October 2024 - openSUSE Commits - openSUSE Mailing Lists

commit libcamera for openSUSE:Factory
by Source-Sync 31 Oct '24

31 Oct '24

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package libcamera for openSUSE:Factory checked in at 2024-10-31 16:09:17 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libcamera (Old) and /work/SRC/openSUSE:Factory/.libcamera.new.2020 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "libcamera" Thu Oct 31 16:09:17 2024 rev:22 rq:1219491 version:0.3.2 Changes: -------- --- /work/SRC/openSUSE:Factory/libcamera/libcamera.changes 2024-08-21 23:25:04.379225540 +0200 +++ /work/SRC/openSUSE:Factory/.libcamera.new.2020/libcamera.changes 2024-10-31 16:09:29.471377442 +0100 @@ -1,0 +2,6 @@ +Sat Oct 19 17:05:03 UTC 2024 - Jan Engelhardt <jengelh(a)inai.de> + +- Update to release 0.3.2 + * Add Sony IMX214 sensor properties + +------------------------------------------------------------------- Old: ---- libcamera-0.3.1.tar.xz New: ---- libcamera-0.3.2.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libcamera.spec ++++++ --- /var/tmp/diff_new_pack.jZI0m8/_old 2024-10-31 16:09:29.943397251 +0100 +++ /var/tmp/diff_new_pack.jZI0m8/_new 2024-10-31 16:09:29.943397251 +0100 @@ -24,10 +24,10 @@ %define extname %nil %endif Name: libcamera%extname -Version: 0.3.1 +Version: 0.3.2 Release: 0 Summary: A complex camera support library in C++ -License: GPL-2.0-or-later AND LGPL-2.1-or-later +License: GPL-2.0-or-later AND LGPL-2.1-or-later AND CC-BY-SA-4.0 Group: Development/Libraries/C and C++ URL: https://libcamera.org/ #Git-Web: https://git.libcamera.org/libcamera/libcamera.git/ ++++++ _scmsync.obsinfo ++++++ --- /var/tmp/diff_new_pack.jZI0m8/_old 2024-10-31 16:09:29.979398761 +0100 +++ /var/tmp/diff_new_pack.jZI0m8/_new 2024-10-31 16:09:29.983398929 +0100 @@ -1,5 +1,5 @@ -mtime: 1724157692 -commit: 25c26bf3382ab16389f2c2053e5be1af269ea41d1a3815f45f79f8533b9cac3c +mtime: 1729357803 +commit: 0f3c64f78d9dc14e4bd7e7b55a3e8ed803a219f053ab7b6c260836f19cadb250 url: https://src.opensuse.org/jengelh/libcamera revision: master ++++++ _service ++++++ --- /var/tmp/diff_new_pack.jZI0m8/_old 2024-10-31 16:09:29.999399600 +0100 +++ /var/tmp/diff_new_pack.jZI0m8/_new 2024-10-31 16:09:29.999399600 +0100 @@ -2,7 +2,7 @@ <service name="tar_scm" mode="manual"> <param name="scm">git</param> <param name="url">https://git.libcamera.org/libcamera/libcamera.git</param> - <param name="revision">refs/tags/v0.3.1</param> + <param name="revision">refs/tags/v0.3.2</param> <param name="versionformat">@PARENT_TAG@</param> <param name="versionrewrite-pattern">v([0-9\.]*)</param> </service> ++++++ build.specials.obscpio ++++++ diff: old/*: No such file or directory diff: new/*: No such file or directory ++++++ libcamera-0.3.1.tar.xz -> libcamera-0.3.2.tar.xz ++++++ ++++ 50339 lines of diff (skipped)

