Zypper dup: openh264 problem, packages listed but not found

VariableStar · March 7, 2025, 11:28am

zypper ref gets updates for the openh264 repo, zypper dup says that there are 2 new packages, but installing then fails on files missing.

Anyone else observing this?

# zypper dup
Refreshing service 'NVIDIA'.
Refreshing service 'openSUSE'.
Loading repository data...
Reading installed packages...
Warning: You are about to do a distribution upgrade with all enabled repositories. Make sure these repositories are compatible before you continue. See 'man zypper' for more information about this command.
Computing distribution upgrade...

The following 2 packages are going to be upgraded:
  libopenh264-7 mozilla-openh264

2 packages to upgrade.

Package download size:   911.3 KiB

Package install size change:
            |       2.7 MiB  required by packages that will be installed
     216 B  |  -    2.7 MiB  released by packages that will be removed

Backend:  classic_rpmtrans
Continue? [y/n/v/...? shows all options] (y): 
Preloading: libopenh264-7-2.3.1-2.suse1699.100.x86_64.rpm [not found]
Preloading: mozilla-openh264-2.3.1-2.suse1699.100.x86_64.rpm [not found]
Preload finished. [files missing] ................................................................................[done]
Installation has completed with error.
There are running programs which still use files and libraries deleted or updated by recent upgrades. They should be restarted to benefit from the latest updates. Run 'zypper ps -s' to list these programs.

FabrizioT · March 7, 2025, 11:48am

Yep, same here.

ajgp · March 7, 2025, 12:33pm

Yep I have the same, 3 packages cant be located

/x86_64/libopenh264-7-2.3.1-2.suse1699.100.x86_64.rpm
/x86_64/mozilla-openh264-2.3.1-2.suse1699.100.x86_64.rpm
/x86_64/gstreamer-plugin-openh264-1.24.12-1.suse1699.2.x86_64.rpm

all from the following repo Index of /openh264/openSUSE_Tumbleweed

Its not a network issue as when I navigate on the web to that repo, I cant download any of those three packages manually, but there are others that do download manually fine.

Sauerland · March 7, 2025, 12:34pm

Disable that Repo temporarily…

malcolmlewis · March 7, 2025, 12:50pm

The redirect to <http://ciscobinary.openh264.org/ > seems to be broken…

thatghostkid64 · March 7, 2025, 1:54pm

About how long until the redirect gets fixed, I’m in no rush just curious about the normal fix time for issues like this/

hui · March 7, 2025, 1:56pm

It depends….

malcolmlewis · March 7, 2025, 2:17pm

@thatghostkid64 and all, I’ve asked the Heroes Team to see whom takes care of this.

malcolmlewis · March 7, 2025, 3:10pm

Hi All

Lubos Kocman
8:48 AM I did talk to Adrian, and made a request for autobuild@ however, I’m not sure if they’ll be able to fix it today
8:49 AM Generally they’re able to replace binaries, and we do have a backup since I did make an archive with openSUSE signed rpms for Cisco.

So a fix on the way…

malcolmlewis · March 7, 2025, 3:28pm

Another update

Lubos Kocman
9:23 AM Rudi is looking into the request, so the openh264 should be fixed soon.

malcolmlewis · March 7, 2025, 4:42pm

Hi All
Should be all fixed now.

knurpht · March 7, 2025, 4:46pm

Confirmed, just dupped without issues

pavinjoseph · March 8, 2025, 4:05am

Thanks everyone for the quick fix

But the redirect to cisco still downgrades from https to http, so curl/zypper was throwing an error . I had to disable https for the openh264 repo to get it to work

magmasys · March 8, 2025, 9:00am

Still getting a 404 on https://codecs.opensuse.org/openh264/openSUSE_Leap/x86_64/gstreamer-plugin-openh264-1.24.12-1.suse1600.1.x86_64.rpm

hui · March 8, 2025, 9:03am

There seems to be still an issue with this single Leap package. Tumbleweed ones and the rest of Leap packages work…

MoonyGar · March 8, 2025, 2:50pm

Good morning. Can confirm LEAP still has some broken but I am glad to read that the team and community are already aware. Thanks everyone for handling and taking this on.

The following 2 package updates will NOT be installed:
  libopenh264-7 mozilla-openh264

What I am rocking atm.

NAME="openSUSE Leap"
VERSION="15.5"
ID="opensuse-leap"
ID_LIKE="suse opensuse"
VERSION_ID="15.5"

fkrueger · March 9, 2025, 6:16am

JFYI: According to OpenH264 Decoding Functions Heap Overflow Vulnerability · Advisory · cisco/openh264 · GitHub there is a vulnerability in openH264 version <=2.5.0, which is fixed in 2.6.0. The above-mentioned repo still has version 2.3.1 (see also 1237468 – (CVE-2025-27091) VUL-0: CVE-2025-27091: openh264: decoding functions of OpenH264 codec library could allow a remote, unauthenticated attacker to trigger a heap overflow)

LenE · March 10, 2025, 4:17am

I’ve just encountered the fact that this problem prevents the installation
of Leap15.6-Net successfully when selecting the generic desktop in order
to install the LXDE desktop.

After the basic installation and rebooting to the Openbox interface
and then with Yast selecting the LXDE desktop, the package installation
is abruptly terminated with the diagnostic,
“http://codecs.opensuse.org/openh264/OpenSUSE_Leap?mediahandler=
curl2 repo-open264(15.6) (Medium1) not found”.

Selecting the skip option to the error message generates a lengthy list of
packages that would be deleted if proceeded with, and therefore is not a
viable option.

Len E.

fkrueger · March 10, 2025, 6:35pm

Could you please add your experience to the following bug report? 1239135 – gstreamer-plugin-openh264 not found. Thx.

knurpht · March 10, 2025, 7:03pm

This is already being worked on.