Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-mistune for openSUSE:Factory checked in at 2026-07-02 20:06:05 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-mistune (Old) and /work/SRC/openSUSE:Factory/.python-mistune.new.1982 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-mistune" Thu Jul 2 20:06:05 2026 rev:28 rq:1362603 version:3.3.2 Changes: -------- --- /work/SRC/openSUSE:Factory/python-mistune/python-mistune.changes 2026-05-12 19:26:53.491642265 +0200 +++ /work/SRC/openSUSE:Factory/.python-mistune.new.1982/python-mistune.changes 2026-07-02 20:06:37.623511021 +0200 @@ -1,0 +2,15 @@ +Thu Jun 25 11:52:23 UTC 2026 - Markéta Machová <[email protected]> + +- update to 3.3.2 (CVE-2026-49851, bsc#1269091) + * Resolve O(n^2) DoS in parse_link_text (CWE-400) + * Avoid quadratic scans in general + * cli: Add entrypoint and utf-8 output + * image: Validate figure width option + * Reject currency patterns and cross-line matches in inline math + * math: Support display and backtick math + * renderer: Render plugin list and table nodes + * renderer: Block encoded unsafe URL schemes + * abbr: Update process_text method in abrr, adding parse_emphasis + parameter + +------------------------------------------------------------------- Old: ---- mistune-3.2.1.tar.gz New: ---- mistune-3.3.2.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-mistune.spec ++++++ --- /var/tmp/diff_new_pack.k800E0/_old 2026-07-02 20:06:38.519541893 +0200 +++ /var/tmp/diff_new_pack.k800E0/_new 2026-07-02 20:06:38.523542030 +0200 @@ -17,9 +17,10 @@ %define modname mistune +%bcond_without libalternatives %{?sle15_python_module_pythons} Name: python-%{modname} -Version: 3.2.1 +Version: 3.3.2 Release: 0 Summary: Python Markdown parser with renderers and plugins License: BSD-3-Clause @@ -27,13 +28,11 @@ Source: https://github.com/lepture/%{modname}/archive/refs/tags/v%{version}.tar.gz#/%{modname}-%{version}.tar.gz BuildRequires: %{python_module pip} BuildRequires: %{python_module pytest} -BuildRequires: %{python_module typing-extensions if %python-base < 3.11} BuildRequires: %{python_module wheel} +BuildRequires: alts BuildRequires: fdupes BuildRequires: python-rpm-macros -%if "%{python_flavor}" < "python311" -Requires: python-typing_extensions -%endif +Requires: alts BuildArch: noarch Conflicts: python-mistune2 < %{version} Obsoletes: python-mistune2 < %{version} @@ -51,6 +50,7 @@ %install %pyproject_install +%python_clone -a %{buildroot}%{_bindir}/mistune %python_expand %fdupes %{buildroot}%{$python_sitelib} %check @@ -59,6 +59,7 @@ %files %{python_files} %license LICENSE %doc README.md +%python_alternative %{_bindir}/mistune %{python_sitelib}/%{modname} %{python_sitelib}/%{modname}-%{version}*-info ++++++ mistune-3.2.1.tar.gz -> mistune-3.3.2.tar.gz ++++++ ++++ 4558 lines of diff (skipped)
