Bugzilla – Bug 1214093
openSUSE-SLE-15.4-2023-3233 fails to install due to missing libwebkit2gtk3 = 2.40.5
Last modified: 2024-06-03 21:20:30 UTC
bor@10:~> sudo zypper patch [sudo] password for root: Loading repository data... Reading installed packages... Patch 'openSUSE-SLE-15.4-2023-3146-1' is optional. Use 'zypper in patch:openSUSE-SLE-15.4-2023-3146' to install it, or '--with-optional' to include all optional patches. Resolving package dependencies... Problem: nothing provides 'libwebkit2gtk3 = 2.40.5' needed by the to be installed libwebkit2gtk3-lang-2.40.5-150200.78.1.noarch Solution 1: deinstallation of libwebkit2gtk3-lang-2.38.6-150200.75.2.noarch Solution 2: do not install patch:openSUSE-SLE-15.4-2023-3233-1.noarch Solution 3: break libwebkit2gtk3-lang-2.40.5-150200.78.1.noarch by ignoring some of its dependencies Choose from above solutions by number or cancel [1/2/3/c/d/?] (c): Normally libwebkit2gtk3 is provided by bor@10:~> zypper se --provides -x 'libwebkit2gtk3' Loading repository data... Reading installed packages... S | Name | Summary | Type --+----------------------+---------------------------------------------+-------- i | libwebkit2gtk-4_0-37 | Library for rendering web content, GTK+ P-> | package | libwebkit2gtk-4_1-0 | Library for rendering web content, GTK+ P-> | package bor@10:~>
Michael can you add to SUSE:SLE-15-SP4:Update webkit2gtk3 where you have Obsoletes: libwebkit2gtk3-lang < %{version} also Provides: libwebkit2gtk3-lang = %{version} to allow proper transitiuon for migrated systems?
Created attachment 869021 [details] Output from Yast2 Software Updates Probably similar to the data above but looks different.
can you resubmit the fix, it was broken due to a release of the earlier security fix?
oh, and we also need this for the other lang package. as you renamed it in %package -n WebKitGTK-%{_apiver}-lang Provides: WebKit2GTK-%{_apiver}-lang = %version Obsoletes: WebKit2GTK-%{_apiver}-lang < %version
*** Bug 1214901 has been marked as a duplicate of this bug. ***
SUSE-SU-2023:3556-1: An update that solves two vulnerabilities and has two security fixes can now be installed. Category: security (important) Bug References: 1213379, 1213581, 1213905, 1214093 CVE References: CVE-2023-32393, CVE-2023-37450 Sources used: openSUSE Leap 15.4 (src): webkit2gtk3-soup2-2.40.5-150400.4.48.1, webkit2gtk3-2.40.5-150400.4.48.1, webkit2gtk4-2.40.5-150400.4.48.1 openSUSE Leap 15.5 (src): webkit2gtk3-soup2-2.40.5-150400.4.48.1, webkit2gtk3-2.40.5-150400.4.48.1, webkit2gtk4-2.40.5-150400.4.48.1 Basesystem Module 15-SP4 (src): webkit2gtk3-soup2-2.40.5-150400.4.48.1 Basesystem Module 15-SP5 (src): webkit2gtk3-soup2-2.40.5-150400.4.48.1 Desktop Applications Module 15-SP4 (src): webkit2gtk3-2.40.5-150400.4.48.1 Desktop Applications Module 15-SP5 (src): webkit2gtk3-2.40.5-150400.4.48.1 Development Tools Module 15-SP4 (src): webkit2gtk4-2.40.5-150400.4.48.1 Development Tools Module 15-SP5 (src): webkit2gtk4-2.40.5-150400.4.48.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
The update released yesterday doesn't seem to fully address the dependency issue. When I updated my system this morning, the following packages got installed: webkit2gtk-4_1-injected-bundles-2.40.5-150400.4.48.1.x86_64 libwebkit2gtk-4_0-37-2.40.5-150400.4.48.1.x86_64 webkit2gtk-4_0-injected-bundles-2.40.5-150400.4.48.1.x86_64 WebKitGTK-4.0-lang-2.40.5-150400.4.48.1.noarch However, the following 2 packages are still listed as available updates which can't be installed: libwebkit2gtk-4_1-0-2.40.5-150400.4.48.1.x86_64 libjavascriptcoregtk-4_1-0-2.40.5-150400.4.48.1.x86_64 I'll attach the output from zypper up.
