commit rubygem-json-jwt for openSUSE:Factory

Wed, 15 Nov 2023 12:24:58 -0800 

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package rubygem-json-jwt for 
openSUSE:Factory checked in at 2023-11-15 21:07:26
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-json-jwt (Old)
 and      /work/SRC/openSUSE:Factory/.rubygem-json-jwt.new.17445 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "rubygem-json-jwt"

Wed Nov 15 21:07:26 2023 rev:12 rq:1123201 version:1.16.3

Changes:
--------
--- /work/SRC/openSUSE:Factory/rubygem-json-jwt/rubygem-json-jwt.changes        
2022-10-30 18:29:08.710484629 +0100
+++ 
/work/SRC/openSUSE:Factory/.rubygem-json-jwt.new.17445/rubygem-json-jwt.changes 
    2023-11-15 21:08:22.635787341 +0100
@@ -1,0 +2,10 @@
+Fri Nov  3 07:40:35 UTC 2023 - Dan Čermák <[email protected]>
+
+- ### Fixed
+
+- Remove padding oracle by @btoews in https://github.com/nov/json-jwt/pull/109
+
+## [1.16.0] - 2022-10-08
+
+
+-------------------------------------------------------------------

Old:
----
  json-jwt-1.16.1.gem

New:
----
  json-jwt-1.16.3.gem

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ rubygem-json-jwt.spec ++++++
--- /var/tmp/diff_new_pack.4SGY7Y/_old  2023-11-15 21:08:23.287811398 +0100
+++ /var/tmp/diff_new_pack.4SGY7Y/_new  2023-11-15 21:08:23.287811398 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package rubygem-json-jwt
 #
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -24,11 +24,10 @@
 #
 
 Name:           rubygem-json-jwt
-Version:        1.16.1
+Version:        1.16.3
 Release:        0
 %define mod_name json-jwt
 %define mod_full_name %{mod_name}-%{version}
-BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  %{ruby >= 2.4}
 BuildRequires:  %{rubygem gem2rpm}
 BuildRequires:  ruby-macros >= 5
@@ -37,7 +36,6 @@
 Source1:        gem2rpm.yml
 Summary:        JSON Web Token and its family (JSON Web Signature, JSON Web
 License:        MIT
-Group:          Development/Languages/Ruby
 
 %description
 JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and

++++++ json-jwt-1.16.1.gem -> json-jwt-1.16.3.gem ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/.github/workflows/spec.yml 
new/.github/workflows/spec.yml
--- old/.github/workflows/spec.yml      2022-10-20 11:25:34.000000000 +0200
+++ new/.github/workflows/spec.yml      2023-01-24 02:39:03.000000000 +0100
@@ -13,12 +13,11 @@
   spec:
     strategy:
       matrix:
-        os: ['ubuntu-20.04']
-        ruby-version: ['2.6', '2.7', '3.0', '3.1']
-        # ubuntu 22.04 only supports ssl 3 and thus only ruby 3.1
+        os: ['ubuntu-20.04', 'ubuntu-22.04']
+        ruby-version: ['3.1', '3.2']
         include:
-        - os: 'ubuntu-22.04'
-          ruby-version: '3.1'
+        - os: 'ubuntu-20.04'
+          ruby-version: '3.0'
     runs-on: ${{ matrix.os }}
 
     steps:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md
--- old/CHANGELOG.md    2022-10-20 11:25:34.000000000 +0200
+++ new/CHANGELOG.md    2023-01-24 02:39:03.000000000 +0100
@@ -2,6 +2,12 @@
 
 ## [1.16.0] - 2022-10-08
 
+### Fixed
+
+- Remove padding oracle by @btoews in https://github.com/nov/json-jwt/pull/109
+
+## [1.16.0] - 2022-10-08
+
 ### Added
 
 - start recording CHANGELOG
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/VERSION new/VERSION
--- old/VERSION 2022-10-20 11:25:34.000000000 +0200
+++ new/VERSION 2023-01-24 02:39:03.000000000 +0100
@@ -1 +1 @@
-1.16.1
\ No newline at end of file
+1.16.3
\ No newline at end of file
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lib/json/jwk/set/fetcher.rb 
new/lib/json/jwk/set/fetcher.rb
--- old/lib/json/jwk/set/fetcher.rb     2022-10-20 11:25:34.000000000 +0200
+++ new/lib/json/jwk/set/fetcher.rb     2023-01-24 02:39:03.000000000 +0100
@@ -6,6 +6,8 @@
           def fetch(cache_key, options = {})
             yield
           end
+
+          def delete(cache_key, options = {}); end
         end
 
         def self.logger
@@ -70,6 +72,7 @@
               end
             )
           )
+          cache.delete(cache_key, options) if jwks[kid].blank?
 
           if auto_detect
             jwks[kid] or raise KidNotFound
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata        2022-10-20 11:25:34.000000000 +0200
+++ new/metadata        2023-01-24 02:39:03.000000000 +0100
@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: json-jwt
 version: !ruby/object:Gem::Version
-  version: 1.16.1
+  version: 1.16.3
 platform: ruby
 authors:
 - nov matake
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-10-20 00:00:00.000000000 Z
+date: 2023-01-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -197,7 +197,7 @@
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.7
+rubygems_version: 3.3.26
 signing_key:
 specification_version: 4
 summary: JSON Web Token and its family (JSON Web Signature, JSON Web 
Encryption and

Reply via email to