commit varnish for openSUSE:Factory
Hello community, here is the log from the commit of package varnish for openSUSE:Factory checked in at 2013-11-02 09:07:54 Comparing /work/SRC/openSUSE:Factory/varnish (Old) and /work/SRC/openSUSE:Factory/.varnish.new (New) Package is "varnish" Changes: --- /work/SRC/openSUSE:Factory/varnish/varnish.changes 2013-10-14 09:32:43.0 +0200 +++ /work/SRC/openSUSE:Factory/.varnish.new/varnish.changes 2013-11-02 09:07:56.0 +0100 @@ -1,0 +2,6 @@ +Fri Nov 1 18:52:49 UTC 2013 - jeng...@inai.de + +- Add 0001-Make-up-our-mind-Any-req.-we-receive-from-the-client.patch + (CVE-2013-4484, bnc#48451) + +--- New: 0001-Make-up-our-mind-Any-req.-we-receive-from-the-client.patch Other differences: -- ++ varnish.spec ++ --- /var/tmp/diff_new_pack.5kj0AQ/_old 2013-11-02 09:07:56.0 +0100 +++ /var/tmp/diff_new_pack.5kj0AQ/_new 2013-11-02 09:07:56.0 +0100 @@ -24,8 +24,10 @@ Group: Productivity/Networking/Web/Proxy URL:http://varnish-cache.org/ +#Git-Clone:git://git.varnish-cache.org/varnish-cache +#Git-Web: https://varnish-cache.org/trac/browser #DL-URL: http://downloads.sf.net/varnish/%name-%version.tar.bz2 -Source0: %name-%version.tar.xz +Source: %name-%version.tar.xz Source2:varnish.init Source3:varnish.sysconfig Source4: vcl.conf @@ -34,6 +36,7 @@ Source7: varnish.service Source8: varnishlog.service Patch1:varnish-disable-pcrejit.diff +Patch2: 0001-Make-up-our-mind-Any-req.-we-receive-from-the-client.patch BuildRoot: %_tmppath/%name-%version-build BuildRequires: libxslt, ncurses-devel, pcre-devel @@ -96,11 +99,10 @@ %prep %setup -q -%patch -P 1 -p1 +%patch -P 1 -P 2 -p1 %build -# bnc#839358: Force-deactivate JIT -export CFLAGS="%optflags -fstack-protector -DPCRE_STUDY_JIT_COMPILE=0" +export CFLAGS="%optflags -fstack-protector" %configure --disable-static \ --localstatedir=%_localstatedir/cache/ \ --enable-developer-warnings ++ 0001-Make-up-our-mind-Any-req.-we-receive-from-the-client.patch ++ >From 4bd5b7991bf602a6c46dd0d65fc04d4b8d9667a6 Mon Sep 17 00:00:00 2001 From: Martin Blix Grydeland Date: Wed, 30 Oct 2013 13:48:20 +0100 Subject: [PATCH] Make up our mind: Any req.* we receive from the client with fundamental trouble gets failed back without VCL involvement. References: https://www.varnish-cache.org/trac/ticket/1367 References: CVE-2013-4484 References: https://bugzilla.novell.com/show_bug.cgi?id=848451 Fixes #1367 --- bin/varnishd/cache_center.c | 28 +++- bin/varnishd/cache_http.c| 2 +- bin/varnishtest/tests/r01367.vtc | 30 ++ 3 files changed, 46 insertions(+), 14 deletions(-) create mode 100644 bin/varnishtest/tests/r01367.vtc diff --git a/bin/varnishd/cache_center.c b/bin/varnishd/cache_center.c index 19eb2ce..fdf7cee 100644 --- a/bin/varnishd/cache_center.c +++ b/bin/varnishd/cache_center.c @@ -1474,9 +1474,12 @@ DOT start -> recv [style=bold,color=green] static int cnt_start(struct sess *sp) { - uint16_t done; + uint16_t err_code; char *p; - const char *r = "HTTP/1.1 100 Continue\r\n\r\n"; + const char *r_100 = "HTTP/1.1 100 Continue\r\n\r\n"; + const char *r_400 = "HTTP/1.1 400 Bad Request\r\n\r\n"; + const char *r_413 = "HTTP/1.1 413 Request Entity Too Large\r\n\r\n"; + const char *r_417 = "HTTP/1.1 417 Expectation Failed\r\n\r\n"; CHECK_OBJ_NOTNULL(sp, SESS_MAGIC); AZ(sp->restarts); @@ -1499,10 +1502,14 @@ cnt_start(struct sess *sp) sp->wrk->vcl = NULL; http_Setup(sp->http, sp->ws); - done = http_DissectRequest(sp); + err_code = http_DissectRequest(sp); /* If we could not even