Hello community, here is the log from the commit of package bzip2 for openSUSE:Factory checked in at 2019-08-05 10:28:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/bzip2 (Old) and /work/SRC/openSUSE:Factory/.bzip2.new.4126 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "bzip2" Mon Aug 5 10:28:42 2019 rev:65 rq:718295 version:1.0.8 Changes: -------- --- /work/SRC/openSUSE:Factory/bzip2/bzip2.changes 2019-07-02 10:37:07.882466364 +0200 +++ /work/SRC/openSUSE:Factory/.bzip2.new.4126/bzip2.changes 2019-08-05 10:28:43.515456711 +0200 @@ -1,0 +2,16 @@ +Mon Jul 22 11:08:53 UTC 2019 - Kristyna Streitova <kstreit...@suse.com> + +- Update to version 1.0.8: + * Accept as many selectors as the file format allows. + This relaxes the fix for CVE-2019-12900 from 1.0.7 + so that bzip2 allows decompression of bz2 files that + use (too) many selectors again. + * Fix handling of large (> 4GB) files on Windows. + * Cleanup of bzdiff and bzgrep scripts so they don't use + any bash extensions and handle multiple archives correctly. +- remove (applied upstream) + * bzip2-1.0.6-fix-bashisms.patch + * bzip2-1.0.6-bzgrep_return_value.patch +- use a new Source url + +------------------------------------------------------------------- Old: ---- bzip2-1.0.6-bzgrep_return_value.patch bzip2-1.0.6-fix-bashisms.patch bzip2-1.0.7.tar.gz New: ---- bzip2-1.0.8.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ bzip2.spec ++++++ --- /var/tmp/diff_new_pack.7SwkUp/_old 2019-08-05 10:28:44.075456649 +0200 +++ /var/tmp/diff_new_pack.7SwkUp/_new 2019-08-05 10:28:44.079456649 +0200 @@ -18,24 +18,21 @@ %define libname libbz2-1 Name: bzip2 -Version: 1.0.7 +Version: 1.0.8 Release: 0 Summary: A Program for Compressing Files License: BSD-3-Clause Group: Productivity/Archiving/Compression URL: https://sourceware.org/bzip2 -Source: %{name}-%{version}.tar.gz +Source0: https://sourceware.org/pub/bzip2/%{name}-%{version}.tar.gz Source1: bznew.gz Source2: bznew.1.gz Source3: baselibs.conf Source100: bzip2-rpmlintrc # PATCH-FEATURE-OPENSUSE bzip2-1.0.6-autoconfiscated.patch sbra...@suse.cz -- Convert to a standard autoconf based package. Patch0: ftp://ftp.suse.com/pub/people/sbrabec/bzip2/for_downstream/bzip2-1.0.6.2-autoconfiscated.patch -Patch1: bzip2-1.0.6-fix-bashisms.patch Patch3: bzip2-point-to-doc-pkg.patch Patch4: bzip2-ocloexec.patch -# PATCH-FIX-UPSTREAM bnc#970260 kstreit...@suse.com -- fix a wrong exit code when grepping multiple archives -Patch5: bzip2-1.0.6-bzgrep_return_value.patch BuildRequires: autoconf >= 2.57 BuildRequires: libtool BuildRequires: pkgconfig @@ -74,10 +71,8 @@ %prep %setup -q %patch0 -%patch1 -p1 %patch3 -p1 %patch4 -p1 -%patch5 -p1 %build autoreconf -fiv ++++++ bzip2-1.0.7.tar.gz -> bzip2-1.0.8.tar.gz ++++++ ++++ 1628 lines of diff (skipped)