Hello community, here is the log from the commit of package libidn for openSUSE:Factory checked in at 2016-07-28 23:42:53 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libidn (Old) and /work/SRC/openSUSE:Factory/.libidn.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libidn" Changes: -------- --- /work/SRC/openSUSE:Factory/libidn/libidn.changes 2015-08-15 11:38:28.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.libidn.new/libidn.changes 2016-07-28 23:42:55.000000000 +0200 @@ -1,0 +2,8 @@ +Wed Jul 20 21:01:13 UTC 2016 - astie...@suse.com + +- libidn 1.33 bnc#990189 CVE-2015-8948 CVE-2016-6262 bnc#990191 CVE-2016-6263: + * libidn: Fix out-of-bounds stack read in idna_to_ascii_4i. + * idn: Solve out-of-bounds-read when reading one zero byte as input. + * libidn: stringprep_utf8_nfkc_normalize reject invalid UTF-8. + +------------------------------------------------------------------- Old: ---- libidn-1.32.tar.gz libidn-1.32.tar.gz.sig New: ---- libidn-1.33.tar.gz libidn-1.33.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libidn.spec ++++++ --- /var/tmp/diff_new_pack.HQHPtG/_old 2016-07-28 23:42:56.000000000 +0200 +++ /var/tmp/diff_new_pack.HQHPtG/_new 2016-07-28 23:42:56.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package libidn # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %define lname libidn11 Name: libidn -Version: 1.32 +Version: 1.33 Release: 0 Summary: Support for Internationalized Domain Names (IDN) License: (GPL-2.0+ or LGPL-3.0+) and GPL-3.0+ and Apache-2.0 @@ -28,7 +28,7 @@ Source1: http://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.gz.sig Source2: libidn.keyring Source3: baselibs.conf -BuildRequires: pkg-config +BuildRequires: pkgconfig Requires(post): %{install_info_prereq} BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -113,7 +113,7 @@ make %{?_smp_mflags} %install -make DESTDIR=%{buildroot} install %{?_smp_mflags} +make %{?_smp_mflags} DESTDIR=%{buildroot} install find %{buildroot} -type f -name "*.la" -delete -print %find_lang %{name} @@ -130,7 +130,6 @@ %install_info_delete --info-dir=%{_infodir} %{_infodir}/libidn.info.* %post -n %{lname} -p /sbin/ldconfig - %postun -n %{lname} -p /sbin/ldconfig %files tools -f %{name}.lang @@ -140,7 +139,7 @@ %doc AUTHORS COPYING* ChangeLog FAQ NEWS README THANKS TODO %{_infodir}/libidn* %{_bindir}/idn -%{_mandir}/man1/idn.1.* +%{_mandir}/man1/idn.1%{ext_man} %{_datadir}/emacs/site-lisp/idna.el %{_datadir}/emacs/site-lisp/punycode.el ++++++ libidn-1.32.tar.gz -> libidn-1.33.tar.gz ++++++ ++++ 28176 lines of diff (skipped)