Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-lxml for openSUSE:Factory checked in at 2022-01-07 12:44:35 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-lxml (Old) and /work/SRC/openSUSE:Factory/.python-lxml.new.1896 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-lxml" Fri Jan 7 12:44:35 2022 rev:87 rq:943802 version:4.6.5 Changes: -------- --- /work/SRC/openSUSE:Factory/python-lxml/python-lxml.changes 2021-12-09 19:45:11.689121284 +0100 +++ /work/SRC/openSUSE:Factory/.python-lxml.new.1896/python-lxml.changes 2022-01-07 12:45:02.115789379 +0100 @@ -1,0 +2,9 @@ +Tue Jan 4 16:03:54 UTC 2022 - Dirk M??ller <[email protected]> + +- update to 4.6.5 (bsc#1193752, CVE-2021-43818): + * A vulnerability (GHSL-2021-1038) in the HTML cleaner allowed sneaking script + content through SVG images. + * A vulnerability (GHSL-2021-1037) in the HTML cleaner allowed sneaking script + content through CSS imports and other crafted constructs. + +------------------------------------------------------------------- Old: ---- lxml-4.6.4.tar.gz New: ---- lxml-4.6.5.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-lxml.spec ++++++ --- /var/tmp/diff_new_pack.jw7dM0/_old 2022-01-07 12:45:02.799789854 +0100 +++ /var/tmp/diff_new_pack.jw7dM0/_new 2022-01-07 12:45:02.803789856 +0100 @@ -1,7 +1,7 @@ # # spec file for package python-lxml # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %{?!python_module:%define python_module() python-%{**} python3-%{**}} Name: python-lxml -Version: 4.6.4 +Version: 4.6.5 Release: 0 Summary: Pythonic XML processing library License: BSD-3-Clause AND GPL-2.0-or-later @@ -30,7 +30,7 @@ BuildRequires: %{python_module cssselect >= 0.9.1} BuildRequires: %{python_module setuptools >= 18.0.1} BuildRequires: fdupes -BuildRequires: libxml2-devel >= 2.7.0 +BuildRequires: libxml2-devel >= 2.9.5 BuildRequires: libxslt-devel >= 1.1.23 BuildRequires: python-rpm-macros Requires: python-cssselect >= 0.9.1 ++++++ lxml-4.6.4.tar.gz -> lxml-4.6.5.tar.gz ++++++ ++++ 33349 lines of diff (skipped)
