Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package istioctl for openSUSE:Factory checked in at 2026-05-19 17:49:29 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/istioctl (Old) and /work/SRC/openSUSE:Factory/.istioctl.new.1966 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "istioctl" Tue May 19 17:49:29 2026 rev:49 rq:1353921 version:1.29.3 Changes: -------- --- /work/SRC/openSUSE:Factory/istioctl/istioctl.changes 2026-04-18 21:39:09.668425637 +0200 +++ /work/SRC/openSUSE:Factory/.istioctl.new.1966/istioctl.changes 2026-05-19 17:49:47.547188281 +0200 @@ -1,0 +2,19 @@ +Tue May 19 05:05:54 UTC 2026 - Johannes Kastl <[email protected]> + +- update to 1.29.3: + https://istio.io/latest/news/releases/1.29.x/announcing-1.29.3/ + istioctl-related changes + * Fixed an issue where istioctl ztunnel-config service JSON and + YAML output did not include the canonical field from the + ztunnel configuration dump. (Issue #59961) + Security update + * Fixed an authorization bypass in AuthorizationPolicy where + regex metacharacters in certain identity fields were embedded + in the generated Envoy SafeRegex without escaping. As a result, + legal Kubernetes names containing characters like . or [ could + be treated as regex wildcards, admitting identities beyond the + policy author’s intent. This issue affected source.principals + (specifically suffix matches starting with *) and + source.namespaces. (Issue #59992) + +------------------------------------------------------------------- Old: ---- istioctl-1.29.2.obscpio New: ---- istioctl-1.29.3.obscpio ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ istioctl.spec ++++++ --- /var/tmp/diff_new_pack.nqTxYn/_old 2026-05-19 17:49:49.027250705 +0200 +++ /var/tmp/diff_new_pack.nqTxYn/_new 2026-05-19 17:49:49.031250874 +0200 @@ -17,7 +17,7 @@ Name: istioctl -Version: 1.29.2 +Version: 1.29.3 Release: 0 Summary: CLI for the istio servic mesh in Kubernetes License: Apache-2.0 ++++++ _service ++++++ --- /var/tmp/diff_new_pack.nqTxYn/_old 2026-05-19 17:49:49.107254079 +0200 +++ /var/tmp/diff_new_pack.nqTxYn/_new 2026-05-19 17:49:49.115254417 +0200 @@ -3,7 +3,7 @@ <param name="url">https://github.com/istio/istio</param> <param name="scm">git</param> <param name="exclude">.git</param> - <param name="revision">1.29.2</param> + <param name="revision">1.29.3</param> <param name="versionformat">@PARENT_TAG@</param> <param name="changesgenerate">disable</param> <param name="filename">istioctl</param> ++++++ istioctl-1.29.2.obscpio -> istioctl-1.29.3.obscpio ++++++ ++++ 4798 lines of diff (skipped) ++++++ istioctl.obsinfo ++++++ --- /var/tmp/diff_new_pack.nqTxYn/_old 2026-05-19 17:49:55.335516770 +0200 +++ /var/tmp/diff_new_pack.nqTxYn/_new 2026-05-19 17:49:55.347517276 +0200 @@ -1,5 +1,5 @@ name: istioctl -version: 1.29.2 -mtime: 1775765038 -commit: 0c774325b938c4dbda4ea4ad4fb6156e80a12de8 +version: 1.29.3 +mtime: 1778238049 +commit: 4a7da1efa3f7e80fd69587831a3df7ccc2bd7622 ++++++ vendor.tar.gz ++++++ /work/SRC/openSUSE:Factory/istioctl/vendor.tar.gz /work/SRC/openSUSE:Factory/.istioctl.new.1966/vendor.tar.gz differ: char 19, line 1
