commit apache-commons-compress for openSUSE:Factory

2019-09-11 Thread root
Hello community,

here is the log from the commit of package apache-commons-compress for 
openSUSE:Factory checked in at 2019-09-11 10:16:10

Comparing /work/SRC/openSUSE:Factory/apache-commons-compress (Old)
 and  /work/SRC/openSUSE:Factory/.apache-commons-compress.new.7948 (New)


Package is "apache-commons-compress"

Wed Sep 11 10:16:10 2019 rev:3 rq:726745 version:1.19

Changes:

--- 
/work/SRC/openSUSE:Factory/apache-commons-compress/apache-commons-compress.changes
  2019-03-27 16:22:24.587517182 +0100
+++ 
/work/SRC/openSUSE:Factory/.apache-commons-compress.new.7948/apache-commons-compress.changes
2019-09-11 10:16:15.319541571 +0200
@@ -1,0 +2,23 @@
+Wed Aug 28 08:57:02 UTC 2019 - Pedro Monreal Gonzalez 

+
+- Updated to 1.19 [bsc#1148475, CVE-2019-12402]
+  * ZipFile could get stuck in an infinite loop when parsing ZIP archives
+with certain strong encryption headers (CVE-2019-12402).
+  * ZipArchiveInputStream and ZipFile will no longer throw an exception if
+an extra field generally understood by Commons Compress is malformed
+but rather turn them into UnrecognizedExtraField instances.  You can
+influence the way extra fields are parsed in more detail by using the
+new getExtraFields(ExtraFieldParsingBehavior) method of ZipArchiveEntry 
now.
+  * Some of the ZIP extra fields related to strong encryption will now
+throw ZipExceptions rather than ArrayIndexOutOfBoundsExceptions in
+certain cases when used directly. There is no practical difference
+when they are read via ZipArchiveInputStream or ZipFile.
+  * ParallelScatterZipCreator now writes entries in the same order they have
+been added to the archive.
+  * ZipArchiveInputStream and ZipFile are more forgiving when parsing extra
+fields by default now.
+  * TarArchiveInputStream has a new lenient mode that may allow it to read
+certain broken archives.
+- Rebased patch fix_java_8_compatibility.patch
+
+---

Old:

  commons-compress-1.18-src.tar.gz

New:

  commons-compress-1.19-src.tar.gz
  commons-compress-1.19-src.tar.gz.asc



Other differences:
--
++ apache-commons-compress.spec ++
--- /var/tmp/diff_new_pack.U9GSOM/_old  2019-09-11 10:16:19.539541047 +0200
+++ /var/tmp/diff_new_pack.U9GSOM/_new  2019-09-11 10:16:19.543541047 +0200
@@ -19,14 +19,15 @@
 %global base_name   compress
 %global short_name  commons-%{base_name}
 Name:   apache-%{short_name}
-Version:1.18
+Version:1.19
 Release:0
 Summary:Java API for working with compressed files and archivers
 License:Apache-2.0
 Group:  Development/Libraries/Java
 URL:http://commons.apache.org/proper/commons-compress/
 Source0:
http://archive.apache.org/dist/commons/compress/source/%{short_name}-%{version}-src.tar.gz
-Source1:%{name}-build.xml
+Source1:
http://archive.apache.org/dist/commons/compress/source/%{short_name}-%{version}-src.tar.gz.asc
+Source2:%{name}-build.xml
 Patch0: 0001-Remove-Brotli-compressor.patch
 Patch1: 0002-Remove-ZSTD-compressor.patch
 Patch2: fix_java_8_compatibility.patch
@@ -57,7 +58,7 @@
 
 %prep
 %setup -q -n %{short_name}-%{version}-src
-cp %{SOURCE1} build.xml
+cp %{SOURCE2} build.xml
 
 # Unavailable Google Brotli library (org.brotli.dec)
 %patch0 -p1

++ apache-commons-compress-build.xml ++
--- /var/tmp/diff_new_pack.U9GSOM/_old  2019-09-11 10:16:19.587541041 +0200
+++ /var/tmp/diff_new_pack.U9GSOM/_new  2019-09-11 10:16:19.587541041 +0200
@@ -9,7 +9,7 @@
   