1 0

commit ruby-common for openSUSE:Factory
by Source-Sync 31 Oct '24

31 Oct '24

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package ruby-common for openSUSE:Factory checked in at 2024-10-31 16:09:11 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ruby-common (Old) and /work/SRC/openSUSE:Factory/.ruby-common.new.2020 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "ruby-common" Thu Oct 31 16:09:11 2024 rev:30 rq:1219472 version:3.2.1 Changes: -------- --- /work/SRC/openSUSE:Factory/ruby-common/ruby-common.changes 2024-09-29 18:09:48.891590536 +0200 +++ /work/SRC/openSUSE:Factory/.ruby-common.new.2020/ruby-common.changes 2024-10-31 16:09:22.587088542 +0100 @@ -1,0 +2,9 @@ +Tue Oct 8 00:27:46 UTC 2024 - Marcus Rueckert <mrueckert(a)suse.de> + +- update gem_packages.spec.erb by syncing with gem2rpm + - drop group tag + - only emit manual comments if we actually put out content + - mark docs explicitely with the %doc tag + - stop using deprecated PreReq for update-alternatives + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gem_packages.spec.erb ++++++ --- /var/tmp/diff_new_pack.fqJ21a/_old 2024-10-31 16:09:23.239115904 +0100 +++ /var/tmp/diff_new_pack.fqJ21a/_new 2024-10-31 16:09:23.243116072 +0100 @@ -154,9 +154,9 @@ <%= requires_for_feature('yjit') %> <% end -%> Summary: <%= config[:summary] or spec.summary %> -Group: Development/Languages/Ruby <% unless spec.executables.empty? -%> -PreReq: update-alternatives +Requires(preun): update-alternatives +Requires(post): update-alternatives <% end -%> <% if has_plugins -%> Conflicts: rubygem(<%= rb_pkg_abi %>) @@ -169,7 +169,6 @@ <% if spec.has_rdoc? && !(config[:disable_docs]) -%> %package -n <%= pkg_basename %>-doc<%= config[:version_suffix] %> Summary: RDoc documentation for <%= spec.name %> -Group: Development/Languages/Ruby Requires: <%= pkg_basename %><%= config[:version_suffix] %> = <%= spec.version %> %description -n <%= pkg_basename %>-doc<%= config[:version_suffix] %> @@ -214,7 +213,6 @@ <% unless test_frameworks.empty? -%> %package -n <%= pkg_basename %>-testsuite<%= config[:version_suffix] %> Summary: Test suite for <%= spec.name %> -Group: Development/Languages/Ruby Requires: <%= pkg_basename %><%= config[:version_suffix] %> = <%= spec.version %> %description -n <%= pkg_basename %>-testsuite<%= config[:version_suffix] %> @@ -245,13 +243,13 @@ %files -n <%= pkg_basename %><%= config[:version_suffix] %> %defattr(-,root,root,-) -# MANUAL <% if config[:main] && config[:main][:filelist] -%> +# MANUAL <%= config[:main][:filelist] %> -<% end -%> # /MANUAL +<% end -%> <% unless docdirfiles.empty? -%> -<%= docdir %>/<%= pkg_basename %><%= config[:version_suffix] %> +%doc <%= docdir %>/<%= pkg_basename %><%= config[:version_suffix] %> <% end -%> <% spec.executables.each do |executable| -%> <%= rb_bindir %>/<%= "#{executable}#{rb_suffix}-#{spec.version}" %> @@ -302,7 +300,6 @@ <%= data[:preamble] %> <% else %> Summary: <%= custom_pkg_name %> sub package for <%= spec.name %> -Group: Development/Languages/Ruby <% end %> Requires: <%= pkg_basename %><%= config[:version_suffix] %> = <%= spec.version %> %description -n <%= pkg_basename %>-<%= custom_pkg_name %><%= config[:version_suffix] %>

1 0

commit kf6-kxmlgui for openSUSE:Factory
by Source-Sync 31 Oct '24

31 Oct '24

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package kf6-kxmlgui for openSUSE:Factory checked in at 2024-10-31 16:09:08 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/kf6-kxmlgui (Old) and /work/SRC/openSUSE:Factory/.kf6-kxmlgui.new.2020 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "kf6-kxmlgui" Thu Oct 31 16:09:08 2024 rev:9 rq:1219432 version:6.7.0 Changes: -------- --- /work/SRC/openSUSE:Factory/kf6-kxmlgui/kf6-kxmlgui.changes 2024-10-12 13:29:56.142747401 +0200 +++ /work/SRC/openSUSE:Factory/.kf6-kxmlgui.new.2020/kf6-kxmlgui.changes 2024-10-31 16:09:16.782844966 +0100 @@ -1,0 +2,5 @@ +Fri Oct 18 09:18:00 UTC 2024 - Christophe Marin <christophe(a)krop.fr> + +- Fix qt6-core-private-devel minimum version + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ kf6-kxmlgui.spec ++++++ --- /var/tmp/diff_new_pack.JgnzsM/_old 2024-10-31 16:09:17.354868971 +0100 +++ /var/tmp/diff_new_pack.JgnzsM/_new 2024-10-31 16:09:17.358869139 +0100 @@ -39,7 +39,7 @@ BuildRequires: fdupes BuildRequires: kf6-extra-cmake-modules >= %{_kf6_bugfix_version} BuildRequires: pkgconfig -BuildRequires: qt6-core-private-devel >= %{_kf6_bugfix_version} +BuildRequires: qt6-core-private-devel >= %{qt6_version} BuildRequires: cmake(KF6Config) >= %{_kf6_bugfix_version} BuildRequires: cmake(KF6ConfigWidgets) >= %{_kf6_bugfix_version} BuildRequires: cmake(KF6CoreAddons) >= %{_kf6_bugfix_version}

