commit btrfsprogs for openSUSE:13.2:Update
Hello community, here is the log from the commit of package btrfsprogs for openSUSE:13.2:Update checked in at 2015-12-04 11:37:58 Comparing /work/SRC/openSUSE:13.2:Update/btrfsprogs (Old) and /work/SRC/openSUSE:13.2:Update/.btrfsprogs.new (New) Package is "btrfsprogs" Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.09YZKZ/_old 2015-12-04 11:38:02.0 +0100 +++ /var/tmp/diff_new_pack.09YZKZ/_new 2015-12-04 11:38:02.0 +0100 @@ -1 +1 @@ - +
commit python-django.4317 for openSUSE:13.1:Update
Hello community, here is the log from the commit of package python-django.4317 for openSUSE:13.1:Update checked in at 2015-12-04 11:41:27 Comparing /work/SRC/openSUSE:13.1:Update/python-django.4317 (Old) and /work/SRC/openSUSE:13.1:Update/.python-django.4317.new (New) Package is "python-django.4317" Changes: New Changes file: --- /dev/null 2015-11-02 12:10:47.524024255 +0100 +++ /work/SRC/openSUSE:13.1:Update/.python-django.4317.new/python-django.changes 2015-12-04 11:41:28.0 +0100 @@ -0,0 +1,367 @@ +--- +Wed Nov 18 09:40:55 UTC 2015 - bwiedem...@suse.com + +- add 0010-1.5.x-Fixed-a-settings-leak-possibility-in-the-date-.patch + to prevent settings leak in date template filter (bnc#955412, CVE-2015-8213) + +--- +Mon Oct 12 12:49:26 UTC 2015 - bwiedem...@suse.com + +- add 0009-1.5.x-Prevented-newlines-from-being-accepted-in-some.patch + to prevent Header injection possibility (bnc#937523, CVE-2015-5144) +- add 0008-1.5.x-Fixed-19324-Avoided-creating-a-session-record-.patch + to prevent Denial-of-service possibility by filling session store + (bnc#937522, CVE-2015-5143) + +--- +Wed Sep 9 11:12:40 UTC 2015 - bwiedem...@suse.com + +- Add 0007-1.6.x-Fixed-DoS-possiblity-in-contrib.auth.views.log.patch + (bnc#941587, CVE-2015-5963) + +--- +Fri Mar 20 12:56:53 UTC 2015 - bwiedem...@suse.com + +- Made is_safe_url() reject URLs that start with control characters + to mitigate possible XSS attack via user-supplied redirect URLs + (bnc#923176, CVE-2015-2317) + + Add 0006-1.5.x-Made-is_safe_url-reject-URLs-that-start-with-c.patch + +--- +Wed Jan 28 16:21:41 UTC 2015 - mj...@suse.com + +- Method check_for_test_cookie is deprecated, bnc#914706 + + Add 0005-1.6.x-Method-check_for_test_cookie-is-deprecated.patch + +--- +Fri Jan 23 08:41:48 UTC 2015 - bwiedem...@suse.com + +- security fix backports + add 0001-1.5.x-Stripped-headers-containing-underscores-to-pre.patch (bnc#913053, CVE-2015-0219) + add 0002-1.5.x-Fixed-is_safe_url-to-handle-leading-whitespace.patch (bnc#913054, CVE-2015-0220) + add 0003-1.5.x-Prevented-views.static.serve-from-using-large-.patch (bnc#913056, CVE-2015-0221) + add 0004-1.5.x-Fixed-DoS-possibility-in-ModelMultipleChoiceFi.patch (bnc#913055, CVE-2015-0222) + +--- +Wed Jan 21 09:57:12 UTC 2015 - bwiedem...@suse.com + +- Update to version 1.5.12: + + Fixed a regression with dynamically generated inlines and allowed field +references in the admin + + Allowed related many-to-many fields to be referenced in the admin + + Allowed inline and hidden references to admin fields + +--- +Wed Sep 3 12:15:52 UTC 2014 - bwiedem...