Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package curl for openSUSE:Factory checked in at 2023-05-18 15:18:22 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/curl (Old) and /work/SRC/openSUSE:Factory/.curl.new.1533 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "curl" Thu May 18 15:18:22 2023 rev:184 rq:1087553 version:8.1.0 Changes: -------- --- /work/SRC/openSUSE:Factory/curl/curl.changes 2023-03-24 15:15:52.877452792 +0100 +++ /work/SRC/openSUSE:Factory/.curl.new.1533/curl.changes 2023-05-18 15:18:29.677600319 +0200 @@ -1,0 +2,18 @@ +Wed May 17 08:13:32 UTC 2023 - David Anes <david.a...@suse.com> + +- Update to 8.1.0: + * Security fixes: + - UAF in SSH sha256 fingerprint [bsc#1211230, CVE-2023-28319] + - siglongjmp race condition [bsc#1211231, CVE-2023-28320] + - IDN wildcard match [bsc#1211232, CVE-2023-28321] + - POST-after-PUT confusion [bsc#1211233, CVE-2023-28322] + - See also: https://curl.se/docs/security.html + * Changes: + - curl: add --proxy-http2 + - CURLPROXY_HTTPS2: for HTTPS proxy that may speak HTTP/2 + - hostip: refuse to resolve the .onion TLD + - tool_writeout: add URL component variables + * Bugfixes: + - See full changelog here: https://curl.se/changes.html#8_1_0 + +------------------------------------------------------------------- Old: ---- curl-8.0.1.tar.xz curl-8.0.1.tar.xz.asc New: ---- curl-8.1.0.tar.xz curl-8.1.0.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ curl.spec ++++++ --- /var/tmp/diff_new_pack.GoACFj/_old 2023-05-18 15:18:30.809606076 +0200 +++ /var/tmp/diff_new_pack.GoACFj/_new 2023-05-18 15:18:30.821606137 +0200 @@ -21,7 +21,7 @@ # need ssl always for python-pycurl %bcond_without openssl Name: curl -Version: 8.0.1 +Version: 8.1.0 Release: 0 Summary: A Tool for Transferring Data from URLs License: curl ++++++ curl-8.0.1.tar.xz -> curl-8.1.0.tar.xz ++++++ ++++ 99774 lines of diff (skipped)
