Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package logback for openSUSE:Factory checked in at 2026-06-10 15:52:31 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/logback (Old) and /work/SRC/openSUSE:Factory/.logback.new.2375 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "logback" Wed Jun 10 15:52:31 2026 rev:13 rq:1358269 version:1.5.34 Changes: -------- --- /work/SRC/openSUSE:Factory/logback/logback.changes 2026-01-29 17:49:06.623946260 +0100 +++ /work/SRC/openSUSE:Factory/.logback.new.2375/logback.changes 2026-06-10 15:52:54.108093078 +0200 @@ -1,0 +2,31 @@ +Wed Jun 10 04:23:35 UTC 2026 - Fridrich Strba <[email protected]> + +- Upgrade to upstream version 1.5.34 + * General changes between series + + The 1.2.x series has been deprecated for several years and is + no longer maintained + + In Logback 1.2.x/1.3.x, few optional components depend on + Java EE, whereas in logback versions 1.4.x/1.5.x, these + optional components depend on Jakarta EE. The 1.5.x series + continues the 1.4.x series, but with logback-access relocated + to its own repository. + * Fixes + + In case certain StackTraceElement values returned by the + Throwable.getStackTrace method are null, + StackTraceElementProxy substitutes a dummy instance instead of + throwing an IllegalArgumentException. (#1040) + + HardenedObjectInputStream will now throw an + InvalidClassException during deserialization attempts of Proxy + classes. (bsc#1266783, CVE-2026-10532) +- Removed patches: + * logback-1.2.3-getCallerClass.patch + * logback-CVE-2024-12801-CVE-2024-12798.patch + * logback-CVE-2025-11226.patch + * logback-CVE-2026-1225.patch + + not needed with this version +- Added patch: + * new-janino.patch + + upgrade to new janino that has packages in org.codehaus + namespace + +------------------------------------------------------------------- Old: ---- logback-1.2.13.tar.xz logback-1.2.3-getCallerClass.patch logback-CVE-2024-12801-CVE-2024-12798.patch logback-CVE-2025-11226.patch logback-CVE-2026-1225.patch New: ---- logback-1.5.34.tar.xz new-janino.patch ----------(Old B)---------- Old:- Removed patches: * logback-1.2.3-getCallerClass.patch * logback-CVE-2024-12801-CVE-2024-12798.patch Old: * logback-1.2.3-getCallerClass.patch * logback-CVE-2024-12801-CVE-2024-12798.patch * logback-CVE-2025-11226.patch Old: * logback-CVE-2024-12801-CVE-2024-12798.patch * logback-CVE-2025-11226.patch * logback-CVE-2026-1225.patch Old: * logback-CVE-2025-11226.patch * logback-CVE-2026-1225.patch + not needed with this version ----------(Old E)---------- ----------(New B)---------- New:- Added patch: * new-janino.patch + upgrade to new janino that has packages in org.codehaus ----------(New E)---------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ logback.spec ++++++ --- /var/tmp/diff_new_pack.dt7zHj/_old 2026-06-10 15:52:55.448148609 +0200 +++ /var/tmp/diff_new_pack.dt7zHj/_new 2026-06-10 15:52:55.452148775 +0200 @@ -1,7 +1,7 @@ # # spec file for package logback # -# Copyright (c) 2025 SUSE LLC and contributors +# Copyright (c) 2026 SUSE LLC and contributors # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,33 +17,36 @@ Name: logback -Version: 1.2.13 +Version: 1.5.34 Release: 0 Summary: A Java logging library License: EPL-1.0 OR LGPL-2.1-or-later URL: https://logback.qos.ch/ Source0: %{name}-%{version}.tar.xz -Patch0: logback-1.2.3-getCallerClass.patch -Patch1: logback-CVE-2024-12801-CVE-2024-12798.patch -Patch2: filtering.patch -Patch3: logback-CVE-2025-11226.patch -Patch4: logback-CVE-2026-1225.patch +Patch0: new-janino.patch +Patch1: filtering.patch BuildRequires: fdupes +BuildRequires: java-devel >= 11 BuildRequires: maven-local +BuildRequires: mvn(jakarta.mail:jakarta.mail-api) +BuildRequires: mvn(jakarta.servlet:jakarta.servlet-api) BuildRequires: mvn(javax.mail:mail) BuildRequires: mvn(javax.servlet:javax.servlet-api) BuildRequires: mvn(junit:junit) BuildRequires: mvn(log4j:log4j) BuildRequires: mvn(org.apache.ant:ant-junit) +BuildRequires: mvn(org.apache.ant:ant-junitlauncher) BuildRequires: mvn(org.apache.felix:maven-bundle-plugin) BuildRequires: mvn(org.apache.maven.plugins:maven-antrun-plugin) +BuildRequires: mvn(org.apache.maven.plugins:maven-javadoc-plugin) BuildRequires: mvn(org.apache.tomcat:tomcat-catalina) BuildRequires: mvn(org.apache.tomcat:tomcat-coyote) BuildRequires: mvn(org.codehaus.janino:janino) BuildRequires: