Hello, here a new version of ytnef version fixing CVE-2021-3403 and CVE-2021-3404 src: - ytnef-2.0-1.mga8 links: https://github.com/Yeraze/ytnef/releases
Assignee: bugsquad => qa-bugs
Component: RPM Packages => SecurityQA Contact: (none) => security
Summary: New ytnef version fixing CVE-2021-3403 and CVE-2021-3404 => ytnef new security issues CVE-2021-3403 and CVE-2021-3404
Sorry, the following package cannot be selected: - ytnef-2.0-1.mga8.x86_64 (due to unsatisfied lib64ytnef0[== 1:2.0])
CC: (none) => herman.viaene
Herman ... http://mirror.math.princeton.edu/pub/mageia/distrib/8/x86_64/media/core/updates_testing/lib64ytnef0-2.0-1.mga8.x86_64.rpm # urpmi --test ytnef http://mirror.math.princeton.edu/pub/mageia/distrib/8/x86_64/media/core/updates_testing/ytnef-2.0-1.mga8.x86_64.rpm installing ytnef-2.0-1.mga8.x86_64.rpm from /var/cache/urpmi/rpms Preparing... ############################################################################################################################################################################### Installation is possible [root@x3 ~]# rpm -qa|grep ytnef lib64ytnef0-2.0-1.mga8 # urpmq --whatrequires lib64ytnef0 |sort -u evolution geary lib64ytnef0 lib64ytnef-devel ytnef Looks like I have it installed for evolution.
CC: (none) => davidwhodgins
# urpmi --test ytnef A requested package cannot be installed: ytnef-2.0-1.mga8.x86_64 (due to unsatisfied lib64ytnef0[== 1:2.0])
Herman what do you have shown for "urpmq --list-media active"? # urpmi --test ytnef To satisfy dependencies, the following packages are going to be installed: (test only, installation will not be actually done) Package Version Release Arch (medium "Core Updates Testing (distrib5)") lib64ytnef0 2.0 1.mga8 x86_64 ytnef 2.0 1.mga8 x86_64 171KB of additional disk space will be used. 62KB of packages will be retrieved. Proceed with the installation of the 2 packages? (Y/n) http://mirror.math.princeton.edu/pub/mageia/distrib/8/x86_64/media/core/updates_testing/lib64ytnef0-2.0-1.mga8.x86_64.rpm installing ytnef-2.0-1.mga8.x86_64.rpm lib64ytnef0-2.0-1.mga8.x86_64.rpm from /var/cache/urpmi/rpms Preparing... ############################################################################################################################################################################### Installation is possible
# urpmq --list-media active QA Testing (64-bit) Core Release (distrib1) Core Updates (distrib3) Nonfree Release (distrib11) Nonfree Updates (distrib13) Tainted Release (distrib21) Tainted Updates (distrib23) The first one is my QARepo folder
Your QA Testing repo is missing lib64ytnef0.
That I know, but this package isn't listed anywhere in the Description.
Indeed, no package list was posted. x86_64: lib64ytnef-devel-2.0-1.mga8 lib64ytnef0-2.0-1.mga8 ytnef-2.0-1.mga8 i586: libytnef-devel-2.0-1.mga8 libytnef0-2.0-1.mga8 ytnef-2.0-1.mga8 from ytnef-2.0-1.mga8.src.rpm Not sure why madb couldn't generate it either.
Source RPM: ytnef-2.0-1.mga8 => ytnef-1.9.3-2.mga8.src.rpm
MGA8-64 Plasma on Acer Aspire 5253 No installation issues Ref bug 20893 for testing, so installed evolution and used it to send to/receive from hotmail account. $ strace evolution 2>&1 | grep ytnef openat(AT_FDCWD, "/usr/lib64/evolution/libytnef.so.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "/lib64/libytnef.so.0", O_RDONLY|O_CLOEXEC) = 18 All worked OK.
Whiteboard: (none) => MGA8-64-OK
@David Walser: I have seen other times over the last couple of years or so when madb's rpm list either was blank or was incomplete. Glad we go this one straightened out, anyway. Validating.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0316.html
Status: NEW => RESOLVEDResolution: (none) => FIXED