commit icingaweb2 for openSUSE:Factory

Mon, 12 Jul 2021 12:41:25 -0700 

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package icingaweb2 for openSUSE:Factory 
checked in at 2021-07-12 21:40:39
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/icingaweb2 (Old)
 and      /work/SRC/openSUSE:Factory/.icingaweb2.new.2625 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "icingaweb2"

Mon Jul 12 21:40:39 2021 rev:21 rq:905847 version:2.8.3

Changes:
--------
--- /work/SRC/openSUSE:Factory/icingaweb2/icingaweb2.changes    2020-11-29 
12:31:06.210164527 +0100
+++ /work/SRC/openSUSE:Factory/.icingaweb2.new.2625/icingaweb2.changes  
2021-07-12 21:41:15.083628958 +0200
@@ -1,0 +2,16 @@
+Mon Jul 12 12:45:35 UTC 2021 - ecsos <ec...@opensuse.org>
+
+- Update to 2.8.3
+  * Security Fixes
+    This release includes two security related fixes.
+    Both were published as part of a security advisory on Github.
+    They allow the circumvention of custom variable protection
+    rules and blacklists as well as a path traversal if the doc
+    module is enabled. Please check the respective advisory for
+    details.
+    - Custom variable protection and blacklists can be circumvented
+      GHSA-2xv9-886q-p7xx
+    - Possible path traversal by use of the doc module
+      GHSA-cmgc-h4cx-3v43
+
+-------------------------------------------------------------------

Old:
----
  icingaweb2-2.8.2.tar.gz

New:
----
  icingaweb2-2.8.3.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ icingaweb2.spec ++++++
--- /var/tmp/diff_new_pack.6Gbvb1/_old  2021-07-12 21:41:15.759623630 +0200
+++ /var/tmp/diff_new_pack.6Gbvb1/_new  2021-07-12 21:41:15.763623599 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package icingaweb2
 #
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
 # Copyright (c) 2013-2017 Icinga Development Team | GPLv2+
 #
 # All modifications and additions to the file contributed by third parties
@@ -20,7 +20,7 @@
 %define revision 1
 
 Name:           icingaweb2
-Version:        2.8.2
+Version:        2.8.3
 Release:        %{revision}%{?dist}
 Summary:        Icinga Web 2
 License:        GPL-2.0-or-later AND MIT AND BSD-3-Clause

++++++ icingaweb2-2.8.2.tar.gz -> icingaweb2-2.8.3.tar.gz ++++++
/work/SRC/openSUSE:Factory/icingaweb2/icingaweb2-2.8.2.tar.gz 
/work/SRC/openSUSE:Factory/.icingaweb2.new.2625/icingaweb2-2.8.3.tar.gz differ: 
char 13, line 1

Reply via email to