commit reload4j for openSUSE:Factory

Thu, 19 Oct 2023 13:49:41 -0700 

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package reload4j for openSUSE:Factory 
checked in at 2023-10-19 22:47:07
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/reload4j (Old)
 and      /work/SRC/openSUSE:Factory/.reload4j.new.1945 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "reload4j"

Thu Oct 19 22:47:07 2023 rev:5 rq:1118377 version:1.2.25

Changes:
--------
--- /work/SRC/openSUSE:Factory/reload4j/reload4j.changes        2022-04-13 
21:04:38.768549897 +0200
+++ /work/SRC/openSUSE:Factory/.reload4j.new.1945/reload4j.changes      
2023-10-19 22:49:32.087252964 +0200
@@ -1,0 +2,38 @@
+Tue Oct 17 20:44:32 UTC 2023 - Fridrich Strba <fst...@suse.com>
+
+- Update to upstream version 1.2.25
+  * Given that some users encountered problems with the changes
+    made in version 1.2.24, the thread context class loader (TCCL)
+    is now tried first under all JDK versions unless the
+    "log4j.ignoreTCL" system property is set to true. This was
+    intended behavior all along except that is was disabled in
+    JDK 9 and later due to a coding error.
+- Update to upstream version 1.2.24
+  * The loadClass and getResource methods in the Loader class are
+    used to search for resources and to load classes, typically
+    appenders or layouts. In this release, only the class loader
+    that loaded the Loader class itself is used. The thread context
+    class loader (TCCL) is no longer used. In previous releases,
+    this was already the case when running under JDK 9 and later
+    but not under JDK 8 or earlier. The change provides both more
+    consistent and also simpler behavior. It should be be
+    transparent to users.
+- Update to upstream version 1.2.23
+  * Added Automatic-Module-Name entry set to ch.qos.reload4j in
+    the MANIFEST.MF file. This should help in including reload4j
+    as a named dependency in Jigsaw modular projects.
+- Update to upstream version 1.2.22
+  * Fixed a newly discovered XXE vector vulnerability reported
+    against Chainsaw.
+- Update to upstream version 1.2.21
+  * The binary compatibility issue between earlier versions of
+    reload4j and slf4j-log4j12 has been fixed. Although it is
+    recommended that you use slf4j-reload4j as the preferred adapter
+    for the slf4j/reload4j combination, with reload4j version 1.2.21
+    and later you can freely mix any version of slf4j-log4j12, if
+    you have to.
+- Modified patch:
+  * reload4j-java1.patch
+    + rediff to changed context
+
+-------------------------------------------------------------------

Old:
----
  reload4j-1.2.20.tar.xz

New:
----
  reload4j-1.2.25.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ reload4j.spec ++++++
--- /var/tmp/diff_new_pack.J5jetE/_old  2023-10-19 22:49:32.651273421 +0200
+++ /var/tmp/diff_new_pack.J5jetE/_new  2023-10-19 22:49:32.651273421 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package reload4j
 #
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
 
 %bcond_with tests
 Name:           reload4j
-Version:        1.2.20
+Version:        1.2.25
 Release:        0
 Summary:        Revival of EOLed log4j 1.x
 License:        Apache-2.0
@@ -32,7 +32,7 @@
 BuildRequires:  geronimo-jms-1_1-api
 BuildRequires:  java-devel >= 1.8
 BuildRequires:  javamail
-BuildRequires:  javapackages-local
+BuildRequires:  javapackages-local >= 6
 Obsoletes:      chainsaw < 2.1
 Obsoletes:      log4j < 1.3
 Obsoletes:      log4j-mini < 1.3
@@ -99,7 +99,7 @@
 
 #pom
 install -d -m 755 %{buildroot}%{_mavenpomdir}/%{name}
-install -pm 644 pom.xml %{buildroot}%{_mavenpomdir}/%{name}/%{name}.pom
+%mvn_install_pom pom.xml %{buildroot}%{_mavenpomdir}/%{name}/%{name}.pom
 %add_maven_depmap %{name}/%{name}.pom %{name}/%{name}.jar -a log4j:log4j
 
 # javadoc

++++++ _service ++++++
--- /var/tmp/diff_new_pack.J5jetE/_old  2023-10-19 22:49:32.679274436 +0200
+++ /var/tmp/diff_new_pack.J5jetE/_new  2023-10-19 22:49:32.683274582 +0200
@@ -2,7 +2,7 @@
        <service name="tar_scm" mode="disabled">
                <param name="scm">git</param>
                <param name="url">https://github.com/qos-ch/reload4j.git</param>
-               <param name="revision">v_1.2.20</param>
+               <param name="revision">v_1.2.25</param>
                <param name="match-tag">v_*</param>
                <param name="versionformat">@PARENT_TAG@</param>
                <param name="versionrewrite-pattern">v_(.*)</param>

