Hello community, here is the log from the commit of package nasm for openSUSE:Factory checked in at 2018-01-26 13:58:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/nasm (Old) and /work/SRC/openSUSE:Factory/.nasm.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "nasm" Fri Jan 26 13:58:42 2018 rev:36 rq:569354 version:2.13.02 Changes: -------- --- /work/SRC/openSUSE:Factory/nasm/nasm.changes 2017-07-28 09:40:55.289063827 +0200 +++ /work/SRC/openSUSE:Factory/.nasm.new/nasm.changes 2018-01-26 13:58:45.375342056 +0100 @@ -1,0 +2,40 @@ +Wed Jan 24 13:09:39 UTC 2018 - [email protected] + +- New upstream version 2.13.02: + * Fix generation of PEXTRW instruction. + * Fix smartalign package which could trigger an error during + optimization if the alignment code expanded too much due to + optimization of the previous code. + * Fix a case where negative value in TIMES directive causes + panic instead of an error. + * Fix the incorrect generation of VEX-encoded instruction + when static mode decorators are specified on scalar instructions, + losing the decorators as they require EVEX encoding. + * Fix generation of dependency lists. + * Fixes macro calls that have the wrong number of arguments + (bsc#1073796, CVE-2017-17810) + * Fixes Heap-based buffer overflow allows related to a strcpy + in paste_tokens (bsc#1073798, CVE-2017-17811) + * Fixes Heap-based buffer over-read in the function detoken() + (bsc#1073799, CVE-2017-17812) + * Fixes Use-after-free in the pp_list_one_macro function + (bsc#1073803, CVE-2017-17813) + * Fixes Use-after-free in do_directive + (bsc#1073808, CVE-2017-17814) + * Fixes Illegal address access in is_mmacro() + (bsc#1073818, CVE-2017-17815) + * Fixes Use-after-free in pp_getline + (bsc#1073823, CVE-2017-17816) + * Fixes Use-after-free in pp_verror + (bsc#1073829, CVE-2017-17817) + * Fixes Heap-based buffer over-read related to a while loop in + paste_tokens (bsc#1073830, CVE-2017-17818) + * Fixes Illegal address access in the function find_cc + (bsc#1073832, CVE-2017-17819) + * Fixes Use-after-free in pp_list_one_macro + (bsc#1073846, CVE-2017-17820) + * Fixes illegal address access in thefunction paste_tokens() + (bsc#1058013, CVE-2017-14228) +- memory_fixes.patch: changes upstreamed and removed. + +------------------------------------------------------------------- Old: ---- memory_fixes.patch nasm-2.13.01.tar.xz New: ---- nasm-2.13.02.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ nasm.spec ++++++ --- /var/tmp/diff_new_pack.gVUYS8/_old 2018-01-26 13:58:46.395294436 +0100 +++ /var/tmp/diff_new_pack.gVUYS8/_new 2018-01-26 13:58:46.403294062 +0100 @@ -1,7 +1,7 @@ # # spec file for package nasm # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,14 +17,13 @@ Name: nasm -Version: 2.13.01 +Version: 2.13.02 Release: 0 Summary: Netwide Assembler (An x86 Assembler) License: BSD-2-Clause Group: Development/Languages/Other Url: http://www.nasm.us/ Source: http://www.nasm.us/pub/nasm/releasebuilds/%{version}/nasm-%{version}.tar.xz -Patch: memory_fixes.patch BuildRequires: fdupes %description @@ -33,7 +32,6 @@ %prep %setup -q -%patch -p1 %build touch -r ./version.h ./version.h.stamp ++++++ nasm-2.13.01.tar.xz -> nasm-2.13.02.tar.xz ++++++ ++++ 26825 lines of diff (skipped)