@suse.com + +- Update to version 1.5.10: + + Prevented reverse() from generating URLs pointing to other hosts +to prevent phishing attacks (bnc#893087, CVE-2014-0480) + + Removed O(n) algorithm when uploading duplicate file names +to fix file upload denial of service (bnc#893088, CVE-2014-0481) + + Modified RemoteUserMiddleware to logout on REMOTE_USE change +to prevent session hijacking (bnc#893089, CVE-2014-0482) + + Prevented data leakage in contrib.admin via query string manipulation +(bnc#893090, CVE-2014-0483) + +--- +Mon May 26 07:22:53 UTC 2014 - bwiedem...@suse.com + +- Update to version 1.5.8: + + Fixed: Caches may incorrectly be allowed to store and serve private data +(bnc#877993, CVE-2014-1418) + + Fixed: Malformed redirect URLs from user input not correctly validated +(bnc#878641, CVE-2014-3730) + + Fixed queries that may return unexpected results on MySQL +due to typecasting (bnc#874956, CVE-2014-0474) + + Prevented leaking the CSRF token through caching +(bnc#874955, CVE-2014-0473) + + Fixed a remote code execution vulnerabilty in URL reversing +(bnc#874950, CVE-2014-0472) + +--- +Thu Oct 31 14:14:58 UTC 2013 - mci...@suse.cz + +- Update to version 1.5.5: + + Readdressed denial-of-service via password hashers + + Properly rotate CSRF token on login + +--- +Tue Sep 17 12:37:53 UTC 2013 - speili...@suse.com + +- Update to version 1.5.4: + + Fixed denial-of-service via large passwords +- Changes from version 1.5.3: + + Fixed
commit python-django for openSUSE:13.1:Update
Hello community, here is the log from the commit of package python-django for openSUSE:13.1:Update checked in at 2015-12-04 11:41:30 Comparing /work/SRC/openSUSE:13.1:Update/python-django (Old) and /work/SRC/openSUSE:13.1:Update/.python-django.new (New) Package is "python-django" Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.j5gdrS/_old 2015-12-04 11:41:31.0 +0100 +++ /var/tmp/diff_new_pack.j5gdrS/_new 2015-12-04 11:41:31.0 +0100 @@ -1 +1 @@ - +
commit cyrus-imapd for openSUSE:13.1:Update
Hello community, here is the log from the commit of package cyrus-imapd for openSUSE:13.1:Update checked in at 2015-12-04 11:41:24 Comparing /work/SRC/openSUSE:13.1:Update/cyrus-imapd (Old) and /work/SRC/openSUSE:13.1:Update/.cyrus-imapd.new (New) Package is "cyrus-imapd" Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.mXjkFb/_old 2015-12-04 11:41:25.0 +0100 +++ /var/tmp/diff_new_pack.mXjkFb/_new 2015-12-04 11:41:25.0 +0100 @@ -1 +1 @@ - +
commit star for openSUSE:13.1:Update
Hello community, here is the log from the commit of package star for openSUSE:13.1:Update checked in at 2015-12-04 12:47:05 Comparing /work/SRC/openSUSE:13.1:Update/star (Old) and /work/SRC/openSUSE:13.1:Update/.star.new (New) Package is "star" Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.4lnQmn/_old 2015-12-04 12:47:06.0 +0100 +++ /var/tmp/diff_new_pack.4lnQmn/_new 2015-12-04 12:47:06.0 +0100 @@ -1 +1 @@ - +
commit star for openSUSE:13.2:Update
Hello community, here is the log from the commit of package star for openSUSE:13.2:Update checked in at 2015-12-04 12:47:07 Comparing /work/SRC/openSUSE:13.2:Update/star (Old) and /work/SRC/openSUSE:13.2:Update/.star.new (New) Package is "star" Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.R0FUeE/_old 2015-12-04 12:47:08.0 +0100 +++ /var/tmp/diff_new_pack.R0FUeE/_new 2015-12-04 12:47:08.0 +0100 @@ -1 +1 @@ - +
