commit varnish for openSUSE:Factory
Hello community,
here is the log from the commit of package varnish for openSUSE:Factory checked
in at 2013-11-02 09:07:54
Comparing /work/SRC/openSUSE:Factory/varnish (Old)
and /work/SRC/openSUSE:Factory/.varnish.new (New)
Package is "varnish"
Changes:
--- /work/SRC/openSUSE:Factory/varnish/varnish.changes 2013-10-14
09:32:43.0 +0200
+++ /work/SRC/openSUSE:Factory/.varnish.new/varnish.changes 2013-11-02
09:07:56.0 +0100
@@ -1,0 +2,6 @@
+Fri Nov 1 18:52:49 UTC 2013 - jeng...@inai.de
+
+- Add 0001-Make-up-our-mind-Any-req.-we-receive-from-the-client.patch
+ (CVE-2013-4484, bnc#48451)
+
+---
New:
0001-Make-up-our-mind-Any-req.-we-receive-from-the-client.patch
Other differences:
--
++ varnish.spec ++
--- /var/tmp/diff_new_pack.5kj0AQ/_old 2013-11-02 09:07:56.0 +0100
+++ /var/tmp/diff_new_pack.5kj0AQ/_new 2013-11-02 09:07:56.0 +0100
@@ -24,8 +24,10 @@
Group: Productivity/Networking/Web/Proxy
URL:http://varnish-cache.org/
+#Git-Clone:git://git.varnish-cache.org/varnish-cache
+#Git-Web: https://varnish-cache.org/trac/browser
#DL-URL: http://downloads.sf.net/varnish/%name-%version.tar.bz2
-Source0: %name-%version.tar.xz
+Source: %name-%version.tar.xz
Source2:varnish.init
Source3:varnish.sysconfig
Source4: vcl.conf
@@ -34,6 +36,7 @@
Source7: varnish.service
Source8: varnishlog.service
Patch1:varnish-disable-pcrejit.diff
+Patch2: 0001-Make-up-our-mind-Any-req.-we-receive-from-the-client.patch
BuildRoot: %_tmppath/%name-%version-build
BuildRequires: libxslt, ncurses-devel, pcre-devel
@@ -96,11 +99,10 @@
%prep
%setup -q
-%patch -P 1 -p1
+%patch -P 1 -P 2 -p1
%build
-# bnc#839358: Force-deactivate JIT
-export CFLAGS="%optflags -fstack-protector -DPCRE_STUDY_JIT_COMPILE=0"
+export CFLAGS="%optflags -fstack-protector"
%configure --disable-static \
--localstatedir=%_localstatedir/cache/ \
--enable-developer-warnings
++ 0001-Make-up-our-mind-Any-req.-we-receive-from-the-client.patch ++
>From 4bd5b7991bf602a6c46dd0d65fc04d4b8d9667a6 Mon Sep 17 00:00:00 2001
From: Martin Blix Grydeland
Date: Wed, 30 Oct 2013 13:48:20 +0100
Subject: [PATCH] Make up our mind: Any req.* we receive from the client with
fundamental trouble gets failed back without VCL involvement.
