Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rclone for openSUSE:Factory checked in at 2026-05-24 19:35:46 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rclone (Old) and /work/SRC/openSUSE:Factory/.rclone.new.2084 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rclone" Sun May 24 19:35:46 2026 rev:81 rq:1354958 version:1.74.2 Changes: -------- --- /work/SRC/openSUSE:Factory/rclone/rclone.changes 2026-05-12 19:30:27.616516594 +0200 +++ /work/SRC/openSUSE:Factory/.rclone.new.2084/rclone.changes 2026-05-24 19:38:16.125707050 +0200 @@ -1,0 +2,77 @@ +Sat May 23 16:45:09 UTC 2026 - Marcus Rueckert <[email protected]> + +- Update to version 1.74.2: (boo#1266210) + - Bug Fixes + - build + - Update golang.org/x/net to v0.55.0 to address: + - CVE-2026-42506: html: incorrect handling of namespaced + elements in foreign content + - CVE-2026-39821: idna: failure to reject ASCII-only + Punycode-encoded labels + - CVE-2026-42502: html: incorrect handling of HTML elements + in foreign content + - CVE-2026-25680: html: denial of service when parsing + arbitrary HTML + - CVE-2026-25681: html: incorrect handling of character + references in DOCTYPE nodes + - CVE-2026-27136: html: duplicate attributes can cause XSS + - Update golang.org/x/crypto to v0.52.0 to address: + - CVE-2026-46598: ssh/agent: pathological inputs can lead + to client panic + - CVE-2026-46597: ssh: byte arithmetic causes underflow and + panic + - CVE-2026-39828: ssh: bypass of certificate restrictions + - CVE-2026-39835: ssh: server panic during + CheckHostKey/Authenticate + - CVE-2026-39833: ssh/agent: key constraints not enforced + - CVE-2026-39832: ssh/agent: agent constraints dropped when + forwarding keys + - CVE-2026-39827: ssh: memory leak when rejecting channels + can lead to DoS + - CVE-2026-39830: ssh: client can cause server deadlock on + unexpected responses + - CVE-2026-39829: ssh: pathological RSA/DSA parameters may + cause DoS + - CVE-2026-39831: ssh: bypass of FIDO/U2F security keys + physical interaction + - CVE-2026-39834: ssh: infinite loop on large channel + writes + - CVE-2026-42508: ssh/knownhosts: auth bypass via + unenforced @revoked status + - CVE-2026-46595: ssh: VerifiedPublicKeyCallback + permissions skip enforcement + - update golang.org/x/image to v0.41.0 to address: + - CVE-2026-42500: bmp: panic when reading out of bound + palette index + - CVE-2026-33809: tiff: excessive resource consumption in + PackBits decompression + - Update golang.org/x/sys to version v0.45.0 to address: + - CVE-2026-39824: windows: integer overflow in + NewNTUnicodeString + - Update github.com/go-git/go-billy/v5 to 5.9.0 to fix + CVE-2026-44740 + - bisync: Fix --conflict-loser pathname with + --conflict-resolve newer (nielash) + - gui: Update embedded release to 1.1.8 (Nick Craig-Wood) + - lib/http: Replace deprecated h2c.NewHandler with + http.Server.Protocols (Nick Craig-Wood) + - rc: Remove duplicate metrics_addr option registration (Nick + Craig-Wood) + - vfs/vfscache: Fix silent write failure when mounting with + remote:. (Lucky945H) + - doc fixes (FTCHD, Iizuki, Leon Brocard, Nick Craig-Wood) + - Drime + - Fix file doesn't exists error when trying to delete (John + Volk) + - Fix 500 errors when listing shared folders (Alvinwylim) + - Jottacloud + - Support whitelabel service Phonero Sky (Tore Anderson) + - Protondrive + - Fix corrupted on transfer: sha1 hashes differ (William Tange) + - S3 + - Add new MEGA S4 endpoints on megas4.com including + Asia-Pacific region (Nick Craig-Wood) + - WebDAV + - Honour auth_redirect on listAll PROPFIND (Sai Asish Y) + +------------------------------------------------------------------- Old: ---- rclone-1.74.1.tar.xz New: ---- rclone-1.74.2.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rclone.spec ++++++ --- /var/tmp/diff_new_pack.i7jU7t/_old 2026-05-24 19:38:17.101747065 +0200 +++ /var/tmp/diff_new_pack.i7jU7t/_new 2026-05-24 19:38:17.101747065 +0200 @@ -18,7 +18,7 @@ Name: rclone -Version: 1.74.1 +Version: 1.74.2 Release: 0 Summary: Rsync for cloud storage License: MIT ++++++ _service ++++++ --- /var/tmp/diff_new_pack.i7jU7t/_old 2026-05-24 19:38:17.137748542 +0200 +++ /var/tmp/diff_new_pack.i7jU7t/_new 2026-05-24 19:38:17.141748705 +0200 @@ -5,7 +5,7 @@ <param name="exclude">.git</param> <param name="versionformat">@PARENT_TAG@</param> <param name="versionrewrite-pattern">v(.*)</param> - <param name="revision">v1.74.1</param> + <param name="revision">v1.74.2</param> <param name="filename">rclone</param> <param name="changesgenerate">enable</param> </service> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.i7jU7t/_old 2026-05-24 19:38:17.169749853 +0200 +++ /var/tmp/diff_new_pack.i7jU7t/_new 2026-05-24 19:38:17.173750017 +0200 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/rclone/rclone.git</param> - <param name="changesrevision">076fb2bc5304f183ef7874ecc84d1908c43d2250</param></service></servicedata> + <param name="changesrevision">b22fe9811c672e4d226ae2c054d7c965d8783805</param></service></servicedata> (No newline at EOF) ++++++ rclone-1.74.1.tar.xz -> rclone-1.74.2.tar.xz ++++++ /work/SRC/openSUSE:Factory/rclone/rclone-1.74.1.tar.xz /work/SRC/openSUSE:Factory/.rclone.new.2084/rclone-1.74.2.tar.xz differ: char 15, line 1 ++++++ vendor.tar.xz ++++++ /work/SRC/openSUSE:Factory/rclone/vendor.tar.xz /work/SRC/openSUSE:Factory/.rclone.new.2084/vendor.tar.xz differ: char 27, line 1
