Hello community, here is the log from the commit of package libredwg for openSUSE:Factory checked in at 2019-11-07 23:20:10 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libredwg (Old) and /work/SRC/openSUSE:Factory/.libredwg.new.2990 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libredwg" Thu Nov 7 23:20:10 2019 rev:8 rq:746156 version:0.9.1 Changes: -------- --- /work/SRC/openSUSE:Factory/libredwg/libredwg.changes 2019-08-05 10:37:38.567325474 +0200 +++ /work/SRC/openSUSE:Factory/.libredwg.new.2990/libredwg.changes 2019-11-07 23:20:19.564780911 +0100 @@ -1,0 +2,27 @@ +Wed Oct 30 14:46:09 UTC 2019 - Jan Engelhardt <[email protected]> + +- Update to release 0.9.1 + * Fixed more null pointer dereferences, overflows, hangs and + memory leaks for fuzzed (i.e. illegal) DWGs. +- Update to release 0.9 [boo#1154080] + * Added the DXF importer, using the new dynapi and the r2000 + encoder. Only for r2000 DXFs. + * Added utf8text conversion functions to the dynapi. + * Added 3DSOLID encoder. + * Added APIs to find handles for names, searching in tables + and dicts. + * API breaking changes - see NEWS file in package. + * Fixed null pointer dereferences, and memory leaks (except DXF + importer) + [boo#1129868, CVE-2019-9779] + [boo#1129869, CVE-2019-9778] + [boo#1129870, CVE-2019-9777] + [boo#1129873, CVE-2019-9776] + [boo#1129874, CVE-2019-9773] + [boo#1129875, CVE-2019-9772] + [boo#1129876, CVE-2019-9771] + [boo#1129878, CVE-2019-9775] + [boo#1129879, CVE-2019-9774] + [boo#1129881, CVE-2019-9770] + +------------------------------------------------------------------- Old: ---- libredwg-0.8.tar.xz libredwg-0.8.tar.xz.sig New: ---- libredwg-0.9.1.tar.xz libredwg-0.9.1.tar.xz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libredwg.spec ++++++ --- /var/tmp/diff_new_pack.5oZouW/_old 2019-11-07 23:20:21.840783352 +0100 +++ /var/tmp/diff_new_pack.5oZouW/_new 2019-11-07 23:20:21.844783357 +0100 @@ -17,7 +17,7 @@ Name: libredwg -Version: 0.8 +Version: 0.9.1 Release: 0 Summary: A library to handle DWG files License: GPL-3.0-or-later @@ -70,9 +70,12 @@ %setup -q %build +# No management of SO version despite ABI breaking changes: +# Force-add some symvers so RPM can produce meaningful deps. +echo 'V_%version { global: *; };' >src/sv.sym %configure \ --disable-static -make %{?_smp_mflags} +make %{?_smp_mflags} libredwg_la_LDFLAGS=-Wl,-version-script,sv.sym libredwg_la_LIBADD=-lm %install %make_install @@ -90,12 +93,13 @@ %files tools %license COPYING %{_bindir}/dwg* +%{_bindir}/dxf* %{_mandir}/man?/*.1%{?ext_man} %{_infodir}/LibreDWG.info%{?ext_info} %files devel %license COPYING -%doc AUTHORS ChangeLog README README-alpha TODO +%doc AUTHORS ChangeLog NEWS README README-alpha TODO %{_includedir}/*.h %{_libdir}/libredwg.so %{_libdir}/pkgconfig/libredwg.pc ++++++ libredwg-0.8.tar.xz -> libredwg-0.9.1.tar.xz ++++++ ++++ 1039368 lines of diff (skipped)