References: https://www.varnish-cache.org/trac/ticket/1367
References: CVE-2013-4484
References: https://bugzilla.novell.com/show_bug.cgi?id=848451
Fixes #1367
---
bin/varnishd/cache_center.c | 28 +++-
bin/varnishd/cache_http.c| 2 +-
bin/varnishtest/tests/r01367.vtc | 30 ++
3 files changed, 46 insertions(+), 14 deletions(-)
create mode 100644 bin/varnishtest/tests/r01367.vtc
diff --git a/bin/varnishd/cache_center.c b/bin/varnishd/cache_center.c
index 19eb2ce..fdf7cee 100644
--- a/bin/varnishd/cache_center.c
+++ b/bin/varnishd/cache_center.c
@@ -1474,9 +1474,12 @@ DOT start -> recv [style=bold,color=green]
static int
cnt_start(struct sess *sp)
{
- uint16_t done;
+ uint16_t err_code;
char *p;
- const char *r = "HTTP/1.1 100 Continue\r\n\r\n";
+ const char *r_100 = "HTTP/1.1 100 Continue\r\n\r\n";
+ const char *r_400 = "HTTP/1.1 400 Bad Request\r\n\r\n";
+ const char *r_413 = "HTTP/1.1 413 Request Entity Too Large\r\n\r\n";
+ const char *r_417 = "HTTP/1.1 417 Expectation Failed\r\n\r\n";
CHECK_OBJ_NOTNULL(sp, SESS_MAGIC);
AZ(sp->restarts);
@@ -1499,10 +1502,14 @@ cnt_start(struct sess *sp)
sp->wrk->vcl = NULL;
http_Setup(sp->http, sp->ws);
- done = http_DissectRequest(sp);
+ err_code = http_DissectRequest(sp);
/* If we could not even parse the request, just close */
- if (done == 400) {
+ if (err_code == 400)
+ (void)write(sp->fd, r_400, strlen(r_400));
+ else if (err_code == 413)
+ (void)write(sp->fd, r_413, strlen(r_413));
+ if (err_code != 0) {
sp->step = STP_DONE;
vca_close_session(sp, "junk");
return (0);
@@ -1514,12 +1521,6 @@ cnt_start(struct sess *sp)
/* Catch original request, before modification */
HTTP_Copy(sp->http0, sp->http);
- if (done != 0) {
- sp->err_code = done;
- sp->step = STP_ERROR;
- return (0);
- }
-
sp->doclose = http_DoConnection(sp->http);
/* XXX: Handle TRACE & OPTIONS of Max-Forwards = 0 */
@@ -1529,13 +1530,14 @@ cnt_start(struct sess *sp)
commit xfce4-panel-plugin-whiskermenu for openSUSE:Factory
Hello community,
here is the log from the commit of package xfce4-panel-plugin-whiskermenu for
openSUSE:Factory checked in at 2013-11-02 09:08:02
Comparing /work/SRC/openSUSE:Factory/xfce4-panel-plugin-whiskermenu (Old)
and /work/SRC/openSUSE:Factory/.xfce4-panel-plugin-whiskermenu.new (New)
Package is "xfce4-panel-plugin-whiskermenu"
Changes:
---
/work/SRC/openSUSE:Factory/xfce4-panel-plugin-whiskermenu/xfce4-panel-plugin-whiskermenu.changes
2013-08-10 13:07:12.0 +0200
+++
/work/SRC/openSUSE:Factory/.xfce4-panel-plugin-whiskermenu.new/xfce4-panel-plugin-whiskermenu.changes
2013-11-02 09:08:03.0 +0100
@@ -1,0 +2,21 @@
+Wed Oct 30 17:11:07 UTC 2013 - lazy.k...@opensuse.org
+
+- Update to 1.2.0.
+ * Fix popup script to show correct version information.
+ * Fix memory leak when reloading applications.
+ * Fix favorites and recent deleted when menu failed to load.
+ * Add option to load menu hierarchy.
+ * Add option to not include favorites in recently used.
+ * Add options to set custom commands.
+ * Add option to show recently used by default.
+ * Add option to position search entry next to panel button.
+ * Add option to position command buttons next to search entry.
+ * Add manual page for popup script.
+ * Use tabs for configuration dialog layout.
+ * Translation updates: Brazilian Portuguese, Bulgarian, Catalan,
+Croatian, Danish, Dutch, Finnish, French, German, Greek,
+Hebrew, Italian, Japanese, Norwegian Bokmål, Polish,
+Portuguese, Romanian, Russian, Serbian (Latin), Slovak,
+Spanish.
