Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package mbedtls for openSUSE:Factory checked
in at 2024-10-21 16:25:38
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/mbedtls (Old)
and /work/SRC/openSUSE:Factory/.mbedtls.new.26871 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "mbedtls"
Mon Oct 21 16:25:38 2024 rev:47 rq:1211119 version:3.6.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/mbedtls/mbedtls.changes 2024-09-09
14:44:56.707950104 +0200
+++ /work/SRC/openSUSE:Factory/.mbedtls.new.26871/mbedtls.changes
2024-10-21 16:25:47.247913656 +0200
@@ -1,0 +2,8 @@
+Thu Oct 17 09:38:18 UTC 2024 - Pedro Monreal <pmonr...@suse.com>
+
+- Update to version 3.6.2: [bsc#1231708, CVE-2024-49195]
+ * test_suite_pkwrite: extend coverage of wrong output buffer
+ sizes in pk_write_check_common()
+ * pkwrite: fix buffer overrun
+
+-------------------------------------------------------------------
Old:
----
mbedtls-3.6.1.obscpio
New:
----
mbedtls-3.6.2.obscpio
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ mbedtls.spec ++++++
--- /var/tmp/diff_new_pack.sHeaZz/_old 2024-10-21 16:25:48.195953215 +0200
+++ /var/tmp/diff_new_pack.sHeaZz/_new 2024-10-21 16:25:48.195953215 +0200
@@ -22,7 +22,7 @@
%define lib_everest libeverest
%define lib_p256m libp256m
Name: mbedtls
-Version: 3.6.1
+Version: 3.6.2
Release: 0
Summary: Libraries for crypto and SSL/TLS protocols
License: Apache-2.0 OR GPL-2.0-or-later
++++++ _service ++++++
--- /var/tmp/diff_new_pack.sHeaZz/_old 2024-10-21 16:25:48.227954551 +0200
+++ /var/tmp/diff_new_pack.sHeaZz/_new 2024-10-21 16:25:48.235954884 +0200
@@ -1,11 +1,11 @@
<services>
<service name="obs_scm" mode="manual">
- <param name="versionformat">3.6.1</param>
+ <param name="versionformat">3.6.2</param>
<param name="url">https://github.com/Mbed-TLS/mbedtls.git</param>
<param name="scm">git</param>
<param name="changesgenerate">enable</param>
<param name="exclude">.*</param>
- <param name="revision">refs/tags/v3.6.1</param>
+ <param name="revision">refs/tags/v3.6.2</param>
</service>
<service name="tar" mode="buildtime"/>
<service name="recompress" mode="buildtime">
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.sHeaZz/_old 2024-10-21 16:25:48.267956220 +0200
+++ /var/tmp/diff_new_pack.sHeaZz/_new 2024-10-21 16:25:48.271956387 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://github.com/Mbed-TLS/mbedtls.git</param>
- <param
name="changesrevision">71c569d44bf3a8bd53d874c81ee8ac644dd6e9e3</param></service></servicedata>
+ <param
name="changesrevision">107ea89daaefb9867ea9121002fbbdf926780e98</param></service></servicedata>
(No newline at EOF)
++++++ mbedtls-3.6.1.obscpio -> mbedtls-3.6.2.obscpio ++++++
/work/SRC/openSUSE:Factory/mbedtls/mbedtls-3.6.1.obscpio
/work/SRC/openSUSE:Factory/.mbedtls.new.26871/mbedtls-3.6.2.obscpio differ:
char 48, line 1
++++++ mbedtls.obsinfo ++++++
--- /var/tmp/diff_new_pack.sHeaZz/_old 2024-10-21 16:25:48.351959725 +0200
+++ /var/tmp/diff_new_pack.sHeaZz/_new 2024-10-21 16:25:48.355959892 +0200
@@ -1,5 +1,5 @@
name: mbedtls
-version: 3.6.1
-mtime: 1725009114
-commit: 71c569d44bf3a8bd53d874c81ee8ac644dd6e9e3
+version: 3.6.2
+mtime: 1728898458
+commit: 107ea89daaefb9867ea9121002fbbdf926780e98