1 0

commit stress-ng for openSUSE:Factory
by Source-Sync 31 Oct '24

31 Oct '24

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package stress-ng for openSUSE:Factory checked in at 2024-10-31 16:09:06 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/stress-ng (Old) and /work/SRC/openSUSE:Factory/.stress-ng.new.2020 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "stress-ng" Thu Oct 31 16:09:06 2024 rev:125 rq:1219338 version:0.18.05 Changes: -------- --- /work/SRC/openSUSE:Factory/stress-ng/stress-ng.changes 2024-10-22 14:51:39.324733008 +0200 +++ /work/SRC/openSUSE:Factory/.stress-ng.new.2020/stress-ng.changes 2024-10-31 16:09:12.898682095 +0100 @@ -1,0 +2,185 @@ +Sat Oct 26 14:02:44 UTC 2024 - Fredrik Lönnegren <fredrik.lonnegren(a)suse.com> + +- update to 0.18.05: + * stress-fcntl: fix multiple workers on Haiku + * stress-touch: Fix file name handling in stress_touch_dir_clean(). + * stress-vm: use correct method names for error messages + * stress-fp: support bf16 + * stress-tree: only pack tree struct for 64 bit x86-64 + * stress-iomix: don't report an error in EINTR on lseek + * stress-file-ioctl: only report there are no ioctls tested on instance 0 + * stress-ng.h: define NAME_MAX for systems that don't define this + * stress-pseek: only define stress_peekio_pthread if using pthreads + * stress-bad-ioctl: fix lock segfault on removal + * stress-cpu: add comment about pcc warning in union exerciser + * core-*: add gcc function attribute returns_nonnull for extra sanity checking + * stress-vecfp: minor space adjustments in array declaration + * stress-jpeg: break some long lines + * Manual: add notes about support for stress-ng + * stress-fd-race: add even/odd fd stride close to random closing + * kernel-coverage: fix btrfs option -csum, should be --csum + * stress-close: clean up some block comments + * Manual: Fix typo "spinemm" ->" "spinmem" + * Manual: minor change, "note - " to "note: " + * stress-dev: rename stat bufs to avoid name shadowing + * core-*: add gcc function attribute nonnull for extra sanity checking + * stress-sighup: add send/recv handshake over pipe and sync on child death + * stress-sighup: add missing bogo-op counter + * stress-pseek: cast offsets to intmax_t to print with %j format specifier + * stress-icmp-flood: voidify return from stress_get_setting + * stress-sighup: add SIGHUP stressor + * stress-sigtrap: Fix short help, it has the wrong description + * stress-sigabrt: Fix short help, it has the wrong description + * stress-sigabrt: fix typo, SIGABORT -> SIGABRT + * core-asm-riscv.h: fix typo in comment + * stress-icmp-flood: add new --icmp-flood-max-size option + * stress-schedmix: remove trailing whitespaces + * stress-schedmix: add some randomness to deadline times + * stress-schedmix: add select and pselect timed delays to sched mix + * stress-jpeg: replace division with recipriocal multiply in plasma + * stress-icmp-flood: don't keep on setting packet up on each loop + * kernel-coverage: add /usr/sbin to $PATH + * stress-fp: fix incorrect placement of #if defined for ibm128 division + * stress-fp: add IBM powerpc ibm128 floating point add/mul/div operations + * stress-far-branch: add --far-branch-flush option to try to flush + instruction cache + * core-helper: add root like detection for Cygwin + * stress-dev: exercise more sound control ioctls + * core-config-check: enable oom-avoid for containerized environment + * stress-daemon: rename err exit labels for improved readability + * core-klog: log audit kernel log messages + * stress-dev: use strscpy for safe copying of strings + * stress-pseek: pwrite/pread concurrent seek position stressor + * Manual: fix --hdd rd-seq option description + * Manual: fix --hdd rd-rnd option description + * stress-hdd: ensure hdd_bytes_max is set to the max number of bytes written + * kernel-coverage: add --change-cpu per stressor and use --ksm for vm + stressor case + * stress-iomix: exercise cachestat(2) with invalid flags and invalid fd + * stress-cgroup: add more cgroup controls to read/write + * stress-dev: exercise ioctl command TIOCCONS + * stress-dev: add /dev/sg* devices to be exercised by stress_dev_scsi_blk + * stress-dev: fix DM_LIST_VERSIONS ioctl and add some invalid ioctl calls + * stress-dev: fix dm ioctl stressor, use /dev/mapper/control + * stress-ng: remove check to stress_cwd_readwriteable + * core-config-check: add hint to use --oom-avoid on low memory systems + * kernel-coverage: add more per file system mount options for increased + kernel coverage + * stress-dev: exercise /sys/dev/* files on Linux systems + * core-helper: add naive Haiku libc information detection + * stress-binderfs: exercise binderfs dev entry removal + * stress-mergesort: remove ALWAYS_INLINE from a comment + * stress-sigq: exercise invalid rt_sigqueueinfo call + * stress-xattr: exercise xattr on TMPFILE + * stress-tlb-shootdown: break func args into multiple lines + * stress-timerfd: minor alignment of data in source + * stress-sparsematrix: minor optimization hints + * stress-sock: make stress_send_error a PURE function + * stress-full: only declare and use variable w for linux builds + * stress-full: enable of Solaris, FreeBSD and NetBSD + * stress-full: report errno for seek failures + * stress-af-alg: fix two heap memory leaks + * stress-af-alg: fix inverted assocdata allocation failure check + * core-sort: add copy/swap helper functions for specific and generic sizes + * stress-fcntl: exercise Linux 6.12 F_CREATED_QUERY fcntl command + * stress-acl: stress_acl_cmp: constify acl1 and acl2 arguments + * core-helper: stress_get_libc_version: make educated guess that musl-libc is + being used + * stress-file-ioctl: voidify function arg fd if it's not used + * core-helper: stress_get_fs_info: voidify filename if it's not used + * stress-numa: fix typo in comment + * kernel-coverage: add --interrupts option to each test run + * kernel-coverage: add --acl-rand option to acl stressor + * kernel-coverage: add --mmap-slow-munmap to mmap stressor + * kernel-coverage: add --memfd-zap-pte option to memfd stressor + * kernel-coverage: add --get-slow-sync get stressor option + * kernel-coverage: add --swap-self swap option + * kernel-coverage: add --sockfd -1 --sockfd-reuse test case + * kernel-coverage: add --yield -1 --yield-sched scheduler tests + * kernel-coverage: add --c-state to cpu stress test case + * kernel-coverage: add --cpu -1 --raplstat 1 --rapl test case + * kernel-coverage: add --sem-shared option for sem stressor + * kernel-coverage: add --sem-sysv-setall sem-sysv test case + * stress-af-alg: put fixed sized buffers on the stack rather than heap + * core-helper: make blocks the correct unsigned type + * stress-file-ioctl: add some per-file system specific ioctls + * kernel-coverage: add -v verbose option when running stressors + * kernel-coverage: run procfs stressors for longer + * stress-poll: exercise invalid fd being passed into poll() + * stress-sem-sysv: add option --sem-sysv-setall + * stress-dev: exercise linux /dev/bsd/* scsi block devices + * core-setting: print bool type values as true or false + * core-setting: remove need for dup'ing name string + * stress-dev: replace __u32 with uint32_t to fix musl libc builds + * core-*: print per-stressor settings when -v is enabled + * stress-dev: check for autofs #defines for stress_dev_autofs_linux + +------------------------------------------------------------------- +Sat Oct 26 13:10:05 UTC 2024 - Fredrik Lönnegren <fredrik.lonnegren(a)suse.com> + +- update to 0.18.04: + * stress-dev: clean up build warning on non-x86 builds + * stress-numa: rename ptr with str to fix name shadowing warning + * stress-vm: remove debugging setting if in statement + * core-ftrace: remove PURE attribute on void return functions + * stress-*: fix vm memory % size parameter handling + * stress-vm: provide more information when mmap fails + * stress-numa: make all of buf map to the current numa node + * stress-numa: parse /proc/self/numa_maps to see if buf is on the expected + node + * core-shim: remove a space + * core-*: add PURE attribute to pure functions + * core-killpid: constify variable saved_errno + * core-cpu: re-order CPUID strings, add some missing examples + * stress-umount: remove extraneous empty line + * stress-udp: add missing empty line + * stress-tmpfs: make variable i const + * stress-sparsematrix: move pointer next to inner scope + * stress-sockpair: convert nested if statement into switch statement + * stress-sigurg: inline helper function stress_send_error + * stress-sigsegv: remove empty line + * stress-sigrt: remove empty line + * stress-set: put rlimit resource ids into a const rlimit_resources array + * stress-session: make function argument err const + * stress-rotate: make variables lo and hi const + * stress-rmap: clean up switch statement, make i a register + * stress-resched: make variables percent and scale const + * stress-pci: reduce scope of pointer next + * stress-opcode: make variable tmp const + * stress-nice: make variable which const + * stress-mutex: make variable max const + * stress-mmap: make variable offset const + * stress-mlock: make variable mlocked const + * stress-*: add power10 builtin check support + * stress-mknod: constify variable j + * stress-memcpy: use the o1 and o2 variants in the "all" method + * stress-membarrier: remove empty line + * stress-led: reduce scope of pointer 'next' + * stress-klog: make buflen const + * stress-insertionsort: constify variable tmp + * stress-hdd: constify variable v + * stress-hash: explicitly use float values in chi computation + * stress-dev: add naive simple /dev/autofs exerciser + * stress-chattr: add mmap'd page modification to file, add metrics + * stress-dev: exercise /dev/cpu/0/msr ioctl reading of TSC + * stress-dev: add /dev/cpu/0/cpuid device stressor + * core-*: don't include <sys/sysctl.h> on Linux targets + * stress-cpu: constify some variables and add register to some variables + * stress-clock: constify variable clkid + * stress-chattr: constify variable bitmask + * stress-cgroup: constify variable offset + * stress-cacheline: constify variable 'now' + * stress-mlockmany: remove stray const in start of source + * stress-bitops: constify some variables + * stress-apparmor: constify variables, fix p wrap overflow using the ternary + operator + * Manual: add in recursive hints to CPU stressor manual + * stress-*: constify stressor_info_t structs + * stress-aiol: constify offset + * stress-af-alg: remove JMP debug message + * stress-acl: constify variables, clean up some code alignment + * stress-: voidify returns from sig() calls + * stress-sem: add --sem-shared option to share 1 semaphore with all sem + instances + +------------------------------------------------------------------- Old: ---- stress-ng-0.18.03.tar.gz New: ---- stress-ng-0.18.05.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ stress-ng.spec ++++++ --- /var/tmp/diff_new_pack.cgXSNJ/_old 2024-10-31 16:09:13.526708322 +0100 +++ /var/tmp/diff_new_pack.cgXSNJ/_new 2024-10-31 16:09:13.530708490 +0100 @@ -20,7 +20,7 @@ %bcond_without apparmor Name: stress-ng -Version: 0.18.03 +Version: 0.18.05 Release: 0 Summary: Tool to load and stress a computer License: GPL-2.0-only ++++++ stress-ng-0.18.03.tar.gz -> stress-ng-0.18.05.tar.gz ++++++ /work/SRC/openSUSE:Factory/stress-ng/stress-ng-0.18.03.tar.gz /work/SRC/openSUSE:Factory/.stress-ng.new.2020/stress-ng-0.18.05.tar.gz differ: char 29, line 1

