Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package trivy for openSUSE:Factory checked in at 2026-06-22 17:25:30 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/trivy (Old) and /work/SRC/openSUSE:Factory/.trivy.new.1956 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "trivy" Mon Jun 22 17:25:30 2026 rev:94 rq:1361075 version:0.71.2 Changes: -------- --- /work/SRC/openSUSE:Factory/trivy/trivy.changes 2026-06-17 16:19:58.471218601 +0200 +++ /work/SRC/openSUSE:Factory/.trivy.new.1956/trivy.changes 2026-06-22 17:26:02.562646633 +0200 @@ -1,0 +2,18 @@ +Sun Jun 21 18:51:17 UTC 2026 - Dirk Müller <[email protected]> + +- update vendored containerd to 2.3.2: + + CVE-2026-50195 (bsc#1268399) + + CVE-2026-53488 (bsc#1268400) + + CVE-2026-53492 (bsc#1268403) + + CVE-2026-53489 (bsc#1268404) + + CVE-2026-47262 (bsc#1268440) + +------------------------------------------------------------------- +Fri Jun 19 14:15:43 UTC 2026 - Dirk Müller <[email protected]> + +- Update to version 0.71.2: + * release: v0.71.2 [release/v0.71] (#10871) + * fix(deps): bump alpine to 3.24.1 [backport: release/v0.71] (#10870) + * chore(deps): bump the common group with 4 updates [backport: release/v0.71] (#10867) + +------------------------------------------------------------------- Old: ---- trivy-0.71.1.tar.zst New: ---- trivy-0.71.2.tar.zst ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ trivy.spec ++++++ --- /var/tmp/diff_new_pack.4k7mdG/_old 2026-06-22 17:26:08.286845950 +0200 +++ /var/tmp/diff_new_pack.4k7mdG/_new 2026-06-22 17:26:08.290846089 +0200 @@ -17,7 +17,7 @@ Name: trivy -Version: 0.71.1 +Version: 0.71.2 Release: 0 Summary: A Simple and Comprehensive Vulnerability Scanner for Containers License: Apache-2.0 ++++++ _scmsync.obsinfo ++++++ --- /var/tmp/diff_new_pack.4k7mdG/_old 2026-06-22 17:26:08.682859739 +0200 +++ /var/tmp/diff_new_pack.4k7mdG/_new 2026-06-22 17:26:08.718860993 +0200 @@ -1,5 +1,5 @@ -mtime: 1781638454 -commit: 7bedd70fd7e0e763bcc3056d37ba132ffa1f422a51b2bc03122912cac2dc442a +mtime: 1782125099 +commit: 6fd025ba61306df233d12db1800e9b73025a3002109cd35d63ccdca0e4d6db5e url: https://src.opensuse.org/dirkmueller/trivy.git revision: factory ++++++ _service ++++++ --- /var/tmp/diff_new_pack.4k7mdG/_old 2026-06-22 17:26:08.982870185 +0200 +++ /var/tmp/diff_new_pack.4k7mdG/_new 2026-06-22 17:26:09.034871996 +0200 @@ -2,7 +2,7 @@ <service name="tar_scm" mode="manual"> <param name="url">https://github.com/aquasecurity/trivy</param> <param name="scm">git</param> - <param name="revision">v0.71.1</param> + <param name="revision">v0.71.2</param> <param name="versionformat">@PARENT_TAG@</param> <param name="versionrewrite-pattern">v(.*)</param> <param name="changesgenerate">enable</param> @@ -16,7 +16,7 @@ </service> <service name="go_modules" mode="manual"> <param name="compression">zst</param> - <param name="replace">golang.org/x/net=golang.org/x/[email protected]</param> + <param name="replace">github.com/containerd/containerd/v2=github.com/containerd/containerd/[email protected]</param> </service> </services> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.4k7mdG/_old 2026-06-22 17:26:09.266880074 +0200 +++ /var/tmp/diff_new_pack.4k7mdG/_new 2026-06-22 17:26:09.298881189 +0200 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/aquasecurity/trivy</param> - <param name="changesrevision">164b383121351c2d49c5d354c2245719d972752b</param></service></servicedata> + <param name="changesrevision">055a5c8a53bfd61f7a8e276a5b2f0c3fc1673420</param></service></servicedata> (No newline at EOF) ++++++ build.specials.obscpio ++++++ ++++++ build.specials.obscpio ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/.gitignore new/.gitignore --- old/.gitignore 1970-01-01 01:00:00.000000000 +0100 +++ new/.gitignore 2026-06-22 12:44:59.000000000 +0200 @@ -0,0 +1 @@ +.osc ++++++ trivy-0.71.1.tar.zst -> trivy-0.71.2.tar.zst ++++++ /work/SRC/openSUSE:Factory/trivy/trivy-0.71.1.tar.zst /work/SRC/openSUSE:Factory/.trivy.new.1956/trivy-0.71.2.tar.zst differ: char 7, line 1 ++++++ vendor.tar.zst ++++++ /work/SRC/openSUSE:Factory/trivy/vendor.tar.zst /work/SRC/openSUSE:Factory/.trivy.new.1956/vendor.tar.zst differ: char 7, line 1