commit xorg-x11-server for openSUSE:13.2:Update
Hello community, here is the log from the commit of package xorg-x11-server for openSUSE:13.2:Update checked in at 2015-12-04 12:47:25 Comparing /work/SRC/openSUSE:13.2:Update/xorg-x11-server (Old) and /work/SRC/openSUSE:13.2:Update/.xorg-x11-server.new (New) Package is "xorg-x11-server" Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.4pCr5n/_old 2015-12-04 12:47:26.0 +0100 +++ /var/tmp/diff_new_pack.4pCr5n/_new 2015-12-04 12:47:26.0 +0100 @@ -1 +1 @@ - +
commit xorg-x11-server for openSUSE:13.1:Update
Hello community, here is the log from the commit of package xorg-x11-server for openSUSE:13.1:Update checked in at 2015-12-04 12:47:21 Comparing /work/SRC/openSUSE:13.1:Update/xorg-x11-server (Old) and /work/SRC/openSUSE:13.1:Update/.xorg-x11-server.new (New) Package is "xorg-x11-server" Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.iCCKHK/_old 2015-12-04 12:47:23.0 +0100 +++ /var/tmp/diff_new_pack.iCCKHK/_new 2015-12-04 12:47:23.0 +0100 @@ -1 +1 @@ - +
commit NetworkManager for openSUSE:13.2:Update
Hello community, here is the log from the commit of package NetworkManager for openSUSE:13.2:Update checked in at 2015-12-04 12:46:45 Comparing /work/SRC/openSUSE:13.2:Update/NetworkManager (Old) and /work/SRC/openSUSE:13.2:Update/.NetworkManager.new (New) Package is "NetworkManager" Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.xhBuLL/_old 2015-12-04 12:46:47.0 +0100 +++ /var/tmp/diff_new_pack.xhBuLL/_new 2015-12-04 12:46:47.0 +0100 @@ -1 +1 @@ - +
commit radiotray for openSUSE:13.2:Update
Hello community, here is the log from the commit of package radiotray for openSUSE:13.2:Update checked in at 2015-12-04 12:46:54 Comparing /work/SRC/openSUSE:13.2:Update/radiotray (Old) and /work/SRC/openSUSE:13.2:Update/.radiotray.new (New) Package is "radiotray" Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.Vx2QCm/_old 2015-12-04 12:46:56.0 +0100 +++ /var/tmp/diff_new_pack.Vx2QCm/_new 2015-12-04 12:46:56.0 +0100 @@ -1 +1 @@ - +
commit python-Django for openSUSE:13.2:Update
Hello community, here is the log from the commit of package python-Django for openSUSE:13.2:Update checked in at 2015-12-04 11:44:27 Comparing /work/SRC/openSUSE:13.2:Update/python-Django (Old) and /work/SRC/openSUSE:13.2:Update/.python-Django.new (New) Package is "python-Django" Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.T1sUsO/_old 2015-12-04 11:44:28.0 +0100 +++ /var/tmp/diff_new_pack.T1sUsO/_new 2015-12-04 11:44:28.0 +0100 @@ -1 +1 @@ - +
commit cyrus-imapd.4285 for openSUSE:13.1:Update
