Mailinglist Archive: opensuse-updates (53 mails)

< Previous Next >
openSUSE-SU-2012:0400-1: osc: Update to 0.134.1
openSUSE Security Update: osc: Update to 0.134.1
______________________________________________________________________________

Announcement ID: openSUSE-SU-2012:0400-1
Rating: low
References: #624980 #679980 #711770 #749335
Cross-References: CVE-2012-1095
Affected Products:
openSUSE 12.1
openSUSE 11.4
______________________________________________________________________________

An update that solves one vulnerability and has three fixes
is now available.

Description:

This update of osc to 0.134.1 provides the following
changes:


* adding unlock command
* maintenance_incident requests get created with source
revision of package
* Enables new maintenance submissions for new OBS 2.3
maintenance model
* Fixes srcmd5 revisions in submit request, when link
target != submission target
* patchinfo call can work without checked out copy now
* use qemu as fallback for building not directly supported
architectures
* "results --watch" option to watch build results until
they finished building
* fixes injection of terminal control chars
(bnc#749335)(CVE-2012-1095)
* support dryrun of branching to preview the expected
result. "osc sm" is doing this now by default.
* maintenance requests accept package lists as source and
target incidents to be merged in
* add "setincident" command to "request" to re-direct a
maintenance request
* ask user to create "maintenance incident" request when
submit request is failing at release project
* "osc my patchinfos" is showing patchinfos where any open
bug is assigned to user
* "osc my" or "osc my work" is including assigned patchinfos
* "osc branch --maintenance" is creating setups for
maintenance
* removed debug code lead to warning message (fix by
Marcus_H)
* add --meta option also to "list", "cat" and "less"
commands
* project checkout is skipping packages linking to project
local packages by default
* add --keep-link option to copypac command
* source validators are not called by default anymore:
* support source services using OBS project or package name
* support updateing _patchinfo file with new issues just by
calling "osc patchinfo" again
* branch --add-repositories can be used to add repos from
source project to target project
* branch --extend-package-names can be used to do mbranch
like branch of a single package
* branch --new-package can be used to do branch from a not
yet existing package (to define later submit target)
* show declined requests which created by user


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 12.1:

zypper in -t patch openSUSE-2012-170

- openSUSE 11.4:

zypper in -t patch openSUSE-2012-170

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 12.1 (i586 x86_64):

build-initvm-2012.03.06-2.4.1
build-initvm-debuginfo-2012.03.06-2.4.1

- openSUSE 12.1 (x86_64):

build-initvm-debuginfo-32bit-2012.03.06-2.4.1
build-initvm-debuginfo-i586-2012.03.06-2.4.1
build-initvm-i586-2012.03.06-2.4.1

- openSUSE 12.1 (noarch):

build-2012.03.06-2.4.1
build-mkbaselibs-2012.03.06-2.4.1
build-mkbaselibs-sle-2012.03.06-2.4.1
build-mkdrpms-2012.03.06-2.4.1
obs-service-download_files-0.3-5.4.1
obs-service-format_spec_file-0.4.1-13.4.1
obs-service-source_validator-0.2-3.5.1
osc-0.134.1-2.4.1

- openSUSE 12.1 (ia64):

build-initvm-debuginfo-x86-2012.03.06-2.4.1

- openSUSE 11.4 (i586 x86_64):

build-initvm-2012.03.06-10.1
build-initvm-debuginfo-2012.03.06-10.1

- openSUSE 11.4 (x86_64):

build-initvm-debuginfo-32bit-2012.03.06-10.1
build-initvm-debuginfo-i586-2012.03.06-10.1
build-initvm-i586-2012.03.06-10.1

- openSUSE 11.4 (noarch):

build-2012.03.06-10.1
build-mkbaselibs-2012.03.06-10.1
build-mkbaselibs-sle-2012.03.06-10.1
build-mkdrpms-2012.03.06-10.1
obs-service-download_files-0.3-6.1
obs-service-format_spec_file-0.4.1-6.1
obs-service-source_validator-0.2-7.1
osc-0.134.1-6.1

- openSUSE 11.4 (ia64):

build-initvm-debuginfo-x86-2012.03.06-10.1


References:

http://support.novell.com/security/cve/CVE-2012-1095.html
https://bugzilla.novell.com/624980
https://bugzilla.novell.com/679980
https://bugzilla.novell.com/711770
https://bugzilla.novell.com/749335


< Previous Next >
This Thread
  • No further messages