Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package xz for openSUSE:Factory checked in at 2026-04-04 19:03:56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/xz (Old) and /work/SRC/openSUSE:Factory/.xz.new.21863 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "xz" Sat Apr 4 19:03:56 2026 rev:96 rq:1344428 version:5.8.3 Changes: -------- --- /work/SRC/openSUSE:Factory/xz/xz.changes 2026-01-12 10:24:08.644441797 +0100 +++ /work/SRC/openSUSE:Factory/.xz.new.21863/xz.changes 2026-04-04 19:03:58.836670933 +0200 @@ -1,0 +2,9 @@ +Fri Apr 3 05:38:44 UTC 2026 - Andreas Stieger <[email protected]> + +- update to 5.8.3: + * CVE-2026-34743: buffer overflow in lzma_index_append() (boo#1261280) + * Add "License: 0BSD" to liblzma.pc. + * xz: Fix invalid memory access in --files and --files0 + * Translations: Add Arabic man page translations + +------------------------------------------------------------------- Old: ---- xz-5.8.2.tar.xz xz-5.8.2.tar.xz.sig New: ---- xz-5.8.3.tar.xz xz-5.8.3.tar.xz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ xz.spec ++++++ --- /var/tmp/diff_new_pack.2H3v2h/_old 2026-04-04 19:03:59.988718143 +0200 +++ /var/tmp/diff_new_pack.2H3v2h/_new 2026-04-04 19:03:59.992718307 +0200 @@ -2,7 +2,7 @@ # spec file for package xz # # Copyright (c) 2026 SUSE LLC and contributors -# Copyright (c) 2025 Andreas Stieger <[email protected]> +# Copyright (c) 2026 Andreas Stieger <[email protected]> # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -24,7 +24,7 @@ %bcond_with static %endif Name: xz -Version: 5.8.2 +Version: 5.8.3 Release: 0 Summary: A Program for Compressing Files with the Lempel–Ziv–Markov algorithm License: 0BSD AND GPL-2.0-or-later AND GPL-3.0-or-later AND LGPL-2.1-or-later @@ -33,7 +33,8 @@ Source0: https://github.com/tukaani-project/xz/releases/download/v%{version}/xz-%{version}.tar.xz Source1: https://github.com/tukaani-project/xz/releases/download/v%{version}/xz-%{version}.tar.xz.sig Source2: baselibs.conf -Source3: https://tukaani.org/misc/lasse_collin_pubkey.txt#/xz.keyring +# https://tukaani.org/misc/lasse_collin_pubkey.txt#/xz.keyring +Source3: %{name}.keyring Source4: xznew Source5: xznew.1 BuildRequires: pkgconfig @@ -81,7 +82,7 @@ %if %{with static} %package static-devel Summary: Static version of LZMA library -License: SUSE-Public-Domain +License: LicenseRef-SUSE-Public-Domain Group: Development/Libraries/C and C++ Requires: xz-devel = %{version} @@ -190,8 +191,9 @@ %files lang -f %{name}.lang %license COPYING COPYING.GPLv2 -%dir %{_mandir}/fr +%dir %{_mandir}/ar %dir %{_mandir}/de +%dir %{_mandir}/fr %dir %{_mandir}/ko %if 0%{?suse_version} == 1500 %dir %{_mandir}/ro @@ -200,7 +202,7 @@ %files -n liblzma5 %license COPYING COPYING.GPLv2 -%{_libdir}/liblzma.so.5* +%{_libdir}/liblzma.so.5{,.*} %files devel %license COPYING COPYING.GPLv2 ++++++ xz-5.8.2.tar.xz -> xz-5.8.3.tar.xz ++++++ ++++ 33681 lines of diff (skipped)