mvn(org.eclipse.jetty:jetty-server) +BuildRequires: mvn(org.eclipse.jetty:jetty-util) BuildRequires: mvn(org.fusesource.jansi:jansi) -BuildRequires: mvn(org.slf4j:slf4j-api) -BuildRequires: mvn(org.slf4j:slf4j-ext) +BuildRequires: mvn(org.slf4j:slf4j-api:2) +BuildRequires: mvn(org.slf4j:slf4j-ext:2) BuildArch: noarch %description @@ -82,17 +85,16 @@ logback-examples module. %prep -%setup -q +%autosetup -p1 + chmod -x README.md LICENSE.txt find . -type f -exec chmod -x {} \; chmod +x %{name}-examples/src/main/resources/setClasspath.sh -%autopatch -p1 - %pom_remove_plugin :maven-source-plugin %pom_remove_plugin :findbugs-maven-plugin %pom_remove_plugin -r :maven-dependency-plugin -%pom_remove_plugin -r :cobertura-maven-plugin +%pom_remove_plugin -r :central-publishing-maven-plugin rm -r %{name}-*/src/test/java/* # remove test deps @@ -100,29 +102,29 @@ %pom_xpath_remove -r "pom:dependency[pom:type = 'test-jar']" %pom_xpath_remove -r "pom:dependency[pom:scope = 'test']" +%pom_disable_module %{name}-classic-blackbox +%pom_disable_module %{name}-core-blackbox + # bundle-test-jar %pom_xpath_remove -r "pom:plugin[pom:artifactId = 'maven-jar-plugin']/pom:executions" -# com.oracle:ojdbc14:10.2.0.1 com.microsoft.sqlserver:sqljdbc4:2.0 -%pom_xpath_remove "pom:project/pom:profiles/pom:profile[pom:id = 'host-orion']" %{name}-access - %pom_xpath_remove "pom:project/pom:profiles/pom:profile[pom:id = 'javadocjar']" -# disable for now -%pom_disable_module logback-site - %pom_xpath_remove "pom:build/pom:extensions" +%pom_xpath_remove "pom:profiles" + +%pom_xpath_set "pom:project/pom:properties/pom:slf4j.version" 2 + +%if %{?pkg_vcmp:%pkg_vcmp java-devel < 21}%{!?pkg_vcmp:0} + %pom_xpath_remove "pom:executions/pom:execution[pom:id[text()='java21-compile']]" logback-core +%endif %{mvn_package} ":%{name}-access" access %{mvn_package} ":%{name}-examples" examples %build -%{mvn_build} -f -- \ -%if %{?pkg_vcmp:%pkg_vcmp java-devel >= 9}%{!?pkg_vcmp:0} - -Dmaven.compiler.release=8 \ -%endif - -Dsource=8 -Dproject.build.sourceEncoding=ISO-8859-1 +%{mvn_build} -fj -- javadoc:aggregate %install %mvn_install ++++++ _scmsync.obsinfo ++++++ --- /var/tmp/diff_new_pack.dt7zHj/_old 2026-06-10 15:52:55.496150598 +0200 +++ /var/tmp/diff_new_pack.dt7zHj/_new 2026-06-10 15:52:55.500150764 +0200 @@ -1,6 +1,6 @@ -mtime: 1769670082 -commit: cc77896acb21f9ec1ac3cd541797ea527a882a78265a9682326d509b85446e78 -url: https://src.opensuse.org/java-packages/logback.git -revision: cc77896acb21f9ec1ac3cd541797ea527a882a78265a9682326d509b85446e78 +mtime: 1781066262 +commit: 93559ca5553ee72041daee51a4298c580e76934903e53fbf263287dd794250a8 +url: https://src.opensuse.org/java-packages/logback +revision: 93559ca5553ee72041daee51a4298c580e76934903e53fbf263287dd794250a8 projectscmsync: https://src.opensuse.org/java-packages/_ObsPrj ++++++ _service ++++++ --- /var/tmp/diff_new_pack.dt7zHj/_old 2026-06-10 15:52:55.536152255 +0200 +++ /var/tmp/diff_new_pack.dt7zHj/_new 2026-06-10 15:52:55.540152421 +0200 @@ -2,7 +2,7 @@ <service name="tar_scm" mode="disabled"> <param name="scm">git</param> <param name="url">https://github.com/qos-ch/logback.git</param> - <param name="revision">v_1.2.13</param> + <param name="revision">v_1.5.34</param> <param name="match-tag">v_*</param> <param name="versionformat">@PARENT_TAG@</param> <param name="versionrewrite-pattern">v_(.*)</param> ++++++ build.specials.obscpio ++++++ ++++++ build.specials.obscpio ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/.gitignore new/.gitignore --- old/.gitignore 1970-01-01 01:00:00.000000000 +0100 +++ new/.gitignore 2026-06-10 06:37:42.000000000 +0200 @@ -0,0 +1 @@ +.osc ++++++ logback-1.2.13.tar.xz -> logback-1.5.34.tar.xz ++++++ ++++ 169840 lines of diff (skipped) ++++++ new-janino.patch ++++++ diff --git a/logback-core/src/main/java/module-info.java b/logback-core/src/main/java/module-info.java index 1cac38433..dcc91438a 100644 --- a/logback-core/src/main/java/module-info.java +++ b/logback-core/src/main/java/module-info.java @@ -5,8 +5,8 @@ module ch.qos.logback.core { // required by the optional SMTPAppenderBase component requires static java.naming; - requires static janino; - requires static commons.compiler; + requires static org.codehaus.janino; + requires static org.codehaus.commons.compiler; // transitive _imposes_ the presence of jakarta.mail on downstream users, // let them declare it if they need it