1 0

commit gnome-control-center for openSUSE:Factory
by Source-Sync 31 Oct '24

31 Oct '24

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gnome-control-center for openSUSE:Factory checked in at 2024-10-31 16:08:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gnome-control-center (Old) and /work/SRC/openSUSE:Factory/.gnome-control-center.new.2020 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "gnome-control-center" Thu Oct 31 16:08:59 2024 rev:255 rq:1219334 version:47.1.1+9 Changes: -------- --- /work/SRC/openSUSE:Factory/gnome-control-center/gnome-control-center.changes 2024-10-23 21:10:19.502807409 +0200 +++ /work/SRC/openSUSE:Factory/.gnome-control-center.new.2020/gnome-control-center.changes 2024-10-31 16:09:11.378618667 +0100 @@ -1,0 +2,10 @@ +Tue Oct 29 18:27:27 UTC 2024 - bjorn.lie(a)gmail.com + +- Update to version 47.1.1+9: + * wwan: Fix status pages + * default-apps-row: + - Fix auto_ptr usage causing leaks + - Fix auto_ptr use-after-free + * Updated translations. + +------------------------------------------------------------------- Old: ---- gnome-control-center-47.1.1.obscpio New: ---- _servicedata gnome-control-center-47.1.1+9.obscpio ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gnome-control-center.spec ++++++ --- /var/tmp/diff_new_pack.Yp4v1f/_old 2024-10-31 16:09:12.130650047 +0100 +++ /var/tmp/diff_new_pack.Yp4v1f/_new 2024-10-31 16:09:12.130650047 +0100 @@ -26,7 +26,7 @@ %endif Name: gnome-control-center -Version: 47.1.1 +Version: 47.1.1+9 Release: 0 Summary: The GNOME Control Center License: GPL-2.0-or-later ++++++ _service ++++++ --- /var/tmp/diff_new_pack.Yp4v1f/_old 2024-10-31 16:09:12.158651215 +0100 +++ /var/tmp/diff_new_pack.Yp4v1f/_new 2024-10-31 16:09:12.162651383 +0100 @@ -3,11 +3,11 @@ <service name="obs_scm" mode="manual"> <param name="scm">git</param> <param name="url">https://gitlab.gnome.org/GNOME/gnome-control-center.git</param> - <param name="revision">47.1.1</param> + <param name="revision">3e08dc59813a009193b1d2bc80e8aa044dc22590</param> <param name="versionformat">@PARENT_TAG@+@TAG_OFFSET@</param> <param name="versionrewrite-pattern">(.*)\+0</param> <param name="versionrewrite-replacement">\1</param> - <param name="changesgenerate">disable</param> + <param name="changesgenerate">enable</param> </service> <service name="tar" mode="buildtime"/> <service name="recompress" mode="buildtime"> ++++++ _servicedata ++++++ <servicedata> <service name="tar_scm"> <param name="url">https://gitlab.gnome.org/GNOME/gnome-control-center.git</param> <param name="changesrevision">3e08dc59813a009193b1d2bc80e8aa044dc22590</param></service></servicedata> (No newline at EOF) ++++++ gnome-control-center.obsinfo ++++++ --- /var/tmp/diff_new_pack.Yp4v1f/_old 2024-10-31 16:09:12.230654220 +0100 +++ /var/tmp/diff_new_pack.Yp4v1f/_new 2024-10-31 16:09:12.234654387 +0100 @@ -1,5 +1,5 @@ name: gnome-control-center -version: 47.1.1 -mtime: 1729605818 -commit: 7985fc671ad43f5925b9012e6c51231ad73a628d +version: 47.1.1+9 +mtime: 1730197318 +commit: 3e08dc59813a009193b1d2bc80e8aa044dc22590