parse the request, just close */ - if (done == 400) { + if (err_code == 400) + (void)write(sp->fd, r_400, strlen(r_400)); + else if (err_code == 413) + (void)write(sp->fd, r_413, strlen(r_413)); + if (err_code != 0) { sp->step = STP_DONE; vca_close_session(sp, "junk"); return (0); @@ -1514,12 +1521,6 @@ cnt_start(struct sess *sp) /* Catch original request, before modification */ HTTP_Copy(sp->http0, sp->http); - if (done != 0) { - sp->err_code = done; - sp->step = STP_ERROR; - return (0); - } - sp->doclose = http_DoConnection(sp->http); /* XXX: Handle TRACE & OPTIONS of Max-Forwards = 0 */ @@ -1529,13 +1530,14 @@ cnt_start(struct sess *sp)
commit xfce4-panel-plugin-whiskermenu for openSUSE:Factory
Hello community, here is the log from the commit of package xfce4-panel-plugin-whiskermenu for openSUSE:Factory checked in at 2013-11-02 09:08:02 Comparing /work/SRC/openSUSE:Factory/xfce4-panel-plugin-whiskermenu (Old) and /work/SRC/openSUSE:Factory/.xfce4-panel-plugin-whiskermenu.new (New) Package is "xfce4-panel-plugin-whiskermenu" Changes: --- /work/SRC/openSUSE:Factory/xfce4-panel-plugin-whiskermenu/xfce4-panel-plugin-whiskermenu.changes 2013-08-10 13:07:12.0 +0200 +++ /work/SRC/openSUSE:Factory/.xfce4-panel-plugin-whiskermenu.new/xfce4-panel-plugin-whiskermenu.changes 2013-11-02 09:08:03.0 +0100 @@ -1,0 +2,21 @@ +Wed Oct 30 17:11:07 UTC 2013 - lazy.k...@opensuse.org + +- Update to 1.2.0. + * Fix popup script to show correct version information. + * Fix memory leak when reloading applications. + * Fix favorites and recent deleted when menu failed to load. + * Add option to load menu hierarchy. + * Add option to not include favorites in recently used. + * Add options to set custom commands. + * Add option to show recently used by default. + * Add option to position search entry next to panel button. + * Add option to position command buttons next to search entry. + * Add manual page for popup script. + * Use tabs for configuration dialog layout. + * Translation updates: Brazilian Portuguese, Bulgarian, Catalan, +Croatian, Danish, Dutch, Finnish, French, German, Greek, +Hebrew, Italian, Japanese, Norwegian Bokmål, Polish, +Portuguese, Romanian, Russian, Serbian (Latin), Slovak, +Spanish. + +--- Old: xfce4-whiskermenu-plugin-1.1.1-src.tar.bz2 New: xfce4-whiskermenu-plugin-1.2.0-src.tar.bz2 Other differences: -- ++ xfce4-panel-plugin-whiskermenu.spec ++ --- /var/tmp/diff_new_pack.1bKXRe/_old 2013-11-02 09:08:03.0 +0100 +++ /var/tmp/diff_new_pack.1bKXRe/_new 2013-11-02 09:08:03.0 +0100 @@ -17,7 +17,7 @@ Name: xfce4-panel-plugin-whiskermenu -Version:1.1.1 +Version:1.2.0 Release:0 Summary:Alternate Xfce Menu License:GPL-2.0+ @@ -54,7 +54,6 @@ cmake .. \ -DCMAKE_INSTALL_PREFIX=%{_prefix} \ -DCMAKE_INSTALL_LIBDIR=%{_libdir} \ --DCMAKE_BUILD_TYPE=RelWithDebInfo \ -DCMAKE_C_FLAGS="%{optflags}" \ -DCMAKE_CXX_FLAGS="%{optflags}" make %{?_smp_mflags} VERBOSE=1 @@ -78,6 +77,7 @@ %{_libdir}/xfce4/panel/plugins/libwhiskermenu.so %{_datadir}/icons/hicolor/*/*/xfce4-whiskermenu.* %{_datadir}/xfce4/panel/plugins/whiskermenu.desktop +%doc %{_mandir}/man?/xfce4-popup-whiskermenu.* %files lang -f xfce4-whiskermenu-plugin.lang ++ xfce4-whiskermenu-plugin-1.1.1-src.tar.bz2 -> xfce4-whiskermenu-plugin-1.2.0-src.tar.bz2 ++ 12057 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit pdftk for openSUSE:Factory
