Hello community,
here is the log from the commit of package yast2-sysconfig for openSUSE:Factory
checked in at 2018-12-31 09:42:12
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/yast2-sysconfig (Old)
and /work/SRC/openSUSE:Factory/.yast2-sysconfig.new.28833 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2-sysconfig"
Mon Dec 31 09:42:12 2018 rev:38 rq:653869 version:4.1.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/yast2-sysconfig/yast2-sysconfig.changes
2018-09-04 22:51:15.763992921 +0200
+++
/work/SRC/openSUSE:Factory/.yast2-sysconfig.new.28833/yast2-sysconfig.changes
2018-12-31 09:42:14.574420323 +0100
@@ -1,0 +2,14 @@
+Tue Dec 4 13:27:20 UTC 2018 - Stefan Hundhammer <[email protected]>
+
+- Security audit fix: Documented external command usage and added
+ warning if calling an external command without an absolute path
+ (bsc#1118291)
+- 4.1.2
+
+-------------------------------------------------------------------
+Mon Nov 26 05:04:52 UTC 2018 - Noah Davis <[email protected]>
+
+- Provide icon with module (boo#1109310)
+- 4.1.1
+
+-------------------------------------------------------------------
Old:
----
yast2-sysconfig-4.1.0.tar.bz2
New:
----
yast2-sysconfig-4.1.2.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ yast2-sysconfig.spec ++++++
--- /var/tmp/diff_new_pack.C8by3q/_old 2018-12-31 09:42:15.074419914 +0100
+++ /var/tmp/diff_new_pack.C8by3q/_new 2018-12-31 09:42:15.074419914 +0100
@@ -17,7 +17,7 @@
Name: yast2-sysconfig
-Version: 4.1.0
+Version: 4.1.2
Release: 0
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -84,6 +84,7 @@
%{yast_ydatadir}/sysedit.agent
%{yast_ydatadir}/descriptions
%{yast_schemadir}/autoyast/rnc/sysconfig.rnc
+%{yast_icondir}
%dir %{yast_docdir}
%license %{yast_docdir}/COPYING
%doc %{yast_docdir}/metadata.txt
++++++ yast2-sysconfig-4.1.0.tar.bz2 -> yast2-sysconfig-4.1.2.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-sysconfig-4.1.0/package/yast2-sysconfig.changes
new/yast2-sysconfig-4.1.2/package/yast2-sysconfig.changes
--- old/yast2-sysconfig-4.1.0/package/yast2-sysconfig.changes 2018-08-24
09:54:09.000000000 +0200
+++ new/yast2-sysconfig-4.1.2/package/yast2-sysconfig.changes 2018-12-04
15:07:55.000000000 +0100
@@ -1,4 +1,18 @@
-------------------------------------------------------------------
+Tue Dec 4 13:27:20 UTC 2018 - Stefan Hundhammer <[email protected]>
+
+- Security audit fix: Documented external command usage and added
+ warning if calling an external command without an absolute path
+ (bsc#1118291)
+- 4.1.2
+
+-------------------------------------------------------------------
+Mon Nov 26 05:04:52 UTC 2018 - Noah Davis <[email protected]>
+
+- Provide icon with module (boo#1109310)
+- 4.1.1
+
+-------------------------------------------------------------------
Thu Aug 23 14:34:31 UTC 2018 - [email protected]
- Update calls to Yast2 systemd classes (related to fate#319428)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/yast2-sysconfig-4.1.0/package/yast2-sysconfig.spec
new/yast2-sysconfig-4.1.2/package/yast2-sysconfig.spec
--- old/yast2-sysconfig-4.1.0/package/yast2-sysconfig.spec 2018-08-24
09:54:09.000000000 +0200
+++ new/yast2-sysconfig-4.1.2/package/yast2-sysconfig.spec 2018-12-04
15:07:55.000000000 +0100
@@ -17,7 +17,7 @@
Name: yast2-sysconfig
-Version: 4.1.0
+Version: 4.1.2
Release: 0
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -74,6 +74,7 @@
%{yast_ydatadir}/sysedit.agent
%{yast_ydatadir}/descriptions
%{yast_schemadir}/autoyast/rnc/sysconfig.rnc
+%{yast_icondir}
%dir %{yast_docdir}
%license %{yast_docdir}/COPYING
%doc %{yast_docdir}/metadata.txt
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/yast2-sysconfig-4.1.0/src/Makefile.am
