Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package apache-commons-fileupload for
openSUSE:Factory checked in at 2023-05-23 14:54:30
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/apache-commons-fileupload (Old)
and /work/SRC/openSUSE:Factory/.apache-commons-fileupload.new.1533 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "apache-commons-fileupload"
Tue May 23 14:54:30 2023 rev:3 rq:1088488 version:1.5
Changes:
--------
---
/work/SRC/openSUSE:Factory/apache-commons-fileupload/apache-commons-fileupload.changes
2022-03-24 22:58:20.268270074 +0100
+++
/work/SRC/openSUSE:Factory/.apache-commons-fileupload.new.1533/apache-commons-fileupload.changes
2023-05-23 14:55:05.722679080 +0200
@@ -1,0 +2,20 @@
+Tue May 23 04:40:49 UTC 2023 - Fridrich Strba <[email protected]>
+
+- Upgrade to upstream version 1.5
+ * New features:
+ + Add a configurable limit (disabled by default) for the number
+ of files to upload per request (bsc#1208513, CVE-2023-24998).
+ The new configuration option (FileUploadBase#setFileCountMax)
+ is not enabled by default and must be explicitly configured.
+ * Fixed Bugs:
+ + FILEUPLOAD-293: DiskFileItem.write(File) had been changed to
+ use FileUtils.moveFile internally, preventing an existing file
+ as the target.
+ + Improve parsing speed.
+ * Changes:
+ + Bump Commons IO to 2.11.0
+ + FILEUPLOAD-328 Switch from Cobertura code coverage to Jacoco
+ code coverage.
+ + Bump JUnit to 4.13.2
+
+-------------------------------------------------------------------
Old:
----
commons-fileupload-1.4-src.tar.gz
New:
----
commons-fileupload-1.5-src.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ apache-commons-fileupload.spec ++++++
--- /var/tmp/diff_new_pack.r6lw88/_old 2023-05-23 14:55:06.382682985 +0200
+++ /var/tmp/diff_new_pack.r6lw88/_new 2023-05-23 14:55:06.390683033 +0200
@@ -1,7 +1,7 @@
#
# spec file
#
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -20,7 +20,7 @@
%global short_name commons-%{base_name}
%bcond_without portlet
Name: apache-%{short_name}
-Version: 1.4
+Version: 1.5
Release: 0
Summary: API to work with HTML file upload
License: Apache-2.0
++++++ apache-commons-fileupload-build.xml ++++++
--- /var/tmp/diff_new_pack.r6lw88/_old 2023-05-23 14:55:06.422683222 +0200
+++ /var/tmp/diff_new_pack.r6lw88/_new 2023-05-23 14:55:06.422683222 +0200
@@ -8,7 +8,7 @@
<property file="build.properties"/>
- <property name="build.finalName" value="commons-fileupload-1.4"/>
+ <property name="build.finalName" value="commons-fileupload-1.5"/>
<property name="build.dir" value="target"/>
<property name="build.outputDir" value="${build.dir}/classes"/>
<property name="build.srcDir.0" value="src/main/java"/>
@@ -220,21 +220,21 @@
<attribute name="Bundle-Name" value="Apache Commons
FileUpload"/>
<attribute name="Bundle-SymbolicName"
value="org.apache.commons.fileupload"/>
<attribute name="Bundle-Vendor" value="The Apache Software
Foundation"/>
- <attribute name="Bundle-Version" value="1.4.0"/>
+ <attribute name="Bundle-Version" value="1.5.0"/>
<attribute name="DynamicImport-Package" value="javax.portlet"/>
- <attribute name="Export-Package"
value="org.apache.commons.fileupload;version="1.4",org.apache.commons.fileupload.disk;version="1.4",org.apache.commons.fileupload.portlet;version="1.4",org.apache.commons.fileupload.servlet;version="1.4",org.apache.commons.fileupload.util;version="1.4""/>
+ <attribute name="Export-Package"
value="org.apache.commons.fileupload;version="1.5",org.apache.commons.fileupload.disk;version="1.5",org.apache.commons.fileupload.portlet;version="1.5",org.apache.commons.fileupload.servlet;version="1.5",org.apache.commons.fileupload.util;version="1.5""/>
<attribute name="Implementation-Title" value="Apache Commons
FileUpload"/>
<attribute name="Implementation-URL"
value="http://commons.apache.org/proper/commons-fileupload/"/>
<attribute name="Implementation-Vendor" value="The Apache
Software Foundation"/>
<attribute name="Implementation-Vendor-Id" value="org.apache"/>
- <attribute name="Implementation-Version" value="1.4"/>
+ <attribute name="Implementation-Version" value="1.5"/>
<attribute name="Import-Package"
value="javax.servlet,javax.servlet.http,org.apache.commons.io,org.apache.commons.io.output"/>
<attribute name="Include-Resource"
value="META-INF/NOTICE.txt=NOTICE.txt,META-INF/LICENSE.txt=LICENSE.txt"/>
<attribute name="Private-Package"
value="org.apache.commons.fileupload.util.mime"/>
<attribute name="Require-Capability"
value="osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))""/>
<attribute name="Specification-Title" value="Apache Commons
FileUpload"/>
<attribute name="Specification-Vendor" value="The Apache
Software Foundation"/>
- <attribute name="Specification-Version" value="1.4"/>
+ <attribute name="Specification-Version" value="1.5"/>
</manifest>
</jar>
</target>
++++++ commons-fileupload-1.4-src.tar.gz -> commons-fileupload-1.5-src.tar.gz
++++++
++++ 47156 lines of diff (skipped)
