Hello community, here is the log from the commit of package ant for openSUSE:Factory checked in at 2020-10-08 13:05:52 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ant (Old) and /work/SRC/openSUSE:Factory/.ant.new.4249 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ant" Thu Oct 8 13:05:52 2020 rev:84 rq:838998 version:1.10.9 Changes: -------- --- /work/SRC/openSUSE:Factory/ant/ant-antlr.changes 2020-05-16 22:25:17.989145735 +0200 +++ /work/SRC/openSUSE:Factory/.ant.new.4249/ant-antlr.changes 2020-10-08 13:06:55.846887058 +0200 @@ -1,0 +2,35 @@ +Thu Oct 1 15:38:21 UTC 2020 - Pedro Monreal <[email protected]> + +- Update to 1.10.9 + * Security fix: [bsc#1177180, CVE-2020-11979] + - Insecure temporary file vulnerability + * Fixed bugs: + - The ftp task could throw a NullPointerException if an + error occured. + - Propertyset now also sees in-scope local properties. + - Replaced ReaderInputStream with the version of Apache + Commons IO due to problems with surrogate pairs. + - <fixcrlf> will no longer remove the temporary file it + just created before writing to it. + - <sshexec> and <scp> didn't deal with wildcard hostnames + in shs config files properly. + * Other changes: + - Ant will no longer log a warning if it doesn't find tools.jar. + - The <jar> task accepts now a nested <indexjarsmapper> + element that can be used to perform custom filename + transformations for the <indexjars> archives. + - Added a new PropertyEnumerator interface that extensions can + provide if they are managing properties unknown to the Ant project. + - Added some special code to support GraalVM JavaScript as + javax.script scripting engine for JavaScript. In particular we + relax some security settings of GraalVM so that scripts can access + Ant objects. + - Also Ant enables Nashorn compatibility mode by default, you can + disable that by setting the magic Ant property + ant.disable.graal.nashorn.compat to true. + - If the magic property ant.tmpdir hasn't been set and Ant can + control the permissions of directories it creates it will create an + owner-owned temporary directory unaccessible to others as default + tempdir as soon as a temporary file is created for the first time. + +------------------------------------------------------------------- ant-junit.changes: same change ant-junit5.changes: same change ant.changes: same change Old: ---- apache-ant-1.10.8-src.tar.xz apache-ant-1.10.8-src.tar.xz.asc New: ---- apache-ant-1.10.9-src.tar.xz apache-ant-1.10.9-src.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ant-antlr.spec ++++++ --- /var/tmp/diff_new_pack.B0f7St/_old 2020-10-08 13:07:02.934893475 +0200 +++ /var/tmp/diff_new_pack.B0f7St/_new 2020-10-08 13:07:02.938893479 +0200 @@ -24,7 +24,7 @@ %bcond_with junit5 %bcond_without antlr Name: ant-antlr -Version: 1.10.8 +Version: 1.10.9 Release: 0 Summary: Antlr Task for ant License: Apache-2.0 ++++++ ant-junit.spec ++++++ --- /var/tmp/diff_new_pack.B0f7St/_old 2020-10-08 13:07:02.962893501 +0200 +++ /var/tmp/diff_new_pack.B0f7St/_new 2020-10-08 13:07:02.966893504 +0200 @@ -24,7 +24,7 @@ %bcond_with junit5 %bcond_with antlr Name: ant-junit -Version: 1.10.8 +Version: 1.10.9 Release: 0 Summary: Optional junit tasks for ant License: Apache-2.0 ++++++ ant-junit5.spec ++++++ --- /var/tmp/diff_new_pack.B0f7St/_old 2020-10-08 13:07:02.990893526 +0200 +++ /var/tmp/diff_new_pack.B0f7St/_new 2020-10-08 13:07:02.994893529 +0200 @@ -24,7 +24,7 @@ %bcond_without junit5 %bcond_with antlr Name: ant-junit5 -Version: 1.10.8 +Version: 1.10.9 Release: 0 Summary: Optional junit tasks for ant License: Apache-2.0 ++++++ ant.spec ++++++ --- /var/tmp/diff_new_pack.B0f7St/_old 2020-10-08 13:07:03.014893547 +0200 +++ /var/tmp/diff_new_pack.B0f7St/_new 2020-10-08 13:07:03.018893551 +0200 @@ -23,7 +23,7 @@ %bcond_with junit5 %bcond_with antlr Name: ant -Version: 1.10.8 +Version: 1.10.9 Release: 0 Summary: Java-based build tool License: Apache-2.0 ++++++ apache-ant-1.10.8-src.tar.xz -> apache-ant-1.10.9-src.tar.xz ++++++ ++++ 5636 lines of diff (skipped)