Hello community, here is the log from the commit of package pdftk for openSUSE:Factory checked in at 2013-11-02 09:06:16 Comparing /work/SRC/openSUSE:Factory/pdftk (Old) and /work/SRC/openSUSE:Factory/.pdftk.new (New) Package is "pdftk" Changes: --- /work/SRC/openSUSE:Factory/pdftk/pdftk.changes 2013-02-12 22:32:16.0 +0100 +++ /work/SRC/openSUSE:Factory/.pdftk.new/pdftk.changes 2013-11-02 09:06:18.0 +0100 @@ -1,0 +2,77 @@ +Fri Aug 02 2013 - joerg.loren...@ki.tng.de + +- update to version 2.02 + o Added drop_xmp output option for removing the document XMP metadata +stream from a PDF. + o Added dump_data output of custom page data embedded by STAMPtk +tool. See the embed option in STAMPtk for more information. + o Improved PDF bookmark merging logic so it can handle more input +cases. + o Fixed a password bug where some 'upper-ASCII' characters weren't +being mapped to the correct code points. + o Fixed a 40-bit decryption bug introduced in version 2.00. + o Fixed a bug in the bookmark merging logic that caused bookmarks to +be omitted from the merged PDF. + o Added a test to ensure that encryption passwords use permitted +characters only. (Decryption attempts still allow a larger set of +input characters.) + o Rewrote the wide-to-utf8 code for Windows to make it more rigorous. + o Organized our calls of JvInitClass() in main(). + o Added descriptions to some exception reports. + o Reviewed some code from pdftk.cc, PdfReader.java, PdfWriter.java +and friends. +--- +Thu Jun 06 2013 - joerg.loren...@ki.tng.de + +- update to version 2.01 + o Fixed an uncompress bug introduced in 2.00 that corrupted some +image streams. + o Updated the Windows pdftk.exe compiler settings to remedy an +elusive NullPointerException reported in the field. This problem +first appeared in version 2.00. +--- +Sat May 25 2013 - joerg.loren...@ki.tng.de + +- update to version 2.00 + o Added AES decryption of input PDFs. The 'owner' password is still +required when decrypting any PDF. + o Added merging of bookmarks/outlines when merging full PDFs. + o Added new rotate operation, which is a convenient way of rotating +select pages of a single PDF. + o Added new dump_data_annots operation. Currently it reports only +link annotation information. + o Added new need_appearances output option. Use this when filling a +form with non-ASCII text to ensure the best presentation in Adobe +Reader/Acrobat. It won't work when combined with the flatten +option. + o Improved the compress option so that output PDFs are more compact +and efficient. + o Added page media information to dump_data output: page rotation, +page media bounds and page crop bounds. + o Improved the performance of dump_data so it works better with very +large PDFs. + o Improved the memory management in the Windows binary. This fixes +the rare "Too many heap sections" error. + o Fixed a bug where form fields with multiple values were not being +properly reported by dump_data_fields. + o Fixed a_burst_bug that was corrupting the output PDF pages. + o Fixed an_input_bug to allow interactive prompting of both the user +and owner passwords. + o Fixed a burst bug so that doc_data.txt is now output to the same +directory as the PDF's pages when an output directory is given. + o Fixed a bug where indirect references to the PDF ID in the trailer +would cause a crash. + o Added a test to fill_form so it checks that an input PDF is a form +before trying to fill it with data. + o Added a return value of 3 for warnings 'PDF information not added' +or 'PDF form not filled.' + o Improved the error message for cat page range