Hello community, here is the log from the commit of package gcab for openSUSE:Factory checked in at 2018-01-26 13:37:16 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gcab (Old) and /work/SRC/openSUSE:Factory/.gcab.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gcab" Fri Jan 26 13:37:16 2018 rev:9 rq:568732 version:0.8 Changes: -------- --- /work/SRC/openSUSE:Factory/gcab/gcab.changes 2016-04-12 18:57:14.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.gcab.new/gcab.changes 2018-01-26 13:37:17.939461332 +0100 @@ -1,0 +2,21 @@ +Tue Jan 23 16:09:51 UTC 2018 - [email protected] + +- Update to version 0.8 (CVE-2018-5345): + + This fixes the security bug known as CVE-2018-5345. + + Always check the return value when writing to the stream. + + Do not crash when ncbytes is larger than the buffer size. + + Don't encode timezone in generated files. + + Don't use version script if unsupported. + + Explicitly enable C99 support. + + Fix a few 'Dereference of null pointer' warnings. + + Fix buffer overrun when generating Huffman codes. + + Fix builddir != srcdir builds. + + Fix dependency on generated .h file. + + Fix invalid return annotation. + + Fix the calculation of the checksum on big endian machines. + + Fix -Wimplicit-fallthrough=. + + Use glib-mkenum's prefixes to avoid sed. + + Updated translations. +- Minor spec cleanup, use autosetup macro. + +------------------------------------------------------------------- Old: ---- gcab-0.7.tar.xz New: ---- gcab-0.8.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gcab.spec ++++++ --- /var/tmp/diff_new_pack.apxn8c/_old 2018-01-26 13:37:18.639428639 +0100 +++ /var/tmp/diff_new_pack.apxn8c/_new 2018-01-26 13:37:18.651428079 +0100 @@ -1,7 +1,7 @@ # # spec file for package gcab # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,20 +17,20 @@ Name: gcab -Version: 0.7 +Version: 0.8 Release: 0 Summary: Cabinet file library and tool License: LGPL-2.1+ Group: Productivity/Archiving/Compression Url: http://ftp.gnome.org/pub/GNOME/sources/gcab -Source: http://download.gnome.org/sources/gcab/0.7/%{name}-%{version}.tar.xz +Source: http://download.gnome.org/sources/gcab/0.8/%{name}-%{version}.tar.xz + BuildRequires: gobject-introspection >= 0.9.4 BuildRequires: intltool >= 0.40.0 BuildRequires: vala >= 0.14 BuildRequires: zlib-devel BuildRequires: pkgconfig(glib-2.0) >= 2.22.0 Recommends: %{name}-lang -BuildRoot: %{_tmppath}/%{name}-%{version}-build %description gcab is a tool and library for manipulating cabinet files. @@ -64,8 +64,9 @@ This package provides development files to build code against libgcab %lang_package + %prep -%setup -q +%autosetup %build %configure \ @@ -78,23 +79,19 @@ %find_lang %{name} %post -n libgcab-1_0-0 -p /sbin/ldconfig - %postun -n libgcab-1_0-0 -p /sbin/ldconfig %files -%defattr(-,root,root) %doc COPYING %{_bindir}/%{name} -%{_mandir}/man1/%{name}.1%{?ext_man} +%{_mandir}/man?/%{name}.?%{?ext_man} %files lang -f %{name}.lang %files -n libgcab-1_0-0 -%defattr(-,root,root) %{_libdir}/libgcab-1.0.so.* %files devel -%defattr(-,root,root) %doc %{_datadir}/gtk-doc/html/%{name}/ %{_includedir}/libgcab-1.0/ %{_libdir}/libgcab-1.0.so ++++++ gcab-0.7.tar.xz -> gcab-0.8.tar.xz ++++++ ++++ 7410 lines of diff (skipped)
