Hello community, here is the log from the commit of package fossil for openSUSE:Factory checked in at 2020-08-29 20:36:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/fossil (Old) and /work/SRC/openSUSE:Factory/.fossil.new.3399 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "fossil" Sat Aug 29 20:36:55 2020 rev:27 rq:829798 version:2.12.1 Changes: -------- --- /work/SRC/openSUSE:Factory/fossil/fossil.changes 2020-07-08 19:20:26.712486401 +0200 +++ /work/SRC/openSUSE:Factory/.fossil.new.3399/fossil.changes 2020-08-29 20:37:02.213331178 +0200 @@ -1,0 +2,72 @@ +Wed Aug 26 13:53:19 UTC 2020 - Reinhard Max <[email protected]> + +- fossil 2.12.1: + * CVE-2020-24614: Remote authenticated users with check-in or + administrative privileges could have executed arbitrary code + [boo#1175760] + * Security fix in the "fossil git export" command. New + "safety-net" features were added to prevent similar problems + in the future. + * Enhancements to the graph display for cases when there are + many cherry-pick merges into a single check-in. Example + * Enhance the fossil open command with the new --workdir option + and the ability to accept a URL as the repository name, + causing the remote repository to be cloned automatically. Do + not allow "fossil open" to open in a non-empty working + directory unless the --keep option or the new --force option + is used. + * Enhance the markdown formatter to more closely follow the + CommonMark specification with regard to text + highlighting. Underscores in the middle of identifiers (ex: + fossil_printf()) no longer need to be escaped. + * The markdown-to-html translator can prevent unsafe HTML (for + example: <script>) on user-contributed pages like forum and + tickets and wiki. The admin can adjust this behavior using the + safe-html setting on the Admin/Wiki page. The default is to + disallow unsafe HTML everywhere. + * Added the "collapse" and "expand" capability for long forum + posts. + * The "fossil remote" command now has options for specifying + multiple persistent remotes with symbolic names. Currently + only one remote can be used at a time, but that might change + in the future. + * Add the "Remember me?" checkbox on the login page. Use a + session cookie for the login if it is not checked. + * Added the experimental "fossil hook" command for managing + "hook scripts" that run before checkin or after a push. + * Enhance the fossil revert command so that it is able to revert + all files beneath a directory. + * Add the fossil bisect skip command. + * Add the fossil backup command. + * Enhance fossil bisect ui so that it shows all unchecked + check-ins in between the innermost "good" and "bad" check-ins. + * Added the --reset flag to the "fossil add", "fossil rm", and + "fossil addremove" commands. + * Added the "--min N" and "--logfile FILENAME" flags to the + backoffice command, as well as other enhancements to make the + backoffice command a viable replacement for automatic + backoffice. Other incremental backoffice improvements. + * Added the /fileedit page, which allows editing of text files + online. Requires explicit activation by a setup user. + * Translate built-in help text into HTML for display on web + pages. + * On the /timeline webpage, the combination of query parameters + "p=CHECKIN" and "bt=ANCESTOR" draws all ancestors of CHECKIN + going back to ANCESTOR. + * Update the built-in SQLite so that the "fossil sql" command + supports new output modes ".mode box" and ".mode json". + * Add the "obscure()" SQL function to the "fossil sql" command. + * Added virtual tables "helptext" and "builtin" to the "fossil + sql" command, providing access to the dispatch table including + all help text, and the builtin data files, respectively. + * Delta compression is now applied to forum edits. + * The wiki editor has been modernized and is now Ajax-based. + +- Remove fossil-2.11-reproducible.patch: Upstream integrated the + patch and improved it to also recognize SOURCE_DATE_EPOCH. +- Remove fossil-2.7-remove_date_time.patch: OBS now sets + SOURCE_DATE_EPOCH and gcc recognizes it, so the removal of + __DATE__ and __TIME__ is not needed anymore. +- Package the fossil.1 manual page. + +------------------------------------------------------------------- Old: ---- fossil-2.11-reproducible.patch fossil-2.7-remove_date_time.patch fossil-src-2.11.1.tar.gz New: ---- fossil-src-2.12.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ fossil.spec ++++++ --- /var/tmp/diff_new_pack.sotHef/_old 2020-08-29 20:37:04.165332000 +0200 +++ /var/tmp/diff_new_pack.sotHef/_new 2020-08-29 20:37:04.169332003 +0200 @@ -22,16 +22,13 @@ %bcond_with system_sqlite %endif Name: fossil -Version: 2.11.1 +Version: 2.12.1 Release: 0 Summary: Distributed software configuration management License: BSD-2-Clause Group: Development/Tools/Version Control URL: https://www.fossil-scm.org/ Source: https://www.fossil-scm.org/index.html/uv/%{name}-src-%{version}.tar.gz -Patch1: fossil-2.7-remove_date_time.patch -# PATCH-FIX-UPSTREAM https://fossil-scm.org/fossil/info/1a894c08206f4c71bcc3 -Patch2: fossil-2.11-reproducible.patch BuildRequires: fuse-devel BuildRequires: gcc BuildRequires: openssl-devel @@ -54,11 +51,9 @@ %setup -q # test package version and source version match grep -qFx %{version} VERSION -%patch1 -p1 -%patch2 -p1 %build -export CFLAGS="%{optflags} -DFOSSIL_BUILD_EPOCH=${SOURCE_DATE_EPOCH:-42}" +export CFLAGS="%{optflags}" # FIXME: you should use the %%configure macro ./configure \ --prefix=%{_prefix} \ @@ -71,9 +66,11 @@ %install %make_install +install -D -m 644 -t %{buildroot}%{_mandir}/man1 fossil.1 %files %license COPYRIGHT-BSD2.txt %{_bindir}/fossil +%{_mandir}/*/* %changelog ++++++ fossil-src-2.11.1.tar.gz -> fossil-src-2.12.1.tar.gz ++++++ ++++ 102967 lines of diff (skipped)
