Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package traefik for openSUSE:Factory checked in at 2026-02-17 16:45:43 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/traefik (Old) and /work/SRC/openSUSE:Factory/.traefik.new.1977 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "traefik" Tue Feb 17 16:45:43 2026 rev:46 rq:1333375 version:3.6.8 Changes: -------- --- /work/SRC/openSUSE:Factory/traefik/traefik.changes 2026-02-03 21:31:25.808481532 +0100 +++ /work/SRC/openSUSE:Factory/.traefik.new.1977/traefik.changes 2026-02-17 16:46:14.268640290 +0100 @@ -1,0 +2,35 @@ +Mon Feb 16 10:56:51 UTC 2026 - Johannes Weberhofer <[email protected]> + +Updated permissions for /var/lib/traefik to 0775 with owner root:traefik + +CVE fixed: + * CVE-2026-25949 (Advisory GHSA-89p3-4642-cr2w), boo#1258162 + Denial of Service via stalled STARTTLS requests + +Version 3.6.8 +- Bug fixes: + * acme + - Alter TLS renewal period + - Remove invalid private key in log + * healthcheck + - Reject absolute URL in healthcheck path configuration + - Validate healthcheck path configuration + * http3 + - Bump github.com/quic-go/quic-go to v0.59.0 + * metrics,tracing,accesslogs + - Fix ObservabilityConfig SetDefaults + * server + - Remove conn deadline after STARTTLS negociation + * service + - Avoid recursion with services + * tls + - Fix verifyServerCertMatchesURI function behavior + * tls, server + - Cap TLS record length to RFC 8446 limit in ClientHello peeking + * tracing,otel + - Use ParentBased sampler to respect parent span sampling decision + * webui + - Bump dependencies of documentation and webui + - Use url.Parse to validate X-Forwarded-Prefix value + +------------------------------------------------------------------- Old: ---- traefik-v3.6.7.src.tar.gz New: ---- traefik-v3.6.8.src.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ traefik.spec ++++++ --- /var/tmp/diff_new_pack.JhMXch/_old 2026-02-17 16:46:17.148760457 +0100 +++ /var/tmp/diff_new_pack.JhMXch/_new 2026-02-17 16:46:17.152760624 +0100 @@ -23,7 +23,7 @@ %define buildmode pie %endif Name: traefik -Version: 3.6.7 +Version: 3.6.8 Release: 0 Summary: The Cloud Native Application Proxy License: MIT @@ -153,6 +153,8 @@ %config(noreplace) %{_localstatedir}/lib/%{name}/acme.json %defattr(0644, root, root, 0755) -%dir %{_localstatedir}/log/%{name} %config(noreplace) %{_sysconfdir}/logrotate.d/traefik +%defattr(0664, root, traefik, 0775) +%dir %{_localstatedir}/log/%{name} + ++++++ traefik-v3.6.7.src.tar.gz -> traefik-v3.6.8.src.tar.gz ++++++ /work/SRC/openSUSE:Factory/traefik/traefik-v3.6.7.src.tar.gz /work/SRC/openSUSE:Factory/.traefik.new.1977/traefik-v3.6.8.src.tar.gz differ: char 28, line 2 ++++++ vendor.tar.gz ++++++ /work/SRC/openSUSE:Factory/traefik/vendor.tar.gz /work/SRC/openSUSE:Factory/.traefik.new.1977/vendor.tar.gz differ: char 13, line 1