++++++ reload4j-1.2.20.tar.xz -> reload4j-1.2.25.tar.xz ++++++
++++ 65959 lines of diff (skipped)

++++++ reload4j-build.xml ++++++
--- /var/tmp/diff_new_pack.J5jetE/_old  2023-10-19 22:49:33.007286333 +0200
+++ /var/tmp/diff_new_pack.J5jetE/_new  2023-10-19 22:49:33.011286478 +0200
@@ -10,9 +10,10 @@
 
   <property name="project.groupId" value="ch.qos.reload4j"/>
   <property name="project.artifactId" value="reload4j"/>
-  <property name="project.version" value="1.2.20"/>
+  <property name="project.version" value="1.2.25"/>
 
-  <property name="compiler.source" value="1.8"/>
+  <property name="compiler.release" value="8"/>
+  <property name="compiler.source" value="1.${compiler.release}"/>
   <property name="compiler.target" value="${compiler.source}"/>
 
   <property name="build.finalName" 
value="${project.artifactId}-${project.version}"/>
@@ -61,6 +62,7 @@
            debug="true" 
            optimize="false" 
            deprecation="true" 
+           release="${compiler.release}" 
            target="${compiler.target}" 
            verbose="false" 
            fork="false" 
@@ -90,6 +92,7 @@
            debug="true" 
            optimize="false" 
            deprecation="true" 
+           release="${compiler.release}" 
            target="${compiler.target}" 
            verbose="false" 
            fork="false" 
@@ -215,6 +218,7 @@
          basedir="${build.outputDir}" 
          excludes="**/package.html">
       <manifest>
+        <attribute name="Automatic-Module-Name" value="${project.groupId}"/>
         <attribute name="Bundle-Description" value="Reload4j revives EOLed 
log4j 1.x"/>
         <attribute name="Bundle-DocURL" value="https://reload4j.qos.ch/"/>
         <attribute name="Bundle-License" 
value="http://www.apache.org/licenses/LICENSE-2.0.txt"/>
@@ -227,8 +231,8 @@
         <attribute name="Implementation-Title" value="${project.artifactId}"/>
         <attribute name="Implementation-Vendor" value="QOS.CH Sarl 
(Switzerland)"/>
         <attribute name="Implementation-Version" value="${project.version}"/>
-        <attribute name="Import-Package" 
value="javax.jmdns;resolution:=optional,javax.jms;resolution:=optional,javax.mail.internet;version=&quot;[1.4,2)&quot;;resolution:=optional,javax.mail;version=&quot;[1.4,2)&quot;;resolution:=optional,javax.naming,javax.xml.parsers,org.w3c.dom,org.xml.sax,org.xml.sax.helpers"/>
-        <attribute name="Require-Capability" 
value="osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;"/>
+        <attribute name="Import-Package" 
value="javax.jmdns;resolution:=optional,javax.jms;resolution:=optional,javax.mail.internet;resolution:=optional,javax.mail;resolution:=optional,javax.naming,javax.xml.parsers,org.w3c.dom,org.xml.sax,org.xml.sax.helpers"/>
+        <attribute name="Require-Capability" 
value="osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=${compiler.target}))&quot;"/>
         <attribute name="X-Compile-Source-JDK" value="${compiler.source}"/>
         <attribute name="X-Compile-Target-JDK" value="${compiler.target}"/>
       </manifest>

++++++ reload4j-java1.patch ++++++
--- /var/tmp/diff_new_pack.J5jetE/_old  2023-10-19 22:49:33.023286914 +0200
+++ /var/tmp/diff_new_pack.J5jetE/_new  2023-10-19 22:49:33.027287059 +0200
@@ -1,12 +1,14 @@
---- reload4j-1.2.19/src/main/java/org/apache/log4j/MDC.java    2022-02-23 
08:05:01.051452323 +0100
-+++ reload4j-1.2.19/src/main/java/org/apache/log4j/MDC.java    2022-02-23 
08:05:39.546646231 +0100
-@@ -47,7 +47,7 @@
+diff --git a/src/main/java/org/apache/log4j/MDC.java 
b/src/main/java/org/apache/log4j/MDC.java
+index 5805772..fdcfeed 100755
+--- a/src/main/java/org/apache/log4j/MDC.java
++++ b/src/main/java/org/apache/log4j/MDC.java
+@@ -45,7 +45,7 @@ public class MDC {
  
      static final int HT_SIZE = 7;
  
 -    // boolean java1;
 +    boolean java1;
  
-     ThreadLocalMap tlm;
+     Object tlm;

Reply via email to