Hello community, here is the log from the commit of package libsoup for openSUSE:Factory checked in at Wed Aug 3 16:18:21 CEST 2011. -------- --- GNOME/libsoup/libsoup.changes 2011-07-06 10:50:57.000000000 +0200 +++ /mounts/work_src_done/STABLE/libsoup/libsoup.changes 2011-07-28 21:28:40.000000000 +0200 @@ -1,0 +2,13 @@ +Thu Jul 28 21:27:11 CEST 2011 - vuntz@opensuse.org + +- Update to version 2.35.4: + + CVE-2011-2054: Fixed a security hole that caused some + SoupServer users to unintentionally allow accessing the entire + local filesystem when they thought they were only providing + access to a single directory. [bgo#653258] + + Plugged another SoupCache memory leak. + + Simplified SoupCache keys, and handle collisions. [bgo#649963] + + Annotate SoupSession:add-feature, etc, as (skip), so they don't + conflict with the methods of the same name. [bgo#655150] + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- libsoup-2.35.3.tar.bz2 New: ---- libsoup-2.35.4.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libsoup.spec ++++++ --- /var/tmp/diff_new_pack.QMwZq9/_old 2011-08-03 16:16:33.000000000 +0200 +++ /var/tmp/diff_new_pack.QMwZq9/_new 2011-08-03 16:16:33.000000000 +0200 @@ -20,7 +20,7 @@ Name: libsoup Summary: HTTP client/server library for GNOME -Version: 2.35.3 +Version: 2.35.4 Release: 1 License: LGPLv2.1+ Group: Development/Libraries/GNOME ++++++ libsoup-2.35.3.tar.bz2 -> libsoup-2.35.4.tar.bz2 ++++++ ++++ 9968 lines of diff (skipped) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org