Hello community, here is the log from the commit of package libuser for openSUSE:Factory checked in at 2018-05-29 10:29:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libuser (Old) and /work/SRC/openSUSE:Factory/.libuser.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libuser" Tue May 29 10:29:23 2018 rev:6 rq:609930 version:0.62 Changes: -------- --- /work/SRC/openSUSE:Factory/libuser/libuser.changes 2017-08-16 16:13:06.462487152 +0200 +++ /work/SRC/openSUSE:Factory/.libuser.new/libuser.changes 2018-05-29 10:29:23.706885339 +0200 @@ -1,0 +2,35 @@ +Wed May 16 09:05:58 UTC 2018 - [email protected] + +- drop 0001-Refuse-to-write-field-values-which-contain-n.-bsc-93.patch + (upstream) + +- rename libuser-0.60.patch to libuser-sharedlib.patch + +- Update to 0.62 + * Fixed security vulnerabilities: + * \n characters were allowed in files/shadow fields (CVE-2015-3245) + * Non-atomic file updates in files/shadow module (CVE-2015-3246) + Thanks to Qualys for reporting these issues. + * The files and shadow modules now use a shadow-utils compatible + scheme (primarily lckpwdf()). + +- Update to 0.61 + * Python 3 is now supported. + Consistent with the Python 3 C API and its prevailing usage, + only UTF-8 locales work. Note that importing libuser in + non-UTF-8 locales will fail in Python 3. + * The Python extension now requires Python 2.7. + * Translations are now maintained in https://fedora.zanata.org/ . + * tests/fs_test can be edited to truly perform operations as root, + without fakeroot. + * sgml2txt is no longer required for building from the released + tarball. + * Miscellaneous bug fixes and cleanups, primarily in the Python + extension. + +------------------------------------------------------------------- +Wed May 16 07:30:21 UTC 2018 - [email protected] + +- Just fixing the License field + +------------------------------------------------------------------- Old: ---- 0001-Refuse-to-write-field-values-which-contain-n.-bsc-93.patch libuser-0.60.patch libuser-0.60.tar.xz New: ---- libuser-0.62.tar.xz libuser-sharedlib.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libuser.spec ++++++ --- /var/tmp/diff_new_pack.2N9kez/_old 2018-05-29 10:29:24.382860366 +0200 +++ /var/tmp/diff_new_pack.2N9kez/_new 2018-05-29 10:29:24.386860219 +0200 @@ -1,7 +1,7 @@ # # spec file for package libuser # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,11 +19,11 @@ Name: libuser %define libname %{name}1 -Version: 0.60 +Version: 0.62 Release: 0 -Url: https://fedorahosted.org/libuser/ +Url: https://pagure.io/libuser Summary: A user and group account administration library -License: LGPL-2.0+ +License: LGPL-2.0-or-later Group: Development/Libraries/C and C++ Source: %{name}-%{version}.tar.xz BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -41,7 +41,7 @@ BuildRequires: automake BuildRequires: libtool # redefine pkglibdir to honor SUSE shared lib rules, [email protected] -Patch1: libuser-0.60.patch +Patch1: libuser-sharedlib.patch # fix path to slapd for SUSE, [email protected] Patch2: suse-ldap.dif %if 0%{?suse_version} <= 1110 @@ -50,7 +50,6 @@ BuildRequires: xz %endif %endif -Patch4: 0001-Refuse-to-write-field-values-which-contain-n.-bsc-93.patch %description The libuser library implements a standardized interface for manipulating @@ -83,7 +82,7 @@ %package python Summary: Python bindings for the libuser library -Group: Development/Libraries +Group: Development/Libraries/Python Requires: %{name} = %{version} %description python @@ -100,7 +99,6 @@ %patch3 -p1 %endif %endif -%patch4 -p1 %build %if 0%{?suse_version} ++++++ g_malloc0_n.patch ++++++ --- /var/tmp/diff_new_pack.2N9kez/_old 2018-05-29 10:29:24.414859184 +0200 +++ /var/tmp/diff_new_pack.2N9kez/_new 2018-05-29 10:29:24.414859184 +0200 @@ -1,6 +1,16 @@ -diff -wruN -x '*~' -x '*.o' -x '*.a' -x '*.so' -x '*.so.