+
+---
Old:
xfce4-whiskermenu-plugin-1.1.1-src.tar.bz2
New:
xfce4-whiskermenu-plugin-1.2.0-src.tar.bz2
Other differences:
--
++ xfce4-panel-plugin-whiskermenu.spec ++
--- /var/tmp/diff_new_pack.1bKXRe/_old 2013-11-02 09:08:03.0 +0100
+++ /var/tmp/diff_new_pack.1bKXRe/_new 2013-11-02 09:08:03.0 +0100
@@ -17,7 +17,7 @@
Name: xfce4-panel-plugin-whiskermenu
-Version:1.1.1
+Version:1.2.0
Release:0
Summary:Alternate Xfce Menu
License:GPL-2.0+
@@ -54,7 +54,6 @@
cmake .. \
-DCMAKE_INSTALL_PREFIX=%{_prefix} \
-DCMAKE_INSTALL_LIBDIR=%{_libdir} \
--DCMAKE_BUILD_TYPE=RelWithDebInfo \
-DCMAKE_C_FLAGS="%{optflags}" \
-DCMAKE_CXX_FLAGS="%{optflags}"
make %{?_smp_mflags} VERBOSE=1
@@ -78,6 +77,7 @@
%{_libdir}/xfce4/panel/plugins/libwhiskermenu.so
%{_datadir}/icons/hicolor/*/*/xfce4-whiskermenu.*
%{_datadir}/xfce4/panel/plugins/whiskermenu.desktop
+%doc %{_mandir}/man?/xfce4-popup-whiskermenu.*
%files lang -f xfce4-whiskermenu-plugin.lang
++ xfce4-whiskermenu-plugin-1.1.1-src.tar.bz2 ->
xfce4-whiskermenu-plugin-1.2.0-src.tar.bz2 ++
12057 lines of diff (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit pdftk for openSUSE:Factory
Hello community, here is the log from the commit of package pdftk for openSUSE:Factory checked in at 2013-11-02 09:06:16 Comparing /work/SRC/openSUSE:Factory/pdftk (Old) and /work/SRC/openSUSE:Factory/.pdftk.new (New) Package is "pdftk" Changes: --- /work/SRC/openSUSE:Factory/pdftk/pdftk.changes 2013-02-12 22:32:16.0 +0100 +++ /work/SRC/openSUSE:Factory/.pdftk.new/pdftk.changes 2013-11-02 09:06:18.0 +0100 @@ -1,0 +2,77 @@ +Fri Aug 02 2013 - joerg.loren...@ki.tng.de + +- update to version 2.02 + o Added drop_xmp output option for removing the document XMP metadata +stream from a PDF. + o Added dump_data output of custom page data embedded by STAMPtk +tool. See the embed option in STAMPtk for more information. + o Improved PDF bookmark merging logic so it can handle more input +cases. + o Fixed a password bug where some 'upper-ASCII' characters weren't +being mapped to the correct code points. + o Fixed a 40-bit decryption bug introduced in version 2.00. + o Fixed a bug in the bookmark merging logic that caused bookmarks to +be omitted from the merged PDF. + o Added a test to ensure that encryption passwords use permitted +characters only. (Decryption attempts still allow a larger set of +input characters.) + o Rewrote the wide-to-utf8 code for Windows to make it more rigorous. + o Organized our calls of JvInitClass() in main(). + o Added descriptions to some exception reports. + o Reviewed some code from pdftk.cc, PdfReader.java, PdfWriter.java +and friends. +--- +Thu Jun 06 2013 - joerg.loren...@ki.tng.de + +- update to version 2.01 + o Fixed an uncompress bug introduced in 2.00 that corrupted some +image streams. + o Updated the Windows pdftk.exe compiler settings to remedy an +elusive NullPointerException reported in the field. This problem +first appeared in version 2.00. +--- +Sat May 25 2013 - joerg.loren...@ki.tng.de + +- update to version 2.00 + o Added AES decryption of input PDFs. The 'owner' password is still +required when decrypting any PDF. + o Added merging of bookmarks/outlines when merging full PDFs. + o Added new rotate operation, which is a convenient way of rotating +select pages of a single PDF. + o Added new dump_data_annots operation. Currently it reports only +link annotation information. + o Added new need_appearances output option. Use this when filling a +form with non-ASCII text to ensure the best presentation in Adobe +Reader/Acrobat. It won't work when combined with the flatten +option. + o Improved the compress option so that output PDFs are more compact +and efficient. + o Added page media information to dump_data output: page rotation, +page media bounds and page crop bounds. + o Improved the performance of dump_data so it works better with very +large PDFs. + o Improved the memory management in the Windows binary. This fixes +the rare "Too many heap sections" error. + o Fixed a bug where form fields with multiple values were not being +properly reported by dump_data_fields. + o