Created attachment 869403 [details] Error output from zypper up
I suppose I could fix it up manually by removing WebKit2GTK-4.1-lang-2.38.6-150400.4.42.4 before the update, and installing WebKitGTK-4.1-lang-2.40.5-150400.4.48.1 manually afterwards. However I think this should happen automatically and not require manual intervention from the user.
(In reply to Jean Delvare from comment #11) > I suppose I could fix it up manually by removing > WebKit2GTK-4.1-lang-2.38.6-150400.4.42.4 before the update, and installing > WebKitGTK-4.1-lang-2.40.5-150400.4.48.1 manually afterwards. However I think > this should happen automatically and not require manual intervention from > the user. Yes it was Solution 1 to deinstall WebKit2GTK-4.1-lang-2.38.6-150400.4.42.4
I've had a similar situation with LEAP 15.4. Output of zypper patch was <snippet> sudo zypper patch Loading repository data... Reading installed packages... Patch 'openSUSE-SLE-15.4-2023-775-1' is optional. Use 'zypper in patch:openSUSE-SLE-15.4-2023-775' to install it, or '--with-optional' to include all optional patches. Resolving package dependencies... Problem: the installed WebKit2GTK-4.1-lang-2.38.6-150400.4.42.4.noarch requires 'WebKit2GTK-4.1 = 2.38.6', but this requirement cannot be provided not installable providers: libwebkit2gtk-4_1-0-2.36.0-150400.2.13.x86_64[repo-oss] libwebkit2gtk-4_1-0-2.36.3-150400.4.3.1.x86_64[repo-sle-update] libwebkit2gtk-4_1-0-2.36.4-150400.4.6.2.x86_64[repo-sle-update] libwebkit2gtk-4_1-0-2.36.5-150400.4.9.1.x86_64[repo-sle-update] libwebkit2gtk-4_1-0-2.36.7-150400.4.12.1.x86_64[repo-sle-update] libwebkit2gtk-4_1-0-2.36.8-150400.4.15.1.x86_64[repo-sle-update] libwebkit2gtk-4_1-0-2.38.2-150400.4.22.1.x86_64[repo-sle-update] libwebkit2gtk-4_1-0-2.38.3-150400.4.25.1.x86_64[repo-sle-update] libwebkit2gtk-4_1-0-2.38.5-150400.4.34.2.x86_64[repo-sle-update] libwebkit2gtk-4_1-0-2.38.6-150400.4.39.1.x86_64[repo-sle-update] Solution 1: Following actions will be done: do not install patch:openSUSE-SLE-15.4-2023-3419-1.noarch do not install patch:openSUSE-SLE-15.4-2023-3556-1.noarch Solution 2: deinstallation of WebKit2GTK-4.1-lang-2.38.6-150400.4.42.4.noarch Solution 3: break WebKit2GTK-4.1-lang-2.38.6-150400.4.42.4.noarch by ignoring some of its dependencies </snippet> I then chose suggested solution #2 which did work, complete log is attached.
Created attachment 869404 [details] Log of zypper patch with chosen solution #2.
My point is that this isn't an acceptable solution. While zypper will offer options to workaround the problem, gpk-update-viewer won't and will simply fail to install the update.
Sure, I fully agree. Failing gpk-update-viewer made me find this bug.
ok currently it looks like this: # Expand %%lang_package to Obsoletes its older-name counterpart %if "%{flavor}" == "gtk3-soup2" %package -n WebKitGTK-%{_apiver}-lang Summary: Translations for package %{name} Group: System/Localization Requires: WebKitGTK-%{_apiver} = %{version} Provides: WebKitGTK-%{_apiver}-lang-all = %{version} Obsoletes: libwebkit2gtk3-lang < %{version} Provides: libwebkit2gtk3-lang < %{version} Provides: WebKit2GTK-%{_apiver}-lang = %version Obsoletes: WebKit2GTK-%{_apiver}-lang < %version BuildArch: noarch %description -n WebKitGTK-%{_apiver}-lang Provides translations for the "%{name}" package. %else %lang_package -n WebKitGTK-%{_apiver} %endif But there also needs to be Provides: WebKit2GTK-%{_apiver}-lang = %version Obsoletes: WebKit2GTK-%{_apiver}-lang < %version in the %else section for the other flavors, not sure how to put this into the %lang_package macro.
