Hello community, here is the log from the commit of package permissions for openSUSE:Leap:15.2 checked in at 2020-02-16 18:25:22 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/permissions (Old) and /work/SRC/openSUSE:Leap:15.2/.permissions.new.26092 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "permissions" Sun Feb 16 18:25:22 2020 rev:41 rq:768174 version:unknown Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/permissions/permissions.changes 2020-01-15 15:43:40.655263045 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.permissions.new.26092/permissions.changes 2020-02-16 18:25:31.506630216 +0100 @@ -1,0 +2,49 @@ +Mon Jan 27 11:58:17 UTC 2020 - [email protected] + +- Update to version 20200127: + * fix paths of ksysguard whitelisting + * fix zero-termination of error message for overly long paths + +------------------------------------------------------------------- +Thu Dec 05 14:31:49 UTC 2019 - [email protected] + +- Update to version 20191205: + * fix privilege escalation through untrusted symlinks (bsc#1150734, + CVE-2019-3690) + +------------------------------------------------------------------- +Wed Nov 27 12:47:23 UTC 2019 - [email protected] + +- Update to version 20191122: + * faxq-helper: correct "secure" permission for trusted group (bsc#1157498) + +------------------------------------------------------------------- +Mon Nov 18 09:52:14 UTC 2019 - [email protected] + +- Update to version 20191118: + * whitelist ksysguard network helper (bsc#1151190) + +------------------------------------------------------------------- +Tue Nov 12 12:45:12 UTC 2019 - [email protected] + +- Update to version 20191112: + * fix syntax of paranoid profile + * fix squid permissions (bsc#1093414, CVE-2019-3688) + +------------------------------------------------------------------- +Thu Oct 3 12:38:09 UTC 2019 - Tomáš Chvátal <[email protected]> + +- Add || exit 0 on the scriptlet as it can actually fail in + rootless containers with podman. This makes sure the zypper + does not abort the container creation. + * the actual error looks like: + /dev/zero: chown: Operation not permitted + +------------------------------------------------------------------- +Fri Sep 13 11:19:42 UTC 2019 - [email protected] + +- Update to version 20190913: + * setgid bit for nagios directory (bsc#1028975, bsc#1150345) +- This also restructures the sources for the permission package + +------------------------------------------------------------------- Old: ---- permissions-20190830.tar.xz New: ---- permissions-20200127.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ permissions.spec ++++++ --- /var/tmp/diff_new_pack.2RnIO4/_old 2020-02-16 18:25:31.790630361 +0100 +++ /var/tmp/diff_new_pack.2RnIO4/_new 2020-02-16 18:25:31.794630363 +0100 @@ -1,7 +1,7 @@ # # spec file for package permissions # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,7 +16,7 @@ # -%define VERSION 20190830 +%define VERSION 20200127 Name: permissions Version: %{VERSION} @@ -25,7 +25,7 @@ # Maintained in github by the security team. License: GPL-2.0-or-later Group: Productivity/Security -Url: http://github.com/openSUSE/permissions +URL: http://github.com/openSUSE/permissions Source: permissions-%{version}.tar.xz Source1: fix_version.sh BuildRequires: libcap-devel @@ -88,7 +88,7 @@ %post config %{fillup_only -n security} # apply all potentially changed permissions -%{_bindir}/chkstat --system +%{_bindir}/chkstat --system || : %package -n chkstat Summary: SUSE Linux Default Permissions tool ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.2RnIO4/_old 2020-02-16 18:25:31.818630374 +0100 +++ /var/tmp/diff_new_pack.2RnIO4/_new 2020-02-16 18:25:31.818630374 +0100 @@ -1,4 +1,4 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/openSUSE/permissions.git</param> - <param name="changesrevision">081d081dcfaf61710bda34bc21c80c66276119aa</param></service></servicedata> \ No newline at end of file + <param name="changesrevision">c454d55471490bf8b9e72faa0bb37f3515995bf8</param></service></servicedata> \ No newline at end of file ++++++ permissions-20190830.tar.xz -> permissions-20200127.tar.xz ++++++ ++++ 6180 lines of diff (skipped)
