Hello community, here is the log from the commit of package gcab for openSUSE:Factory checked in at 2015-03-11 09:58:43 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gcab (Old) and /work/SRC/openSUSE:Factory/.gcab.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gcab" Changes: -------- --- /work/SRC/openSUSE:Factory/gcab/gcab.changes 2015-01-08 23:02:07.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.gcab.new/gcab.changes 2015-03-11 09:58:45.000000000 +0100 @@ -1,0 +2,10 @@ +Mon Mar 9 16:34:49 UTC 2015 - [email protected] + +- Update to version 0.5: + + Fix path traversal: do not escape from output directory. + + Add gcab_cabinet_get_signature(). + + Build warning fixes. + + Updated translations. +- Drop gcab-CVE-2015-0552.patch: fixed upstream. + +------------------------------------------------------------------- Old: ---- gcab-0.4.tar.xz gcab-CVE-2015-0552.patch New: ---- gcab-0.5.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gcab.spec ++++++ --- /var/tmp/diff_new_pack.r5EZlo/_old 2015-03-11 09:58:46.000000000 +0100 +++ /var/tmp/diff_new_pack.r5EZlo/_new 2015-03-11 09:58:46.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package gcab # -# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,15 +17,13 @@ Name: gcab -Version: 0.4 +Version: 0.5 Release: 0 Summary: Cabinet file library and tool License: LGPL-2.1+ Group: Productivity/Archiving/Compression Url: http://ftp.gnome.org/pub/GNOME/sources/gcab -Source: http://ftp.acc.umu.se/pub/GNOME/sources/gcab/0.4/gcab-0.4.tar.xz -# PATCH-FIX-UPSTREAM gcab-CVE-2015-0552.patch boo#911814 bgo#742331 CVE-2015-0552 [email protected] -- Avoid path traversal -Patch0: gcab-CVE-2015-0552.patch +Source: http://ftp.acc.umu.se/pub/GNOME/sources/gcab/0.5/gcab-0.5.tar.xz BuildRequires: gobject-introspection >= 0.9.4 BuildRequires: intltool >= 0.40.0 BuildRequires: vala >= 0.14 @@ -68,7 +66,6 @@ %lang_package %prep %setup -q -%patch0 -p1 %build %configure \ ++++++ gcab-0.4.tar.xz -> gcab-0.5.tar.xz ++++++ ++++ 14500 lines of diff (skipped) -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