Would it be enough to just remove the %if and manually create the lang package everywhere? I'm trying a build now with that change.
Oh, I see that the change I suggested is already in GNOME:Next.
*** Bug 1215210 has been marked as a duplicate of this bug. ***
I submitted a request to SUSE:SLE-15-SP4:Update 9 days ago to fix this is issue. However, either requests to SUSE:SLE* in OBS don't get mirrored anymore to IBS or the maintenance process changed and no one updated the Wiki.
This is an autogenerated message for OBS integration: This bug (1214093) was mentioned in https://build.opensuse.org/request/show/1110882 Factory / webkit2gtk3
SUSE-SU-2023:3753-1: An update that solves 10 vulnerabilities can now be installed. Category: security (important) Bug References: 1213379, 1213581, 1213905, 1214093, 1214640, 1214835, 1215072, 1215230 CVE References: CVE-2023-28198, CVE-2023-32370, CVE-2023-37450, CVE-2023-38594, CVE-2023-38595, CVE-2023-38597, CVE-2023-38599, CVE-2023-38600, CVE-2023-38611, CVE-2023-40397 Sources used: Development Tools Module 15-SP5 (src): webkit2gtk4-2.40.5-150400.4.51.1 openSUSE Leap 15.4 (src): webkit2gtk3-soup2-2.40.5-150400.4.51.1, webkit2gtk3-2.40.5-150400.4.51.1, webkit2gtk4-2.40.5-150400.4.51.1 openSUSE Leap 15.5 (src): webkit2gtk3-soup2-2.40.5-150400.4.51.1, webkit2gtk3-2.40.5-150400.4.51.1, webkit2gtk4-2.40.5-150400.4.51.1 Basesystem Module 15-SP4 (src): webkit2gtk3-soup2-2.40.5-150400.4.51.1 Basesystem Module 15-SP5 (src): webkit2gtk3-soup2-2.40.5-150400.4.51.1 Desktop Applications Module 15-SP4 (src): webkit2gtk3-2.40.5-150400.4.51.1 Desktop Applications Module 15-SP5 (src): webkit2gtk3-2.40.5-150400.4.51.1 Development Tools Module 15-SP4 (src): webkit2gtk4-2.40.5-150400.4.51.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Finally fixed, thank you!
SUSE-SU-2023:4294-1: An update that solves six vulnerabilities and has five security fixes can now be installed. Category: security (important) Bug References: 1214093, 1214640, 1214835, 1215072, 1215661, 1215866, 1215867, 1215868, 1215869, 1215870, 1216483 CVE References: CVE-2023-35074, CVE-2023-39434, CVE-2023-39928, CVE-2023-40451, CVE-2023-41074, CVE-2023-41993 Sources used: openSUSE Leap 15.4 (src): webkit2gtk3-soup2-2.42.1-150400.4.57.2, webkit2gtk3-2.42.1-150400.4.57.2, webkit2gtk4-2.42.1-150400.4.57.3 openSUSE Leap 15.5 (src): webkit2gtk3-soup2-2.42.1-150400.4.57.2, webkit2gtk3-2.42.1-150400.4.57.2, webkit2gtk4-2.42.1-150400.4.57.3 Basesystem Module 15-SP4 (src): webkit2gtk3-soup2-2.42.1-150400.4.57.2 Basesystem Module 15-SP5 (src): webkit2gtk3-soup2-2.42.1-150400.4.57.2 Desktop Applications Module 15-SP4 (src): webkit2gtk3-2.42.1-150400.4.57.2 Desktop Applications Module 15-SP5 (src): webkit2gtk3-2.42.1-150400.4.57.2 Development Tools Module 15-SP4 (src): webkit2gtk4-2.42.1-150400.4.57.3 Development Tools Module 15-SP5 (src): webkit2gtk4-2.42.1-150400.4.57.3 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.