncode() to utils
+ utils: Add 'exclude' argument to urlEncode()
+ Encode package URL for downloading through librepo (rh#1817130)
+ Replace std::runtime_error with libdnf::RepoError
+ Fixes and error handling improvements of the File class
+ [context] Use ConfigRepo for gpgkey and baseurl (rh#1807864)
+ [context] support "priority" option in .repo config file (rh#1797265)

- Add patch to support monitoring non-bdb rpmdb variants

Update to version 0.45.0

+ Config options: only first empty value clears existing (rh#1788154)
+ Make parsing of reldeps more strict (rh#1788107)
+ [context] Support repositories defined in main configuration file
+ Fix filtering packages by advisory when more versions and arches are available (rh#1770125)
+ Add expanding solvable provides for dependency matching (rh#1534123)
+ DnfRepo: fix module_hotfixes keyfile priority level
+ Add custom exceptions to libdnf interface
+ [conf] Set useful default colors when color is enabled
+ Port to libmodulemd-2 API (rh#1693683)

Update to version 0.43.1

+ Allow excluding packages with "excludepkgs" and globs
+ Add two new query filters: obsoletes_by_priority, upgrades_by_priority
+ [context] Use installonly_limit from global config (rh#1256108)
+ [context] Add API to get/set "install_weak_deps"
+ [context] Add wildcard support for repo_id in dnf_context_repo_enable/disable (rh#1781420)
+ [context] Adds support for includepkgs in repository configuration.
+ [context] Adds support for excludepkgs, exclude, includepkgs, and disable_excludes in main configuration.
+ [context] Added function dnf_transaction_set_dont_solve_goal
+ [context] Added functions dnf_context_get/set_config_file_path
+ [context] Respect "plugins" global conf value
+ [context] Add API to disable/enable plugins

- Update to version 0.39.1
+ Skip invalid key files in "/etc/pki/rpm-gpg" with warning (rh#1644040)
+ Enable timestamp preserving for downloaded data (rh#1688537)
+ Set default to skip_if_unavailable=false (rh#1679509)
+ Add configuration option skip_if_unavailable (rh#1689931)
+ Fix 'database is locked' error (rh#1631533)
+ Replace the 'Failed to synchronize cache' message (rh#1712055)
+ Fix 'no such table: main.trans_cmdline' error (rh#1596540)
+ Add support of modular FailSafe (rh#1623128) (temporarily with warnings
  instead of errors when installing modular RPMs without modular metadata)
+ Add support of DNF main config file in context; used by PackageKit and
  microdnf (rh#1689331)
+ Exit gpg-agent after repokey import (rh#1650266)
+ Don't disable nonexistent but required repositories (rh#1689331)
+ Fix toString() to not insert [] (rh#1584442)
+ Ignore trailing blank lines in config (rh#1722493)
+ Fix handling large number of filenames on input (rh#1690915)
+ Detect armv7 with crypto extension only on arm version >= 8
+ A new standardized User-Agent field consisting of the libdnf and OS version
  (including the variant) (rh#1156007)
+ Add basic countme support (rh#1647454)
+ Fix crash in PackageKit (rh#1636803)
+ Do not create @System.solv files (rh#1707995)
+ Set LRO_CACHEDIR so zchunk works again (rh#1739867)
+ Don't reinstall modified packages with the same NEVRA (rh#1644241)
+ Fix bug when moving temporary repository metadata after download (rh#1700341)
+ Improve detection of extras packages by comparing (name, arch) pair
  instead of full NEVRA (RhBuh:1684517)
+ Improve handling multilib packages in the history command (rh#1728637)
+ Repo download: use full error description into the exception text (rh#1741442)
+ Properly close hawkey.log (rh#1594016)
+ Fix dnf updateinfo --update to not list advisories for packages updatable
  only from non-enabled modules
+ Apply modular filtering by package name (rh#1702729)
+ Fully enable the modular fail safe mechanism (rh#1616167)
+ Use more descriptive message when failed to retrieve GPG key (rh#1605117)
+ Add removeMetadataTypeFromDownload function to the API
+ Context part of libdnf can now read vars (urlvars) from dirs and environment
+ Throw exception immediately if file cannot be opened
+ Add test when there is no primary metadata in compatible format (rh#1744960)
+ Don't abort on rpmdb checksum calculation failure
+ Enable module dependency trees when using set_modules_enabled_by_pkgset() (rh#1762314)
+ New method "Query::filterSubject()", replaces Solution::getBestSolution()
+ The Solution class was removed
+ Add query argument into get_best_query and get_best_solution
+ Add module reset function into dnf_context
+ Add method to get all repository metadata locations
+ Catch NoModuleException in case of not existent value was used in persistor (rh#1761773)
+ Handle NoModuleException in dnf_context_reset_modules (rh#1767453)
+ Report reason how package was excluded (rh#1649754)
+ Fix Arm detection improvements (rh#1691430)
+ Set skip_if_unavailable to true for all media repos (rh#1716067)
+ Only the pkg knows whether it is local or remote (rh#1734350, rh#1717865)
+ Don't use repo's packages as path to local pkgs (rh#1734350, rh#1717865)

