An update labeled “libqt4” appeared as a Security update. YAST kicks out a number of conflicts, with the resolution to update ~840 packages, either via deinstallation or downgrade to inferior (i.e.: i586) architecture. I had previously received a similar though smaller update to an 11.3 32-bit (i586) platform, which remains marked “Taboo, never install”. The more recent appearance on the main 11.4 laptop raises some concerns:
Is this a legitimate update (or one more “oops”) ?
Why is this distributed as a “Security” update ? (As I recall, the orchestrated switch from OpenOffice to LibreOffice was distributed as a “Security” update. Such usage of a Security-related designation diminishes the general significance of the phrase “Security Update”)
I have marked the recent appearance as “Taboo, never install” pending clarification. While all appears to be functioning as usual, I can find little supporting documentation for this update. I am aware of some significant security exposure(s) vis-a-vis “Webkit”, and Firefox via NoScript is in place for browser exposure. Is the exposure more expansive ?
On 10/12/2011 06:56 PM, SeanMc98 wrote:
>
> An update labeled “libqt4” appeared as a Security update. YAST kicks
> out a number of conflicts, with the resolution to update ~840 packages
please show us the terminal output from
zypper lr -d
uname-a
cat /etc/SuSE-release
and tell us what desktop environment and version you are using, and have
you ever installed from any repo with tumbleweed, factory, playground or
unstable in its name?
–
DD Caveat
openSUSE®, the “German Automobiles” of operating systems
On 2011-10-12 18:56, SeanMc98 wrote:
> 2. Why is this distributed as a “Security” update ?
Any update appearing in the “updates” repo is traditionally classified
“security” update.
It might be that you have installed other updates from other repos that
conflict with this one. I’m guessing that there is a vendor change involved
but YOU is not respecting it, so that’s a bug, IMO.
–
Cheers / Saludos,
Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)
The kernel is almost Factory, as is Xorg. Take note that a number of repositories are not enabled.
KDE 4.7 and Gnome 2.32
Tumbleweed, playground or unstable: NO. Factory: often and many (q.v.)
**
New information**:
Recently, while attempting to sort out a failure of the gmail-plasmoid, I installed the python-kde4-devel package. Surprisingly, this resolved the Gmail notifier plasmoid problem. As it turns out, the dependency requirements (apparently) caused:
python-kde4-devel —> python-qt4-devel — libqt4-devel —> libQTWebKit4 (the culprit here)
Manual attempts to delete package libQTWebKit4 results in the same ~840 package update, along with architecture changes to 32-bit. While I caused this myself in pursuit of solving the gmail-plasmoid problem, I inadvertently dragged in quite a bit of unnecessary material. I can only speculate that the dependency trees might have an architecture quirk or two.
Decision:
I will leave this sleeping canine alone, as all is well (except for an odd quirk in LibreOffice+Microsoft Excel VBA). The 32-bit platform experiencing the same libqt4 security update problem was also updated for the gmail-plasmoid problem. The specific libqt4 “Security Update” will remain in “Taboo” state pending the next rebuild(s).
> Decision:
>
> I will leave this sleeping canine alone, as all is well (except for an
> odd quirk in LibreOffice+Microsoft Excel VBA). The 32-bit platform
> experiencing the same -libqt4- security update problem was also updated
> for the -gmail-plasmoid- problem. The specific -libqt4- “Security
> Update” will remain in “Taboo” state pending the next rebuild(s).
i’m happy you came to a decision…
i think it would be possible to return your system to a stable one (like
mine) but i doubt you would be happy with it…it doesn’t crash or
require a lot of experimentation and disaster recovery…