[0-9]' -x autom4te.cache -x .deps -x .libs ../orig-libuser-0.59/lib/user.h ./lib/user.h ---- ../orig-libuser-0.59/lib/user.h 2013-03-29 15:46:36.000000000 +0100 -+++ ./lib/user.h 2013-09-27 09:10:40.776591577 +0200 +From 1b4416f582b7f97e675bbcb7c2914dcf63d199f7 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <[email protected]> +Date: Wed, 16 May 2018 11:18:51 +0200 +Subject: [PATCH 1/3] define g_malloc0_n and g_malloc_n + +--- + lib/user.h | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/lib/user.h b/lib/user.h +index bc42cea293da..3e7e223ec509 100644 +--- a/lib/user.h ++++ b/lib/user.h @@ -21,6 +21,9 @@ #include <sys/types.h> @@ -11,3 +21,6 @@ #include "config.h" #include "entity.h" #include "error.h" +-- +2.16.3 + ++++++ libuser-0.60.tar.xz -> libuser-0.62.tar.xz ++++++ ++++ 45525 lines of diff (skipped) ++++++ libuser-sharedlib.patch ++++++ >From 3b4935cebd16b85d1d8edcf47186fc40fb53bcf0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <[email protected]> Date: Wed, 16 May 2018 11:20:41 +0200 Subject: [PATCH 3/3] split into libuser1 and libuser for shared lib policy --- Makefile.am | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Makefile.am b/Makefile.am index 080f97e8cc81..c69222576a70 100644 --- a/Makefile.am +++ b/Makefile.am @@ -3,6 +3,8 @@ ## Settings pkgconfigdir = $(libdir)/pkgconfig +pkglibdir = $(libdir)/$(PACKAGE)1 + ACLOCAL_AMFLAGS = -I m4 AM_DISTCHECK_CONFIGURE_FLAGS = --enable-gtk-doc --with-ldap -- 2.16.3 ++++++ suse-ldap.dif ++++++ --- /var/tmp/diff_new_pack.2N9kez/_old 2018-05-29 10:29:24.830843816 +0200 +++ /var/tmp/diff_new_pack.2N9kez/_new 2018-05-29 10:29:24.834843668 +0200 @@ -1,7 +1,18 @@ -diff -wruN -x '*~' -x '*.o' -x '*.a' -x '*.so' -x '*.so.[0-9]' -x autom4te.cache -x .deps -x .libs ../orig-libuser-0.60/tests/default_pw_test ./tests/default_pw_test ---- ../orig-libuser-0.60/tests/default_pw_test 2013-10-12 23:56:08.000000000 +0200 -+++ ./tests/default_pw_test 2014-02-05 13:23:22.696034846 +0100 -@@ -98,7 +98,7 @@ +From 5be4488702e1fc15dd6221a317c36f82b6d92725 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <[email protected]> +Date: Wed, 16 May 2018 11:19:52 +0200 +Subject: [PATCH 2/3] fix path to slapd in SUSE + +--- + tests/default_pw_test | 2 +- + tests/ldap_test | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/tests/default_pw_test b/tests/default_pw_test +index 6da406cf3f67..4269b5db3389 100755 +--- a/tests/default_pw_test ++++ b/tests/default_pw_test +@@ -98,7 +98,7 @@ for modules in \ # This is racy, but much better than a static port [ -z "$ldap_port" ] && ldap_port=$(tests/alloc_port) # FIXME: path @@ -10,10 +21,11 @@ -f "$workdir"/slapd.conf & tests/wait_for_slapd_start "$workdir"/slapd.pid "$ldap_port" slapd_pid=$(cat "$workdir"/slapd.pid) -diff -wruN -x '*~' -x '*.o' -x '*.a' -x '*.so' -x '*.so.[0-9]' -x autom4te.cache -x .deps -x .libs ../orig-libuser-0.60/tests/ldap_test ./tests/ldap_test ---- ../orig-libuser-0.60/tests/ldap_test 2013-10-12 23:56:08.000000000 +0200 -+++ ./tests/ldap_test 2014-02-05 13:23:22.696034846 +0100 -@@ -50,7 +50,7 @@ +diff --git a/tests/ldap_test b/tests/ldap_test +index f82c2795ef28..e7d866ac6c2b 100755 +--- a/tests/ldap_test ++++ b/tests/ldap_test +@@ -50,7 +50,7 @@ mkdir "$workdir"/db sed "s|@WORKDIR@|$workdir|g" < "$srcdir"/slapd.conf.in > "$workdir"/slapd.conf ldap_port=$(tests/alloc_port) # This is racy, but much better than a static port # FIXME: path @@ -22,3 +34,6 @@ tests/wait_for_slapd_start "$workdir"/slapd.pid "$ldap_port" slapd_pid=$(cat "$workdir"/slapd.pid) trap 'status=$?; kill $slapd_pid +-- +2.16.3 +