Update to version 0.33.0

+ Import subkeys when importing GPG keys (gh#projectatomic/rpm-ostree#1094)
+ [module] Fix swig binding for getModuleDependencies() (rh#1704871)
+ [module] Prevent std::string from nullptr (gh#rpm-software-management/libdnf#717)
+ Reintroduce hawkey.Repo as deprecated class

- Add patch for SLE to temporarily drop support for Module advisories

Update to version 0.31.0

+ Installroot now requires absolute path
+ Support "_none_" value for repo option "proxy" (rh#1680272)
+ Add support for Module advisories
+ Add support for xml:base attribute from primary.xml (rh#1691315)
+ Fix detection of Platform ID for modules (rh#1688462)

Update to version 0.28.1

+ Enhance modular solver to handle enabled and default module streams differently (rh#1648839)
+ Add support of wild cards for modules (rh#1644588)
+ Exclude module pkgs that have conflict
+ Enhance config parser to preserve order of data, and keep comments and format
+ Improve ARM detection
+ Add support for SHA-384
+ Return empty query if incorrect reldep (rh#1687135)
+ ConfigParser: Improve compatibility with Python ConfigParser and dnf-plugin-spacewalk (rh#1692044)
+ ConfigParser: Unify default set of string represenation of boolean values
+ Fix segfault when interrupting dnf process (rh#1610456)

- Switch default reposdir to /etc/dnf/repos.d

Rebase to version 0.24.1

+ Add support for RH/Fedora modules
+ Add plugin support (unstable API)
+ Add zchunk support
+ Migrate from YUMDB to new SWDB
+ Rewrite into C++
- Drop Python 2 bindings

- Refresh patch to fix building against static libsolvext
- Switch to full author identities

- Ensure SUSE kernel packages are recognized properly

Update to version 0.11.1:

+ Make NEVRA parsing stricter
+ Fix segfault with queries if epoch isn't set
+ Improve performance of queries of solvables

Update to version 0.11.0:

+ Improves query performance with 'name' and 'arch' filters.
  Also 'nevra' filter will now handle string with or without
  'epoch'.
+ For Python bindings, it renames 'NEVRA._has_just_name()' to
  'NEVRA.has_just_name()' as it's now implemented in the C API.

