commit velociraptor for openSUSE:Factory

Tue, 20 Aug 2024 07:14:56 -0700 

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package velociraptor for openSUSE:Factory 
checked in at 2024-08-20 16:13:41
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/velociraptor (Old)
 and      /work/SRC/openSUSE:Factory/.velociraptor.new.2698 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "velociraptor"

Tue Aug 20 16:13:41 2024 rev:14 rq:1194777 version:0.7.0.4.git97.675e45f9

Changes:
--------
--- /work/SRC/openSUSE:Factory/velociraptor/velociraptor.changes        
2024-08-13 13:25:11.143100466 +0200
+++ /work/SRC/openSUSE:Factory/.velociraptor.new.2698/velociraptor.changes      
2024-08-20 16:14:12.664192585 +0200
@@ -1,0 +2,8 @@
+Mon Aug 19 20:45:30 UTC 2024 - Antonio Teixeira <antonio.teixe...@suse.com>
+
+- Update node modules with security fixes. 
+  * Fixes CVE-2024-39338 (bsc#1229424)
+  * Remove CVE-2024-28849-follow-redirects-drop-proxy-authorization.patch
+    as the update is included.
+
+-------------------------------------------------------------------

Old:
----
  CVE-2024-28849-follow-redirects-drop-proxy-authorization.patch

BETA DEBUG BEGIN:
  Old:  * Fixes CVE-2024-39338 (bsc#1229424)
  * Remove CVE-2024-28849-follow-redirects-drop-proxy-authorization.patch
    as the update is included.
BETA DEBUG END:

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ velociraptor.spec ++++++
--- /var/tmp/diff_new_pack.zMfFCM/_old  2024-08-20 16:14:14.520268766 +0200
+++ /var/tmp/diff_new_pack.zMfFCM/_new  2024-08-20 16:14:14.520268766 +0200
@@ -100,10 +100,8 @@
 Patch1:         vendor-build-fixes-for-SLE12.patch
 Patch2:         sdjournal-build-fix-for-SLE12.patch
 Patch3:         velociraptor-reproducible-timestamp.diff
-# PATCH-FIX-UPSTREAM 
CVE-2024-28849-follow-redirects-drop-proxy-authorization.patch bsc#1221456 -- 
follow-redirects: Drop Proxy-Athorization across hosts
-Patch4:         CVE-2024-28849-follow-redirects-drop-proxy-authorization.patch
 # PATCH-FIX-UPSTREAM CVE-2022-25883-npm-watch-semver-deps.patch bsc#1212572 -- 
upgrade npm-watch
-Patch5:         CVE-2022-25883-npm-watch-semver-deps.patch
+Patch4:         CVE-2022-25883-npm-watch-semver-deps.patch
 BuildRequires:  fileb0x
 %if 0%{?suse_version}
 BuildRequires:  systemd-rpm-macros
@@ -257,7 +255,6 @@
 %patch -P 2 -p1
 %patch -P 3 -p1
 %patch -P 4 -p1
-%patch -P 5 -p1
 
 # Set the version to something more specific than <next-tag>-dev
 sed -ie "s/\([[:space:]]VERSION *= \).*/\1 \"%{VERSION}\"/" 
constants/constants.go

++++++ package-lock.json ++++++
++++ 1910 lines (skipped)
++++ between /work/SRC/openSUSE:Factory/velociraptor/package-lock.json
++++ and /work/SRC/openSUSE:Factory/.velociraptor.new.2698/package-lock.json

++++++ velociraptor-node_modules.obscpio ++++++
/work/SRC/openSUSE:Factory/velociraptor/velociraptor-node_modules.obscpio 
/work/SRC/openSUSE:Factory/.velociraptor.new.2698/velociraptor-node_modules.obscpio
 differ: char 15312, line 74

++++++ velociraptor-nodejs.spec.inc ++++++
++++ 1750 lines (skipped)
++++ between 
/work/SRC/openSUSE:Factory/velociraptor/velociraptor-nodejs.spec.inc
++++ and 
/work/SRC/openSUSE:Factory/.velociraptor.new.2698/velociraptor-nodejs.spec.inc

Reply via email to