Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package python-mistune for openSUSE:Factory 
checked in at 2026-07-02 20:06:05
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-mistune (Old)
 and      /work/SRC/openSUSE:Factory/.python-mistune.new.1982 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "python-mistune"

Thu Jul  2 20:06:05 2026 rev:28 rq:1362603 version:3.3.2

Changes:
--------
--- /work/SRC/openSUSE:Factory/python-mistune/python-mistune.changes    
2026-05-12 19:26:53.491642265 +0200
+++ /work/SRC/openSUSE:Factory/.python-mistune.new.1982/python-mistune.changes  
2026-07-02 20:06:37.623511021 +0200
@@ -1,0 +2,15 @@
+Thu Jun 25 11:52:23 UTC 2026 - Markéta Machová <[email protected]>
+
+- update to 3.3.2 (CVE-2026-49851, bsc#1269091)
+  * Resolve O(n^2) DoS in parse_link_text (CWE-400)
+  * Avoid quadratic scans in general
+  * cli: Add entrypoint and utf-8 output
+  * image: Validate figure width option
+  * Reject currency patterns and cross-line matches in inline math
+  * math: Support display and backtick math
+  * renderer: Render plugin list and table nodes
+  * renderer: Block encoded unsafe URL schemes
+  * abbr: Update process_text method in abrr, adding parse_emphasis
+    parameter
+
+-------------------------------------------------------------------

Old:
----
  mistune-3.2.1.tar.gz

New:
----
  mistune-3.3.2.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ python-mistune.spec ++++++
--- /var/tmp/diff_new_pack.k800E0/_old  2026-07-02 20:06:38.519541893 +0200
+++ /var/tmp/diff_new_pack.k800E0/_new  2026-07-02 20:06:38.523542030 +0200
@@ -17,9 +17,10 @@
 
 
 %define modname mistune
+%bcond_without libalternatives
 %{?sle15_python_module_pythons}
 Name:           python-%{modname}
-Version:        3.2.1
+Version:        3.3.2
 Release:        0
 Summary:        Python Markdown parser with renderers and plugins
 License:        BSD-3-Clause
@@ -27,13 +28,11 @@
 Source:         
https://github.com/lepture/%{modname}/archive/refs/tags/v%{version}.tar.gz#/%{modname}-%{version}.tar.gz
 BuildRequires:  %{python_module pip}
 BuildRequires:  %{python_module pytest}
-BuildRequires:  %{python_module typing-extensions if %python-base < 3.11}
 BuildRequires:  %{python_module wheel}
+BuildRequires:  alts
 BuildRequires:  fdupes
 BuildRequires:  python-rpm-macros
-%if "%{python_flavor}" < "python311"
-Requires:       python-typing_extensions
-%endif
+Requires:       alts
 BuildArch:      noarch
 Conflicts:      python-mistune2 < %{version}
 Obsoletes:      python-mistune2 < %{version}
@@ -51,6 +50,7 @@
 
 %install
 %pyproject_install
+%python_clone -a %{buildroot}%{_bindir}/mistune
 %python_expand %fdupes %{buildroot}%{$python_sitelib}
 
 %check
@@ -59,6 +59,7 @@
 %files %{python_files}
 %license LICENSE
 %doc README.md
+%python_alternative %{_bindir}/mistune
 %{python_sitelib}/%{modname}
 %{python_sitelib}/%{modname}-%{version}*-info
 

++++++ mistune-3.2.1.tar.gz -> mistune-3.3.2.tar.gz ++++++
++++ 4558 lines of diff (skipped)

Reply via email to