Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package traefik2 for openSUSE:Factory checked in at 2026-02-03 21:30:05 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/traefik2 (Old) and /work/SRC/openSUSE:Factory/.traefik2.new.1995 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "traefik2" Tue Feb 3 21:30:05 2026 rev:15 rq:1330512 version:2.11.35 Changes: -------- --- /work/SRC/openSUSE:Factory/traefik2/traefik2.changes 2025-11-14 16:24:07.032536834 +0100 +++ /work/SRC/openSUSE:Factory/.traefik2.new.1995/traefik2.changes 2026-02-03 21:31:23.652390987 +0100 @@ -1,0 +2,41 @@ +Sat Jan 31 13:14:32 UTC 2026 - Johannes Weberhofer <[email protected]> + +- Version 1.11.35 +Breaking change: +As explained in the comment left on the CVE-2025-66490 fix, this new hotfix +version makes the behavior opt-in. As a result, this release is breaking +compared to the previous hotfix versions since v3.6.4, but it restores by +default the behavior that existed before that hotfix. Please, read the +migration guide to enable the feature. boo#1254879 + + CVE fixed: + CVE-2026-22045 (Advisory GHSA-cwjm-3f7h-9hwqj) boo#1256815 + + Bug fixes: + * acme + - Add timeout to ACME-TLS/1 challenge handshake + * server + - Make encoded character options opt-in + + +- Version 1.11.34 + * server + - Fix deny encoded characters + +- Version 1.11.33 + * server + - Print access logs for rejected requests and warn about new behavior + +- Version 1.11.32 + CVE's fixed: + CVE-2025-66490 (Advisory GHSA-gm3x-23wp-hc2c) boo#1254879 + + * http3 + - Bump github.com/quic-go/quic-go to v0.57.1 + * plugins + - Validate plugin module name + * server + - Bump golang.org/x/crypto to v0.45.0 VUL-0: CVE-2025-58181 boo#1253793 + - Reject suspicious encoded characters + +------------------------------------------------------------------- @@ -48,0 +90 @@ + Fixes CVE-2025-54386 and boo#1247524 Old: ---- traefik-v2.11.31.src.tar.gz New: ---- traefik-v2.11.35.src.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ traefik2.spec ++++++ --- /var/tmp/diff_new_pack.6zPS0N/_old 2026-02-03 21:31:24.848441215 +0100 +++ /var/tmp/diff_new_pack.6zPS0N/_new 2026-02-03 21:31:24.852441382 +0100 @@ -1,7 +1,7 @@ # # spec file for package traefik2 # -# Copyright (c) 2025 SUSE LLC and contributors +# Copyright (c) 2026 SUSE LLC and contributors # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -23,7 +23,7 @@ %define buildmode pie %endif Name: traefik2 -Version: 2.11.31 +Version: 2.11.35 Release: 0 Summary: The Cloud Native Application Proxy License: MIT ++++++ traefik-v2.11.31.src.tar.gz -> traefik-v2.11.35.src.tar.gz ++++++ /work/SRC/openSUSE:Factory/traefik2/traefik-v2.11.31.src.tar.gz /work/SRC/openSUSE:Factory/.traefik2.new.1995/traefik-v2.11.35.src.tar.gz differ: char 19, line 1 ++++++ vendor.tar.gz ++++++ /work/SRC/openSUSE:Factory/traefik2/vendor.tar.gz /work/SRC/openSUSE:Factory/.traefik2.new.1995/vendor.tar.gz differ: char 117, line 1
