Hello community,
here is the log from the commit of package rubygem-rubyzip for openSUSE:Factory
checked in at 2019-03-01 16:46:24
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-rubyzip (Old)
and /work/SRC/openSUSE:Factory/.rubygem-rubyzip.new.28833 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-rubyzip"
Fri Mar 1 16:46:24 2019 rev:14 rq:668904 version:1.2.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/rubygem-rubyzip/rubygem-rubyzip.changes
2018-09-07 15:39:58.250499655 +0200
+++
/work/SRC/openSUSE:Factory/.rubygem-rubyzip.new.28833/rubygem-rubyzip.changes
2019-03-01 16:46:25.709821761 +0100
@@ -5 +5,5 @@
- no changelog found
+ Fixes CVE-2018-1000544 symlink and absolute path traversal
+ (bsc#1099280).
+
+ See https://github.com/rubyzip/rubyzip/pull/387
+ for full changelog.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rubygem-rubyzip.spec ++++++
--- /var/tmp/diff_new_pack.kEnsQk/_old 2019-03-01 16:46:26.337821524 +0100
+++ /var/tmp/diff_new_pack.kEnsQk/_new 2019-03-01 16:46:26.337821524 +0100
@@ -1,7 +1,7 @@
#
# spec file for package rubygem-rubyzip
#
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