 
   
-  
+  
   
   
   

++ commons-compress-1.18-src.tar.gz -> commons-compress-1.19-src.tar.gz 
++
/work/SRC/openSUSE:Factory/apache-commons-compress/commons-compress-1.18-src.tar.gz
 
/work/SRC/openSUSE:Factory/.apache-commons-compress.new.7948/commons-compress-1.19-src.tar.gz
 differ: char 15, line 1

++ fix_java_8_compatibility.patch ++
--- /var/tmp/diff_new_pack.U9GSOM/_old  2019-09-11 10:16:19.623541037 +0200
+++ /var/tmp/diff_new_pack.U9GSOM/_new  2019-09-11 10:16:19.631541036 +0200
@@ -1,6 +1,8 @@
 
commons-compress-1.18-src/src/main/java/org/apache/commons/compress/archivers/sevenz/BoundedSeekableByteChannelInputStream.java
2018-05-02 22:17:13.0 +0200
-+++ 
commons-compress-1.18-src/src/main/java/org/apache/commons/compress/archivers/sevenz/BoundedSeekableByteChannelInputStream.java
2018-10-26 16:05:32.068171466 +0200
-@@ -19,6 +19,7 @@
+Index: 
commons-compress-1.19-src/src/main/java/org/apache/commons/compress/archivers/sevenz/BoundedSeekableByteChannelInputStream.java
+===
+--- 

commit apache-commons-compress for openSUSE:Factory

2019-03-27 Thread root
Hello community,

here is the log from the commit of package apache-commons-compress for 
openSUSE:Factory checked in at 2019-03-27 16:22:21

Comparing /work/SRC/openSUSE:Factory/apache-commons-compress (Old)
 and  /work/SRC/openSUSE:Factory/.apache-commons-compress.new.25356 (New)


Package is "apache-commons-compress"

Wed Mar 27 16:22:21 2019 rev:2 rq:689042 version:1.18

Changes:

--- 
/work/SRC/openSUSE:Factory/apache-commons-compress/apache-commons-compress.changes
  2019-01-28 20:50:01.373805330 +0100
+++ 
/work/SRC/openSUSE:Factory/.apache-commons-compress.new.25356/apache-commons-compress.changes
   2019-03-27 16:22:24.587517182 +0100
@@ -1,0 +2,6 @@
+Mon Mar 25 17:32:03 UTC 2019 - Fridrich Strba 
+
+- Remove pom parent, since we don't use it when not building with
+  maven
+
+---



Other differences:
--
++ apache-commons-compress.spec ++
--- /var/tmp/diff_new_pack.67S9v3/_old  2019-03-27 16:22:25.563516978 +0100
+++ /var/tmp/diff_new_pack.67S9v3/_new  2019-03-27 16:22:25.563516978 +0100
@@ -1,5 +1,5 @@
 #
-# spec file for package apache-commons-compress
+# spec file for package apache
 #
 # Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
 #
@@ -31,12 +31,10 @@
 Patch1: 0002-Remove-ZSTD-compressor.patch
 Patch2: fix_java_8_compatibility.patch
 BuildRequires:  ant
-BuildRequires:  apache-commons-parent
 BuildRequires:  fdupes
 BuildRequires:  java-devel >= 1.7
 BuildRequires:  javapackages-local
 BuildRequires:  xz-java
-Requires:   mvn(org.apache.commons:commons-parent:pom:)
 Requires:   mvn(org.tukaani:xz)
 Provides:   %{short_name} = %{version}-%{release}
 Obsoletes:  %{short_name} < %{version}-%{release}
@@ -87,6 +85,9 @@
 
 %pom_xpath_remove "pom:profiles/pom:profile[pom:id[text()='java9+']]"
 
+%pom_remove_parent .
+%pom_xpath_inject "pom:project" "org.apache.commons" .
+
 %build
 mkdir -p lib
 build-jar-repository -s lib xz-java