- Fix building on openSUSE against static libsolvext

librepo was updated to 1.14.2:

+ Recover from fsync fail on read-only filesystem (rh#1956361)
+ Reduce time to load metadata
+ Fix resource leaks
+ Fix memory leaks

Update to 1.14.0

+ Fix LRO_PRESERVETIME behavior
+ Support multiple checksums in xattr (rh#1931904)
+ Return "calculated" checksum if requested w/caching
+ Fix lr_yum_download_url in case lr_handle is NULL

Update to 1.13.0

+ Fix the key string parsing in url_substitution
+ Fix memory leak in 'fastestmirror'
+ Download whole file when server doesn't support ranges (rh#1886706)
+ Various fixes for mirrors without ranges support and zchunk
+ Add support for pkcs11 certificate and key for repository authorization (rh#1859495)
+ Fix lr_perform() - Avoid 100% CPU usage
+ Drop Python 2 support
+ Add support for working with certificates used with proxy (rh#1920991)

Upgrade to 1.12.1

+ Validate path read from repomd.xml (rh#1868639, CVE-2020-14352)

Upgrade to 1.12.0

+ Prefer mirrorlist/metalink over baseurl (rh#1775184)
+ Decode package URL when using for local filename (rh#1817130)
+ Fix memory leak in lr_download_metadata() and lr_yum_download_remote()
+ Download sources work when at least one of specified is working (rh#1775184)

Upgrade to 1.11.2

+ Fix calling Python API without holding GIL (rh#1788918)
+ Do not unref LrErr_Exception on exit (rh#1778854)
+ Cleanup zchunk-related error messages (rh#1790625)
- Fix typo in changes entry about version update to 1.11.1

Upgrade to 1.11.1

+ Create a directory for gpg sockets in /run/user/ (rh#1769831, rh#1771012)

Upgrade to 1.11.0

+ Define LRO_SUPPORTS_CACHEDIR only with zchunk (rh#1726141)
+ Allow to use mirrors multiple times for a target (rh#1678588)
+ Allow to try baseurl multiple times (rh#1678588)
+ Remove librepo xattr when no file descriptor (rh#1690894)
+ Fix verification of checksum from file attr (rh#1700341)
+ Rephrase repository GPG check error message (rh#1741442)
+ Add sleep when all mirrors were tried (rh#1741931)
+ Raise logging level of error messages (rh#1737709)
+ retry mirrorlist/metalink downloads
+ Fix lr_url_substitute() and add ${variable} support
+ Add support for one-time URL flags
+ Fix API - LrHandleOption enum - LRO_ONETIMEFLAG (rh#1761779)

Upgrade to 1.10.3

+ Exit gpg-agent after repokey import (rh#1650266)
+ Make sure to check next transfer if current zck transfer already exists (rh#1706627)

Upgrade to 1.10.2

+ Fix librepo isn't able to load zchunk files from next server on failure (rh#1706321)

Upgrade to 1.10.1

+ Clean up target->curl_handle rather than target->handle (rh#1694411)
+ Add an option to preserve timestamps of the downloaded files (rh#1688537)
+ Fix fetching repositories supplied by SUSE Customer Center
+ [tests] Wait for server to start instead of doing arbitrary sleep

- Fixed fetching zck-compressed repos (rh#1694411)

Upgrade to 1.9.6

+ Fix progress reporting with zchunk files
+ Reduce download delays by using still_running correctly
+ Improve error handling, cleanup
+ Simplified lr_perform()'s loop to prevent busy wait
+ Require libcurl >= 7.28.0

Upgrade to 1.9.3

+ Replace expat with libxml2
+ Support using python-gpg instead of pygpgme
+ Fix major performance regression with libcurl-7.61.1
+ Add zchunk support
- Fix RPM group and description for Python 3 subpackage
- Drop Python 2 subpackage

- Fix RPM groups. Update descriptions so that librepo0
  (which is going to be installed most of the time) has something
  halfway useful.

Upgrade to 1.8.1

+ Fix memory leaks in Python bindings (gh#rpm-software-management/librepo#83)
+ Fix HTTP header checking to work with proxies (gh#rpm-software-management/librepo#86)
+ Change connection and low-speed default timeouts to sync with DNF/Yum
+ Fix max download speed from repo (rh#1227921)

- Update to 1.7.20



              

Packages


  • libdnf-0.65.0-bp154.2.1
  • librepo-1.14.2-bp154.2.1