1 0

commit python-waitress for openSUSE:Factory
by Source-Sync 31 Oct '24

31 Oct '24

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-waitress for openSUSE:Factory checked in at 2024-10-31 16:08:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-waitress (Old) and /work/SRC/openSUSE:Factory/.python-waitress.new.2020 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "python-waitress" Thu Oct 31 16:08:55 2024 rev:33 rq:1219322 version:3.0.1 Changes: -------- --- /work/SRC/openSUSE:Factory/python-waitress/python-waitress.changes 2024-07-03 20:29:28.463251390 +0200 +++ /work/SRC/openSUSE:Factory/.python-waitress.new.2020/python-waitress.changes 2024-10-31 16:09:02.266238438 +0100 @@ -1,0 +2,18 @@ +Wed Oct 30 06:49:46 UTC 2024 - Daniel Garcia <daniel.garcia(a)suse.com> + +- Update to 3.0.1 (bsc#1232554, bsc#1232556, CVE-2024-49769, CVE-2024-49768): + * Fix a bug that would lead to Waitress busy looping on select() + on a half-open socket due to a race condition that existed when + creating a new HTTPChannel. See + https://github.com/Pylons/waitress/pull/435, + https://github.com/Pylons/waitress/issues/418 and + https://github.com/Pylons/waitress/security/advisories/GHSA-3f84-rpwh-47g6 + * No longer strip the header values before passing them to the + WSGI environ. See https://github.com/Pylons/waitress/pull/434 + and https://github.com/Pylons/waitress/issues/432 + * Fix a race condition in Waitress when + `channel_request_lookahead` is enabled that could lead to HTTP + request smuggling. + * See https://github.com/Pylons/waitress/security/advisories/GHSA-9298-4cf8-g4wj + +------------------------------------------------------------------- Old: ---- waitress-3.0.0.tar.gz New: ---- waitress-3.0.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-waitress.spec ++++++ --- /var/tmp/diff_new_pack.TI4UFQ/_old 2024-10-31 16:09:03.818303200 +0100 +++ /var/tmp/diff_new_pack.TI4UFQ/_new 2024-10-31 16:09:03.830303701 +0100 @@ -31,7 +31,7 @@ %endif %{?sle15_python_module_pythons} Name: python-waitress%{psuffix} -Version: 3.0.0 +Version: 3.0.1 Release: 0 Summary: Waitress WSGI server License: ZPL-2.1 ++++++ waitress-3.0.0.tar.gz -> waitress-3.0.1.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/waitress-3.0.0/.github/workflows/ci-tests.yml new/waitress-3.0.1/.github/workflows/ci-tests.yml --- old/waitress-3.0.0/.github/workflows/ci-tests.yml 2024-02-04 23:39:05.000000000 +0100 +++ new/waitress-3.0.1/.github/workflows/ci-tests.yml 2024-10-27 02:15:47.000000000 +0100 @@ -7,6 +7,7 @@ - main - "[0-9].[0-9]+-branch" tags: + - "*" # Build pull requests pull_request: @@ -15,44 +16,62 @@ strategy: matrix: py: - - "3.8" - "3.9" - "3.10" - "3.11" - "3.12" - - "pypy-3.8" + - "3.13" - "pypy-3.9" - "pypy-3.10" # Pre-release os: - - "ubuntu-latest" + - "ubuntu-22.04" - "windows-latest" - - "macos-latest" + - "macos-14" # arm64 + - "macos-13" # x64 architecture: - x64 - x86 + - arm64 include: - - py: "pypy-3.8" - toxenv: "pypy38" - - py: "pypy-3.9" - toxenv: "pypy39" - - py: "pypy-3.10" - toxenv: "pypy310" + - py: "pypy-3.9" + toxenv: "pypy39" + - py: "pypy-3.10" + toxenv: "pypy310" exclude: - # Linux and macOS don't have x86 python - - os: "ubuntu-latest" + # Ubuntu does not have x86/arm64 Python + - os: "ubuntu-22.04" architecture: x86 - - os: "macos-latest" + - os: "ubuntu-22.04" + architecture: arm64 + # MacOS we need to make sure to remove x86 on all + # We need to run no arm64 on macos-13 (Intel), but some + # Python versions: 3.9/3.10 + # + # From 3.11 onward, there is support for running x64 and + # arm64 on Apple Silicon based systems (macos-14) + - os: "macos-13" architecture: x86 + - os: "macos-13" + architecture: arm64 + - os: "macos-14" + architecture: x86 + - os: "macos-14" + architecture: x64 + py: "3.9" + - os: "macos-14" + architecture: x64 + py: "3.10" + # Windows does not have arm64 releases + - os: "windows-latest" + architecture: arm64 # Don't run all PyPy versions except latest on # Windows/macOS. They are expensive to run. - os: "windows-latest" - py: "pypy-3.8" - - os: "macos-latest" - py: "pypy-3.8" - - os: "windows-latest" py: "pypy-3.9" - - os: "macos-latest" + - os: "macos-13" + py: "pypy-3.9" + - os: "macos-14" py: "pypy-3.9" name: "Python: ${{ matrix.py }}-${{ matrix.architecture }} on ${{ matrix.os }}" @@ -75,39 +94,39 @@ run: tox -e py coverage: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 name: Validate coverage steps: - uses: actions/checkout@v4 - - name: Setup python 3.10 + - name: Setup python uses: actions/setup-python@v5 with: - python-version: "3.10" + python-version: "3.13" architecture: x64 - run: pip install tox - - run: tox -e py310,coverage + - run: tox -e py313,coverage docs: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 name: Build the documentation steps: - uses: actions/checkout@v4 - name: Setup python uses: actions/setup-python@v5 with: - python-version: "3.10" + python-version: "3.13" architecture: x64 - run: pip install tox - run: tox -e docs