Hello community, here is the log from the commit of package bubblewrap for openSUSE:Factory checked in at 2019-06-04 12:09:07 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/bubblewrap (Old) and /work/SRC/openSUSE:Factory/.bubblewrap.new.5148 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "bubblewrap" Tue Jun 4 12:09:07 2019 rev:8 rq:706819 version:0.3.3 Changes: -------- --- /work/SRC/openSUSE:Factory/bubblewrap/bubblewrap.changes 2018-10-25 08:10:52.376245754 +0200 +++ /work/SRC/openSUSE:Factory/.bubblewrap.new.5148/bubblewrap.changes 2019-06-04 12:09:11.779883557 +0200 @@ -1,0 +2,20 @@ +Sat Jun 1 15:08:49 UTC 2019 - Sebastian Wagner <[email protected]> + +- Update to version 0.3.3: + - This release is the same as 0.3.2 but the version number in configure.ac + was accidentally still set to 0.3.1 +- Update to version 0.3.2: + - fixes boo#1136958 / CVE-2019-12439 + This release fixes a mostly theoretical security issue in unusual/broken + setups where `$XDG_RUNTIME_DIR` is unset. + There are some other smaller fixes, as well as an addition to the JSON + API that allows reading the inner process exit code, separately from + the `bwrap` exit code. + - Print "Out of memory" on stderr, not stdout + - bwrap: add option json-status-fd to show child exit code + - bwrap: Report COMMAND exit code in json-status-fd + - man page: Describe --chdir, not nonexistent --cwd + - Don't create our own temporary mount point for pivot_root + - Make lockdata long enough on 32-bit with 64-bit file pointers. + +------------------------------------------------------------------- Old: ---- v0.3.1.tar.gz New: ---- bubblewrap-0.3.3.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ bubblewrap.spec ++++++ --- /var/tmp/diff_new_pack.nAie10/_old 2019-06-04 12:09:12.803883221 +0200 +++ /var/tmp/diff_new_pack.nAie10/_new 2019-06-04 12:09:12.803883221 +0200 @@ -1,7 +1,7 @@ # # spec file for package bubblewrap # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,16 +17,13 @@ Name: bubblewrap -Version: 0.3.1 +Version: 0.3.3 Release: 0 Summary: Core execution tool for unprivileged containers License: LGPL-2.0-or-later Group: Productivity/Security Url: https://github.com/projectatomic/bubblewrap -Source: https://github.com/projectatomic/bubblewrap/archive/v%{version}.tar.gz -# Does not have README.md and autogen.sh included -> unusable -# Source0: https://github.com/projectatomic/bubblewrap/releases/download/v%%{version}/%%{name}-%%{version}.tar.xz -# We always run autogen.sh +Source0: https://github.com/projectatomic/bubblewrap/releases/download/v%{version}/%{name}-%{version}.tar.xz BuildRequires: autoconf BuildRequires: automake BuildRequires: docbook-xsl-stylesheets
