commit gvfs for openSUSE:Factory

Sun, 21 Jul 2019 02:32:20 -0700 

Hello community,

here is the log from the commit of package gvfs for openSUSE:Factory checked in 
at 2019-07-21 11:31:44
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/gvfs (Old)
 and      /work/SRC/openSUSE:Factory/.gvfs.new.4126 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "gvfs"

Sun Jul 21 11:31:44 2019 rev:159 rq:716279 version:1.40.2

Changes:
--------
--- /work/SRC/openSUSE:Factory/gvfs/gvfs.changes        2019-05-22 
10:50:12.739366182 +0200
+++ /work/SRC/openSUSE:Factory/.gvfs.new.4126/gvfs.changes      2019-07-21 
11:31:45.524803508 +0200
@@ -1,0 +2,20 @@
+Wed Jul 17 10:07:09 UTC 2019 - Bjørn Lie <[email protected]>
+
+- Update to version 1.40.2:
+  + daemon:
+    - Only accept EXTERNAL authentication (CVE-2019-12795).
+    - Check that the connecting client is the same user
+      (CVE-2019-12795).
+  + admin:
+    - Ensure correct ownership when moving to file:// uri
+      (CVE-2019-12449).
+    - Use fsuid to ensure correct file ownership (CVE-2019-12447).
+    - Allow changing file owner (CVE-2019-12447).
+    - Add query_info_on_read/write functionality (CVE-2019-12448).
+  + afc: Remove assumptions about length of device UUID to support
+    new devices.
+  + gmountsource: Fix deadlocks in synchronous API.
+  + afp: Fix afp backend crash when no username supplied.
+  + Updated translations.
+
+-------------------------------------------------------------------

Old:
----
  gvfs-1.40.1.tar.xz

New:
----
  gvfs-1.40.2.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ gvfs.spec ++++++
--- /var/tmp/diff_new_pack.GMd5j8/_old  2019-07-21 11:31:46.036803421 +0200
+++ /var/tmp/diff_new_pack.GMd5j8/_new  2019-07-21 11:31:46.036803421 +0200
@@ -18,7 +18,7 @@
 
 %bcond_without  cdda
 Name:           gvfs
-Version:        1.40.1
+Version:        1.40.2
 Release:        0
 Summary:        Virtual File System functionality for GLib
 License:        LGPL-2.0-or-later AND GPL-3.0-only

++++++ gvfs-1.40.1.tar.xz -> gvfs-1.40.2.tar.xz ++++++
++++ 5005 lines of diff (skipped)

Reply via email to