new/yast2-sysconfig-4.1.2/src/Makefile.am
--- old/yast2-sysconfig-4.1.0/src/Makefile.am 2018-08-24 09:54:09.000000000
+0200
+++ new/yast2-sysconfig-4.1.2/src/Makefile.am 2018-12-04 15:07:55.000000000
+0100
@@ -30,6 +30,10 @@
desktop_DATA = \
desktop/sysconfig.desktop
-EXTRA_DIST = $(module_DATA) $(client_DATA) $(ynclude_DATA) $(schemafiles_DATA)
$(ybin_SCRIPTS) $(ydata_DATA) $(desktop_DATA)
+scalabledir = @icondir@/hicolor/scalable/apps
+scalable_DATA = \
+ icons/hicolor/scalable/apps/yast-sysconfig.svg
-include $(top_srcdir)/Makefile.am.common
\ No newline at end of file
+EXTRA_DIST = $(module_DATA) $(client_DATA) $(ynclude_DATA) $(schemafiles_DATA)
$(ybin_SCRIPTS) $(ydata_DATA) $(desktop_DATA) $(scalable_DATA)
+
+include $(top_srcdir)/Makefile.am.common
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-sysconfig-4.1.0/src/icons/hicolor/scalable/apps/yast-sysconfig.svg
new/yast2-sysconfig-4.1.2/src/icons/hicolor/scalable/apps/yast-sysconfig.svg
---
old/yast2-sysconfig-4.1.0/src/icons/hicolor/scalable/apps/yast-sysconfig.svg
1970-01-01 01:00:00.000000000 +0100
+++
new/yast2-sysconfig-4.1.2/src/icons/hicolor/scalable/apps/yast-sysconfig.svg
2018-12-04 15:07:55.000000000 +0100
@@ -0,0 +1 @@
+<svg height="128" width="128" xmlns="http://www.w3.org/2000/svg";><path d="M32
96c-2.216 0-4 1.98-4 4.444v11.112c0 2.46 1.784 4.444 4 4.444h64c2.216 0 4-1.98
4-4.444v-11.112c0-2.46-1.784-4.444-4-4.444z" fill="#5e5c64"/><path d="M32
92c-2.216 0-4 1.98-4 4.444v11.112c0 2.46 1.784 4.444 4 4.444h64c2.216 0 4-1.98
4-4.444V96.444c0-2.46-1.784-4.444-4-4.444z" fill="#9a9996"/><path d="M12
20c-2.216 0-4 1.832-4 4.104v71.792A4.04 4.04 0 0 0 12 100h104c2.216 0 4-1.832
4-4.104V24.104A4.04 4.04 0 0 0 116 20z" fill="#5e5c64"/><path d="M12 16c-2.216
0-4 1.784-4 4v72c0 2.216 1.784 4 4 4h104c2.216 0 4-1.784
4-4V20c0-2.216-1.784-4-4-4z" fill="#9a9996"/><path d="M12 20h104v72H12z"
fill="#3d3846"/><path d="M16 24h96v64H16z" fill="#33d17a"/><path d="M60
28l-3.108 9.328c-.36.136-.72.28-1.072.44l-8.788-4.392-5.656 5.656 4.4 8.796a20
20 0 0 0-.464 1.064L36 52v8l9.328 3.108c.136.36.28.72.44 1.072l-4.392 8.788
5.656 5.656 8.796-4.4c.348.168.704.32 1.064.464L60
84h8l3.108-9.328c.36-.136.72-.28 1.072-.44l8.788 4.392
5.656-5.656-4.4-8.796c.168-.348.32-.704.464-1.064L92 60v-8l-9.328-3.108a19.96
19.96 0 0 0-.44-1.072l4.392-8.788-5.656-5.656-8.796 4.4a19.968 19.968 0 0
0-1.064-.464L68 28zm4 16a12 12 0 1 1 0 24 12 12 0 0 1 0-24z"
fill="#3d3846"/><path d="M16 24h72L72 88H16z" fill="#fff" opacity=".2"/></svg>
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/yast2-sysconfig-4.1.0/src/modules/Sysconfig.rb
new/yast2-sysconfig-4.1.2/src/modules/Sysconfig.rb
--- old/yast2-sysconfig-4.1.0/src/modules/Sysconfig.rb 2018-08-24
09:54:09.000000000 +0200
+++ new/yast2-sysconfig-4.1.2/src/modules/Sysconfig.rb 2018-12-04
15:07:55.000000000 +0100
@@ -1133,7 +1133,23 @@
error = Builtins.sformat(_("Command %1 failed"), cmd)
confirm = _("A command will be executed") + "\n" + _("Command: ") + cmd
+ # Any command executed here is taken verbatim from a file in
+ # /etc/sysconfig. The command should contain an absolute path, and if it
+ # has any arguments, they should be properly quoted.
+ #
+ # There does not seem to be a single example where such a command has any
+ # arguments, though.
+ #
+ # Example specification from /etc/sysconfig/fonts-config:
+ #
+ # ## Command: /usr/sbin/fonts-config
+ #
+ # Specification:
+ #
https://github.com/yast/yast-sysconfig/blob/master/doc/metadata.txt#L141-L159
+
action = lambda do
+ log.warn("No absolute path in command #{cmd}") unless
cmd.lstrip.start_with?("/")
+
log.info "Starting: #{cmd}"
cmd_out = SCR.Execute(path(".target.bash_output"), "#{cmd} 2>&1")
log.info "Result: #{cmd_out['exit']}"
