Hello community, here is the log from the commit of package guile for openSUSE:Factory checked in at 2016-10-20 23:06:48 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/guile (Old) and /work/SRC/openSUSE:Factory/.guile.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "guile" Changes: -------- --- /work/SRC/openSUSE:Factory/guile/guile.changes 2016-07-28 23:43:27.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.guile.new/guile.changes 2016-10-20 23:06:49.000000000 +0200 @@ -1,0 +2,12 @@ +Sat Oct 15 14:55:17 UTC 2016 - mplus...@suse.com + +- Update to version 2.0.13 + * Security fixes + + CVE-2016-8606: REPL server now protects against HTTP + inter-protocol attacks + + CVE-2016-8605: 'mkdir' procedure no longer calls umask(2) + * Several bugfixes and improvements (for details see NEWS file) +- Fetch keyring from savannah +- Use https for all urls + +------------------------------------------------------------------- Old: ---- guile-2.0.12.tar.xz guile-2.0.12.tar.xz.sig New: ---- guile-2.0.13.tar.xz guile-2.0.13.tar.xz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ guile.spec ++++++ --- /var/tmp/diff_new_pack.402Cc7/_old 2016-10-20 23:06:50.000000000 +0200 +++ /var/tmp/diff_new_pack.402Cc7/_new 2016-10-20 23:06:50.000000000 +0200 @@ -25,15 +25,15 @@ %define libgreadver 18 %define greadsuff v-%{libgreadver}-%{libgreadver} Name: guile -Version: %{guilevers}.12 +Version: %{guilevers}.13 Release: 0 Summary: GNU's Ubiquitous Intelligent Language for Extension License: GFDL-1.3 and GPL-3.0+ and LGPL-3.0+ Group: Development/Languages/Scheme -Url: http://www.gnu.org/software/guile/ -Source0: ftp://ftp.gnu.org/gnu/guile/%{name}-%{version}.tar.xz -Source1: ftp://ftp.gnu.org/gnu/guile/%{name}-%{version}.tar.xz.sig -Source2: %{name}.keyring +Url: https://www.gnu.org/software/guile/ +Source0: https://ftp.gnu.org/gnu/guile/%{name}-%{version}.tar.xz +Source1: https://ftp.gnu.org/gnu/guile/%{name}-%{version}.tar.xz.sig +Source2: https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=guile&download=1#/%{name}.keyring Source3: guile-rpmlintrc # suse specific Patch0: %{name}-fake-buildstamp.patch ++++++ guile-2.0.12.tar.xz -> guile-2.0.13.tar.xz ++++++ ++++ 34546 lines of diff (skipped) ++++++ guile.keyring ++++++ Files /var/tmp/diff_new_pack.402Cc7/_old and /var/tmp/diff_new_pack.402Cc7/_new differ