errors. + o Fixed the error report when an input page number is out of range. + o Fixed a burst bug where document metadata wasn't being copied +properly to the output PDFs. + o Updated the Bouncy Castle library to 1.48. + o When using the cat operation, the output PDF version number is now +set to the maximum PDF version of all of the input PDFs. If any of +the input PDFs have PDF extension levels, then the greatest +extension level is also copied to the output PDF. +--- Old: pdftk-1.45-src.zip New: pdftk-2.02-src.zip Other differences: -- ++ pdftk.spec ++ --- /var/tmp/diff_new_pack.fbcRT7/_old 2013-11-02 09:06:19.0 +0100 +++ /var/tmp/diff_new_pack.fbcRT7/_new 2013-11-02 09:06:19.0 +0100 @@ -18,7 +18,7 @@ Name:
commit ktp-common-internals for openSUSE:Factory
Hello community, here is the log from the commit of package ktp-common-internals for openSUSE:Factory checked in at 2013-11-02 09:06:03 Comparing /work/SRC/openSUSE:Factory/ktp-common-internals (Old) and /work/SRC/openSUSE:Factory/.ktp-common-internals.new (New) Package is "ktp-common-internals" Changes: --- /work/SRC/openSUSE:Factory/ktp-common-internals/ktp-common-internals.changes 2013-10-30 15:39:49.0 +0100 +++ /work/SRC/openSUSE:Factory/.ktp-common-internals.new/ktp-common-internals.changes 2013-11-02 09:06:04.0 +0100 @@ -1,0 +2,7 @@ +Wed Oct 30 16:36:57 UTC 2013 - hrvoje.sen...@gmail.com + +- Split out kpeople integration into a separate package, ktp-kpeople, + so users can decide whether they want to use it or not even with + nepomuk turned on + +--- Other differences: -- ++ ktp-common-internals.spec ++ --- /var/tmp/diff_new_pack.qXkENi/_old 2013-11-02 09:06:05.0 +0100 +++ /var/tmp/diff_new_pack.qXkENi/_new 2013-11-02 09:06:05.0 +0100 @@ -17,7 +17,7 @@ %define soversion 6 -%define kpeople 0 +%define kpeople 1 Name: ktp-common-internals Version:0.7.0 @@ -37,6 +37,7 @@ BuildRequires: telepathy-logger-qt4-devel >= 0.6.0 BuildRequires: telepathy-qt4-devel >= 0.9.2.1 Recommends: %{name}-lang +Suggests: ktp-kpeople BuildRoot: %{_tmppath}/%{name}-%{version}-build %kde4_runtime_requires @@ -75,6 +76,15 @@ %description -n ktp-icons icons for all the KDE Telepathy packages. +%if %kpeople +%package -n ktp-kpeople +Summary:KDE Telepathy's Nepomuk service +Group: Development/Libraries/Other + +%description -n ktp-kpeople +KDE Telepathy's Nepomuk service, needed for kpeople integration. +%endif + %lang_package %prep %setup -q @@ -85,6 +95,9 @@ %install %kde4_makeinstall -C build + pushd build + %create_subdir_filelist -d kpeople + popd %kde_post_install %find_lang ktp-common-internals %{name}.lang @@ -111,18 +124,10 @@ %{_kde4_appsdir}/katepart/syntax/ktpdebugoutput.xml %{_kde4_servicesdir}/ktploggerplugin_tplogger.desktop %{_kde4_servicetypes}/ktp_logger_plugin.desktop + %if %kpeople -%{_kde4_modulesdir}/im_persons_data_source_plugin.so -%{_kde4_modulesdir}/imdetailswidgetplugin.so -%{_kde4_modulesdir}/ktp_kpeople_plugin.so -%{_kde4_modulesdir}/nepomuktelepathyservice.so -%{_kde4_servicesdir}/im_persons_data_source_plugin.desktop -%{_kde4_servicesdir}/imdetailswidgetplugin.desktop -%{_kde4_servicesdir}/ktp_kpeople_plugin.desktop -%{_kde4_servicesdir}/nepomuktelepathyservice.desktop +%files -n ktp-kpeople -f filelists/kpeople %dir %{_kde4_datadir}/ontology/telepathy -%{_kde4_datadir}/ontology/telepathy/telepathy.ontology -%{_kde4_datadir}/ontology/telepathy/telepathy.trig %endif %files -n ktp-icons -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org