commit traefik2 for openSUSE:Factory

Source-Sync Wed, 06 Aug 2025 05:35:28 -0700

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package traefik2 for openSUSE:Factory 
checked in at 2025-08-06 14:33:04
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/traefik2 (Old)
 and      /work/SRC/openSUSE:Factory/.traefik2.new.1085 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "traefik2"

Wed Aug  6 14:33:04 2025 rev:11 rq:1297690 version:2.11.28

Changes:
--------
--- /work/SRC/openSUSE:Factory/traefik2/traefik2.changes        2025-06-27 
23:08:48.447895362 +0200
+++ /work/SRC/openSUSE:Factory/.traefik2.new.1085/traefik2.changes      
2025-08-06 14:33:44.021143742 +0200
@@ -1,0 +2,23 @@
+Tue Jul 29 09:59:25 UTC 2025 - Johannes Weberhofer <jweberho...@weberhofer.at>
+
+- Synchronized changelog with boo tickets and cve entries
+
+-------------------------------------------------------------------
+Fri Jul 25 05:45:58 UTC 2025 - Johannes Weberhofer <jweberho...@weberhofer.at>
+
+- Version 2.11.28
+  * logs
+    - Redact logged install configuration (gh#traefik/traefik#11907 by jspdown)
+  * plugins
+    - Fix client arbitrary file access during archive extraction zipslip 
(gh#traefik/traefik#11911 by odaysec)
+  * server
+    - Disable MPTCP by default (gh#traefik/traefik#11918 by rtribotte)
+
+-------------------------------------------------------------------
+Tue Jul 22 13:38:51 UTC 2025 - Johannes Weberhofer <jweberho...@weberhofer.at>
+
+- Disabled MPTCP which caused issues (see gh#traefik/traefik#11869)
+
+- Version 2.11.27
+
+-------------------------------------------------------------------
@@ -40,2 +62,0 @@
-  * Fix for boo#1239233 CVE-2025-22868
-
@@ -52 +73,3 @@
-      fix for boo#1241731 CVE-2025-22872
+      Fix for boo#1241731 and boo#1241733: CVE-2025-22872
+    - Bump golang.org/x/oauth2 to v0.28.0
+      Fix for boo#1239228 CVE-2025-22868
@@ -55 +77,0 @@
-  * fix for boo#1239383 CVE-2025-22869
@@ -64 +86,5 @@
-      fix boo#1237636 CVE-2025-27144
+      fix boo#1237621 CVE-2025-27144
+    - Bump github.com/golang-jwt/jwt to v4.5.2
+      fix boo#1240454 CVE-2025-30204
+    - Bump x/crypto to v0.35.0
+      fix for boo#1239383 CVE-2025-22869, boo#1239363 CVE-2025-22869
@@ -104,2 +130,2 @@
-  Bump golang.org/x/net to v0.33.0 (gh#traefik/traefik#11365) 
-  mentioned in boo#1235270 CVE-2024-45338
+  - Bump golang.org/x/net to v0.33.0 (gh#traefik/traefik#11365) 
+    mentioned in boo#1235256 CVE-2024-45338
@@ -124 +150 @@
-- Update to version 2.11.4
+- Update to version 2.11.14

Old:
----
  traefik-v2.11.26.src.tar.gz

New:
----
  traefik-v2.11.28.src.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ traefik2.spec ++++++
--- /var/tmp/diff_new_pack.E1iwER/_old  2025-08-06 14:33:45.661212405 +0200
+++ /var/tmp/diff_new_pack.E1iwER/_new  2025-08-06 14:33:45.661212405 +0200
@@ -23,7 +23,7 @@
 %define buildmode pie
 %endif
 Name:           traefik2
-Version:        2.11.26
+Version:        2.11.28
 Release:        0
 Summary:        The Cloud Native Application Proxy
 License:        MIT

++++++ traefik-v2.11.26.src.tar.gz -> traefik-v2.11.28.src.tar.gz ++++++
/work/SRC/openSUSE:Factory/traefik2/traefik-v2.11.26.src.tar.gz 
/work/SRC/openSUSE:Factory/.traefik2.new.1085/traefik-v2.11.28.src.tar.gz 
differ: char 13, line 1

++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/traefik2/vendor.tar.gz 
/work/SRC/openSUSE:Factory/.traefik2.new.1085/vendor.tar.gz differ: char 116, 
line 3

commit traefik2 for openSUSE:Factory

Reply via email to