Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package icingaweb2 for openSUSE:Factory
checked in at 2022-03-09 18:47:32
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/icingaweb2 (Old)
and /work/SRC/openSUSE:Factory/.icingaweb2.new.2349 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "icingaweb2"
Wed Mar 9 18:47:32 2022 rev:25 rq:960287 version:2.9.6
Changes:
--------
--- /work/SRC/openSUSE:Factory/icingaweb2/icingaweb2.changes 2021-11-25
23:05:40.413292799 +0100
+++ /work/SRC/openSUSE:Factory/.icingaweb2.new.2349/icingaweb2.changes
2022-03-11 11:44:23.634818072 +0100
@@ -1,0 +2,13 @@
+Tue Mar 8 16:45:39 UTC 2022 - ecsos <ec...@opensuse.org>
+
+- Update to 2.9.6
+ * Security Fixes
+ Please check the advisories on GitHub for more details.
+ - Path traversal in static library file requests for
+ unauthenticated users GHSA-5p3f-rh28-8frw
+ - SSH resources allow arbitrary code execution for
+ authenticated users GHSA-v9mv-h52f-7g63
+ - Unwanted disclosure of hosts and related data, linked to
+ decommissioned services GHSA-qcmg-vr56-x9wf
+
+-------------------------------------------------------------------
Old:
----
icingaweb2-2.9.5.tar.gz
New:
----
icingaweb2-2.9.6.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ icingaweb2.spec ++++++
--- /var/tmp/diff_new_pack.I9XHRv/_old 2022-03-11 11:44:24.166818668 +0100
+++ /var/tmp/diff_new_pack.I9XHRv/_new 2022-03-11 11:44:24.170818673 +0100
@@ -1,7 +1,7 @@
#
# spec file for package icingaweb2
#
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
# Copyright (c) 2013-2017 Icinga Development Team | GPLv2+
#
# All modifications and additions to the file contributed by third parties
@@ -20,10 +20,10 @@
%define revision 1
Name: icingaweb2
-Version: 2.9.5
+Version: 2.9.6
Release: %{revision}%{?dist}
Summary: Icinga Web 2
-License: GPL-2.0-or-later AND MIT AND BSD-3-Clause
+License: BSD-3-Clause AND GPL-2.0-or-later AND MIT
Group: System/Monitoring
URL: https://icinga.com
Source0:
https://github.com/Icinga/icingaweb2/archive/v%{version}/%{name}-%{version}.tar.gz
@@ -126,10 +126,9 @@
It comes with a completely new design and many user-friendly enhancements to
find the relevant information even faster.
-
%package common
Summary: Common files for Icinga Web 2 and the Icinga CLI
-License: GPL-2.0-or-later AND MIT AND BSD-3-Clause
+License: BSD-3-Clause AND GPL-2.0-or-later AND MIT
Group: System/Monitoring
%{?amzn:Requires(pre): shadow-utils}
%{?fedora:Requires(pre): shadow-utils}
@@ -142,10 +141,9 @@
%description common
Common files for Icinga Web 2 and the Icinga CLI.
-
%package -n php-Icinga
Summary: Icinga Web 2 PHP library
-License: GPL-2.0-or-later AND MIT AND BSD-3-Clause
+License: BSD-3-Clause AND GPL-2.0-or-later AND MIT
Group: Development/Libraries/Other
Requires: %{php_common} >= %{php_version}
Requires: %{php}-gd %{php}-intl %{php}-mbstring
@@ -158,10 +156,9 @@
%description -n php-Icinga
Icinga Web 2 PHP library.
-
%package -n icingacli
Summary: Icinga CLI
-License: GPL-2.0-or-later AND MIT AND BSD-3-Clause
+License: BSD-3-Clause AND GPL-2.0-or-later AND MIT
Group: System/Monitoring
Requires: %{name}-common = %{version}-%{release}
Requires: %{php_cli} >= %{php_version}
@@ -187,14 +184,14 @@
%package selinux
Summary: SELinux policy for Icinga Web 2
-License: GPL-2.0-or-later AND MIT AND BSD-3-Clause
+License: BSD-3-Clause AND GPL-2.0-or-later AND MIT
Group: System/Base
BuildRequires: checkpolicy
BuildRequires: hardlink
BuildRequires: selinux-policy-devel
Requires: %{name} = %{version}-%{release}
Requires(post): policycoreutils
-Requires(postun): policycoreutils
+Requires(postun):policycoreutils
%description selinux
SELinux policy for Icinga Web 2.
@@ -210,7 +207,6 @@
%description vendor-dompdf
Icinga Web 2 vendor library dompdf.
-
%package vendor-HTMLPurifier
Summary: Icinga Web 2 vendor library HTMLPurifier
License: LGPL-2.1-only
@@ -224,7 +220,6 @@
%description vendor-HTMLPurifier
Icinga Web 2 vendor library HTMLPurifier.
-
%package vendor-JShrink
Summary: Icinga Web 2 vendor library JShrink
License: BSD-3-Clause
@@ -235,7 +230,6 @@
%description vendor-JShrink
Icinga Web 2 vendor library JShrink.
-
%package vendor-lessphp
Summary: Icinga Web 2 vendor library lessphp
License: MIT
@@ -246,7 +240,6 @@
%description vendor-lessphp
Icinga Web 2 vendor library lessphp.
-
%package vendor-Parsedown
Summary: Icinga Web 2 vendor library Parsedown
License: MIT
@@ -257,7 +250,6 @@
%description vendor-Parsedown
Icinga Web 2 vendor library Parsedown.
-
%package vendor-zf1
Summary: Icinga Web 2's fork of Zend Framework 1
License: BSD-3-Clause
@@ -270,7 +262,6 @@
%description vendor-zf1
Icinga Web 2's fork of Zend Framework 1.
-
%prep
%setup -q -n %{name}-%{version}
%if 0%{?use_selinux}
++++++ icingaweb2-2.9.5.tar.gz -> icingaweb2-2.9.6.tar.gz ++++++
/work/SRC/openSUSE:Factory/icingaweb2/icingaweb2-2.9.5.tar.gz
/work/SRC/openSUSE:Factory/.icingaweb2.new.2349/icingaweb2-2.9.6.tar.gz differ:
char 13, line 1