Hello community, here is the log from the commit of package cyrus-imapd.4285 for openSUSE:13.1:Update checked in at 2015-12-04 11:41:22 Comparing /work/SRC/openSUSE:13.1:Update/cyrus-imapd.4285 (Old) and /work/SRC/openSUSE:13.1:Update/.cyrus-imapd.4285.new (New) Package is "cyrus-imapd.4285" Changes: New Changes file: --- /dev/null 2015-11-02 12:10:47.524024255 +0100 +++ /work/SRC/openSUSE:13.1:Update/.cyrus-imapd.4285.new/cyrus-imapd.changes 2015-12-04 11:41:24.0 +0100 @@ -0,0 +1,1518 @@ +--- +Sun Nov 15 11:48:17 UTC 2015 - a...@ajaissle.de + +- Added cyrus-imapd-2.3.19-CVE-2015-8077.patch: + boo#954200, CVE-2015-8077: Integer overflow in range checks + +--- +Sun Aug 23 10:55:58 UTC 2015 - a...@ajaissle.de + +- Update to 2.3.19 [boo#945841] + * Security fix: handle urlfetch range starting outside message range + * Disable use of SSLv2/SSLv3 + * Support for Berkeley DB 5.x (thanks Ondrej Sury) + * Support for newer glibc versions (thanks Thomas Jarosch) + * Fixed bug #3465: support for perl 5.14 (thanks h...@imb-jena.de) + * Fixed bug #3640: reject NULL bytes in headers on LMTP delivery (thanks Julien Coloos) + +- Rebased the following patch + * cyrus-imapd-db6.diff as cyrus-imapd-2.3.19-db6.patch + +- Removed the following patches (included upstream) + - cyrus-imapd-perl-5.14.patch + +--- +Thu Jun 20 09:29:07 UTC 2013 - a...@ajaissle.de + +- Move kolab tag from package name to version field + +--- +Fri Jun 14 01:06:46 UTC 2013 - jeng...@inai.de + +- Add cyrus-imapd-db6.diff to fix compile abort with db >= 5 + +--- +Mon May 27 08:29:47 UTC 2013 - wer...@suse.de + +- Package perl-Cyrus-SIEVE-managesieve provides the sieveshell as + well as the package python-managesieve, therefore make them + conflicting + +--- +Tue May 21 10:39:20 UTC 2013 - a...@ajaissle.de + +- Added /var/lib/imap/ptclient to %files section + +--- +Fri Feb 15 11:26:29 UTC 2013 - a...@ajaissle.de + +- enable --with-ldap option + +--- +Tue Jun 19 11:24:06 UTC 2012 - meiss...@suse.com + +- allocate the right size (reported by freri...@rz.uni-kiel.de) + +--- +Fri Dec 2 07:47:58 UTC 2011 - co...@suse.com + +- add automake as buildrequire to avoid implicit dependency + +--- +Wed Oct 5 07:10:08 UTC 2011 - rha...@suse.de + +- Update to 2.3.18: + Malicious NNTP clients could bypass the authentication and + execute commands that normally require authentication. + (bnc#719998, CVE-2011-3372) + +--- +Tue Sep 27 16:36:08 CEST 2011 - meiss...@suse.de + +- parallel make is not possible, see openSUSE:Factory:PowerPC build failure. + +--- +Wed Sep 21 09:34:04 UTC 2011 - rha...@suse.de + +- Update to 2.3.17. Only change: + * includes the nntpd bufferoverflow patch +- Refreshed KOLAB patches +- Fixed a potential DoS bug, when server-side threading is used + (bnc#718428) + +--- +Sun Sep 18 00:14:26 UTC 2011 - jeng...@medozas.de + +- Remove redundant tags/sections from specfile +- Use %_smp_mflags for parallel build + +--- +Thu Sep 1 09:08:52 UTC 2011 - rha...@suse.de + +- Fixed a buffer overflow in nntpd (bnc#715251) + +--- +Mon Jun 20 09:50:50 UTC 2011 - rha...@suse.de + +- TLS initialization failures could lead to a bdb resource leak + resulting lmtpd to stop delivering mails. (bnc#606710, + cyrus-bug#3252) + +--- +Mon May 23 14:17:33 UTC 2011 - rha...@suse.de + +- Fixed STARTTLS plaintext command injection vulnerability + (bnc#694247, cyrus-bug#3425) +- Fixed building against newer perl release (5.14) + +--- +Tue Dec 7 21:56:34 UTC 2010 - co...@novell.com + +- remove /var/adm/perl-modules + +--- +Fri Nov 19 08:56:19 UTC 2010 - rha...@novell.com + +- Fixed cronjob to include the correct path to ctl_mboxlist + (bnc#650919)