Fixed a_burst_bug that was corrupting the output PDF pages. + o Fixed an_input_bug to allow interactive prompting of both the user +and owner passwords. + o Fixed a burst bug so that doc_data.txt is now output to the same +directory as the PDF's pages when an output directory is given. + o Fixed a bug where indirect references to the PDF ID in the trailer +would cause a crash. + o Added a test to fill_form so it checks that an input PDF is a form +before trying to fill it with data. + o Added a return value of 3 for warnings 'PDF information not added' +or 'PDF form not filled.' + o Improved the error message for cat page range errors. + o Fixed the error report when an input page number is out of range. + o Fixed a burst bug where document metadata wasn't being copied +properly to the output PDFs. + o Updated the Bouncy Castle library to 1.48. + o When using the cat operation, the output PDF version number is now +set to the maximum PDF version of all of the input PDFs. If any of +the input PDFs have PDF extension levels, then the greatest +extension level is also copied to the output PDF. +--- Old: pdftk-1.45-src.zip New: pdftk-2.02-src.zip Other differences: -- ++ pdftk.spec ++ --- /var/tmp/diff_new_pack.fbcRT7/_old 2013-11-02 09:06:19.0 +0100 +++ /var/tmp/diff_new_pack.fbcRT7/_new 2013-11-02 09:06:19.0 +0100 @@ -18,7 +18,7 @@ Name:
commit ktp-common-internals for openSUSE:Factory
Hello community,
here is the log from the commit of package ktp-common-internals for
openSUSE:Factory checked in at 2013-11-02 09:06:03
Comparing /work/SRC/openSUSE:Factory/ktp-common-internals (Old)
and /work/SRC/openSUSE:Factory/.ktp-common-internals.new (New)
Package is "ktp-common-internals"
Changes:
---
/work/SRC/openSUSE:Factory/ktp-common-internals/ktp-common-internals.changes
2013-10-30 15:39:49.0 +0100
+++
/work/SRC/openSUSE:Factory/.ktp-common-internals.new/ktp-common-internals.changes
2013-11-02 09:06:04.0 +0100
@@ -1,0 +2,7 @@
+Wed Oct 30 16:36:57 UTC 2013 - hrvoje.sen...@gmail.com
+
+- Split out kpeople integration into a separate package, ktp-kpeople,
+ so users can decide whether they want to use it or not even with
+ nepomuk turned on
+
+---
Other differences:
--
++ ktp-common-internals.spec ++
--- /var/tmp/diff_new_pack.qXkENi/_old 2013-11-02 09:06:05.0 +0100
+++ /var/tmp/diff_new_pack.qXkENi/_new 2013-11-02 09:06:05.0 +0100
@@ -17,7 +17,7 @@
%define soversion 6
-%define kpeople 0
+%define kpeople 1
Name: ktp-common-internals
Version:0.7.0
@@ -37,6 +37,7 @@
BuildRequires: telepathy-logger-qt4-devel >= 0.6.0
BuildRequires: telepathy-qt4-devel >= 0.9.2.1
Recommends: %{name}-lang
+Suggests: ktp-kpeople
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%kde4_runtime_requires
@@ -75,6 +76,15 @@
%description -n ktp-icons
icons for all the KDE Telepathy packages.
+%if %kpeople
+%package -n ktp-kpeople
+Summary:KDE Telepathy's Nepomuk service
+Group: Development/Libraries/Other
+
+%description -n ktp-kpeople
+KDE Telepathy's Nepomuk service, needed for kpeople integration.
+%endif
+
%lang_package
%prep
%setup -q
@@ -85,6 +95,9 @@
%install
%kde4_makeinstall -C build
+ pushd build
+ %create_subdir_filelist -d kpeople
+ popd
%kde_post_install
%find_lang ktp-common-internals %{name}.lang
@@ -111,18 +124,10 @@
%{_kde4_appsdir}/katepart/syntax/ktpdebugoutput.xml
%{_kde4_servicesdir}/ktploggerplugin_tplogger.desktop
%{_kde4_servicetypes}/ktp_logger_plugin.desktop
+
%if %kpeople
-%{_kde4_modulesdir}/im_persons_data_source_plugin.so
-%{_kde4_modulesdir}/imdetailswidgetplugin.so
-%{_kde4_modulesdir}/ktp_kpeople_plugin.so
-%{_kde4_modulesdir}/nepomuktelepathyservice.so
-%{_kde4_servicesdir}/im_persons_data_source_plugin.desktop
-%{_kde4_servicesdir}/imdetailswidgetplugin.desktop
-%{_kde4_servicesdir}/ktp_kpeople_plugin.desktop
-%{_kde4_servicesdir}/nepomuktelepathyservice.desktop
+%files -n ktp-kpeople -f filelists/kpeople
%dir %{_kde4_datadir}/ontology/telepathy
-%{_kde4_datadir}/ontology/telepathy/telepathy.ontology
-%{_kde4_datadir}/ontology/telepathy/telepathy.trig
%endif
%files -n ktp-icons
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