lint: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 name: Lint the package steps: - uses: actions/checkout@v4 - name: Setup python uses: actions/setup-python@v5 with: - python-version: "3.10" + python-version: "3.13" architecture: x64 - run: pip install tox - run: tox -e lint diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/waitress-3.0.0/.readthedocs.yaml new/waitress-3.0.1/.readthedocs.yaml --- old/waitress-3.0.0/.readthedocs.yaml 1970-01-01 01:00:00.000000000 +0100 +++ new/waitress-3.0.1/.readthedocs.yaml 2024-06-08 23:51:37.000000000 +0200 @@ -0,0 +1,17 @@ +# https://docs.readthedocs.io/en/stable/config-file/v2.html +version: 2 +build: + os: ubuntu-22.04 + tools: + python: '3.12' +sphinx: + configuration: docs/conf.py +formats: + - pdf + - epub +python: + install: + - method: pip + path: . + extra_requirements: + - docs diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/waitress-3.0.0/CHANGES.txt new/waitress-3.0.1/CHANGES.txt --- old/waitress-3.0.0/CHANGES.txt 2024-02-05 00:30:04.000000000 +0100 +++ new/waitress-3.0.1/CHANGES.txt 2024-10-29 01:09:00.000000000 +0100 @@ -1,3 +1,27 @@ +3.0.1 (2024-11-28) +------------------ + +Security +~~~~~~~~ + +- Fix a bug that would lead to Waitress busy looping on select() on a half-open + socket due to a race condition that existed when creating a new HTTPChannel. + See https://github.com/Pylons/waitress/pull/435, + https://github.com/Pylons/waitress/issues/418 and + https://github.com/Pylons/waitress/security/advisories/GHSA-3f84-rpwh-47g6 + + With thanks to Dylan Jay and Dieter Maurer for their extensive debugging and + helping track this down. + +- No longer strip the header values before passing them to the WSGI environ. + See https://github.com/Pylons/waitress/pull/434 and + https://github.com/Pylons/waitress/issues/432 + +- Fix a race condition in Waitress when `channel_request_lookahead` is enabled + that could lead to HTTP request smuggling. + + See https://github.com/Pylons/waitress/security/advisories/GHSA-9298-4cf8-g4wj + 3.0.0 (2024-02-04) ------------------ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/waitress-3.0.0/MANIFEST.in new/waitress-3.0.1/MANIFEST.in --- old/waitress-3.0.0/MANIFEST.in 2022-01-14 03:57:32.000000000 +0100 +++ new/waitress-3.0.1/MANIFEST.in 2024-06-09 00:10:10.000000000 +0200 @@ -14,7 +14,7 @@ include pyproject.toml setup.cfg include .coveragerc .flake8 -include tox.ini rtd.txt +include tox.ini .readthedocs.yaml exclude TODO.txt prune docs/_build diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/waitress-3.0.0/PKG-INFO new/waitress-3.0.1/PKG-INFO --- old/waitress-3.0.0/PKG-INFO 2024-02-05 00:32:02.214200300 +0100 +++ new/waitress-3.0.1/PKG-INFO 2024-10-29 01:11:17.053294000 +0100 @@ -1,6 +1,6 @@ Metadata-Version: 2.1 Name: waitress -Version: 3.0.0 +Version: 3.0.1 Summary: Waitress WSGI server Home-page: https://github.com/Pylons/waitress Author: Zope Foundation and Contributors @@ -18,17 +18,17 @@ Classifier: License :: OSI Approved :: Zope Public License Classifier: Programming Language :: Python Classifier: Programming Language :: Python :: 3 -Classifier: Programming Language :: Python :: 3.8 Classifier: Programming Language :: Python :: 3.9 Classifier: Programming Language :: Python :: 3.10 Classifier: Programming Language :: Python :: 3.11 Classifier: Programming Language :: Python :: 3.12 +Classifier: Programming Language :: Python :: 3.13 Classifier: Programming Language :: Python :: Implementation :: CPython Classifier: Programming Language :: Python :: Implementation :: PyPy Classifier: Operating System :: OS Independent Classifier: Topic :: Internet :: WWW/HTTP Classifier: Topic :: Internet :: WWW/HTTP :: WSGI -Requires-Python: >=3.8.0 +Requires-Python: >=3.9.0 Description-Content-Type: text/x-rst License-File: LICENSE.txt Provides-Extra: testing @@ -50,19 +50,43 @@ .. image:: https://github.com/Pylons/waitress/actions/workflows/ci-tests.yml/badge.svg :target: https://github.com/Pylons/waitress/actions/workflows/ci-tests.yml -.. image:: https://readthedocs.org/projects/waitress/badge/?version=main - :target: https://docs.pylonsproject.org/projects/waitress/en/main +.. image:: https://readthedocs.org/projects/waitress/badge/?version=stable + :target: https://docs.pylonsproject.org/projects/waitress/en/stable/ :alt: main Documentation Status Waitress is a production-quality pure-Python WSGI server with very acceptable performance. It has no dependencies except ones which live in the Python -standard library. It runs on CPython on Unix and Windows under Python 3.8+. It -is also known to run on PyPy 3 (version 3.8 compatible python and above) on +standard library. It runs on CPython on Unix and Windows under Python 3.9+. It +is also known to run on PyPy 3 (version 3.9 compatible python and above) on UNIX. It supports HTTP/1.0 and HTTP/1.1. For more information, see the "docs" directory of the Waitress package or visit https://docs.pylonsproject.org/projects/waitress/en/latest/ +3.0.1 (2024-11-28) +------------------ + +Security +~~~~~~~~ + +- Fix a bug that would lead to Waitress busy looping on select() on a half-open + socket due to a race condition that existed when creating a new HTTPChannel. + See https://github.com/Pylons/waitress/pull/435, + https://github.com/Pylons/waitress/issues/418 and + https://github.com/Pylons/waitress/security/advisories/GHSA-3f84-rpwh-47g6 + + With thanks to Dylan Jay and Dieter Maurer for their extensive debugging and + helping track this down. + +- No longer strip the header values before passing them to the WSGI environ. + See https://github.com/Pylons/waitress/pull/434 and + https://github.com/Pylons/waitress/issues/432 + +- Fix a race condition in Waitress when `channel_request_lookahead` is enabled + that could lead to HTTP request smuggling. + + See https://github.com/Pylons/waitress/security/advisories/GHSA-9298-4cf8-g4wj + 3.0.0 (2024-02-04) ------------------ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/waitress-3.0.0/README.rst new/waitress-3.0.1/README.rst --- old/waitress-3.0.0/README.rst 2024-02-04 23:39:05.000000000 +0100 +++ new/waitress-3.0.1/README.rst 2024-10-27 02:15:47.000000000 +0100 @@ -8,14 +8,14 @@ .. image:: https://github.com/Pylons/waitress/actions/workflows/ci-tests.yml/badge.svg :target: https://github.com/Pylons/waitress/actions/workflows/ci-tests.yml -.. image:: https://readthedocs.org/projects/waitress/badge/?version=main - :target: https://docs.pylonsproject.org/projects/waitress/en/main +.. image:: https://readthedocs.org/projects/waitress/badge/?version=stable + :target: https://docs.pylonsproject.org/projects/waitress/en/stable/ :alt: main Documentation Status Waitress is a production-quality pure-Python WSGI server with very acceptable performance. It has no dependencies except ones which live in the Python -standard library. It runs on CPython on Unix and Windows under Python 3.8+. It -is also known to run on PyPy 3 (version 3.8 compatible python and above) on +standard library. It runs on CPython on Unix and Windows under Python 3.9+. It +is also known to run on PyPy 3 (version 3.9 compatible python and above) on UNIX. It supports HTTP/1.0 and HTTP/1.1. For more information, see the "docs" directory of the Waitress package or visit diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/waitress-3.0.0/docs/arguments.rst new/waitress-3.0.1/docs/arguments.rst --- old/waitress-3.0.0/docs/arguments.rst 2024-02-05 00:09:10.000000000 +0100 +++ new/waitress-3.0.1/docs/arguments.rst 2024-10-29 01:06:11.000000000 +0100 @@ -314,3 +314,17 @@ be stripped of the prefix. Default: ``''`` + +channel_request_lookahead + Sets the amount of requests we can continue to read from the socket, while + we are processing current requests. The default value won't allow any + lookahead, increase it above ``0`` to enable. + + When enabled this inserts a callable ``waitress.client_disconnected`` into + the environment that allows the task to check if the client disconnected + while waiting for the response at strategic points in the execution and to + cancel the operation. + + Default: ``0`` + + .. versionadded:: 2.0.0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/waitress-3.0.0/rtd.txt new/waitress-3.0.1/rtd.txt --- old/waitress-3.0.0/rtd.txt 2017-09-15 22:45:36.000000000 +0200 +++ new/waitress-3.0.1/rtd.txt 1970-01-01 01:00:00.000000000 +0100 @@ -1,3 +0,0 @@ -Sphinx >= 1.3.1 -repoze.sphinx.autointerface -pylons-sphinx-themes diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/waitress-3.0.0/setup.cfg new/waitress-3.0.1/setup.cfg --- old/waitress-3.0.0/setup.cfg 2024-02-05 00:32:02.214689500 +0100 +++ new/waitress-3.0.1/setup.cfg 2024-10-29 01:11:17.053846600 +0100 @@ -1,6 +1,6 @@ [metadata] name = waitress -version = 3.0.0 +version = 3.0.1 description = Waitress WSGI server long_description = file: README.rst, CHANGES.txt long_description_content_type = text/x-rst @@ -13,11 +13,11 @@ License :: OSI Approved :: Zope Public License Programming Language :: Python Programming Language :: Python :: 3 - Programming Language :: Python :: 3.8 Programming Language :: Python :: 3.9 Programming Language :: Python :: 3.10 Programming Language :: Python :: 3.11 Programming Language :: Python :: 3.12 + Programming Language :: Python :: 3.13 Programming Language :: Python :: Implementation :: CPython Programming Language :: Python :: Implementation :: PyPy Operating System :: OS Independent @@ -37,7 +37,7 @@ package_dir = =src packages = find: -python_requires = >=3.8.0 +python_requires = >=3.9.0 [options.entry_points] paste.server_runner = diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/waitress-3.0.0/src/waitress/channel.py new/waitress-3.0.1/src/waitress/channel.py --- old/waitress-3.0.0/src/waitress/channel.py 2022-12-24 22:07:01.000000000 +0100 +++ new/waitress-3.0.1/src/waitress/channel.py 2024-10-29 01:06:11.000000000 +0100 @@ -67,8 +67,7 @@ self.outbuf_lock = threading.Condition() wasyncore.dispatcher.__init__(self, sock, map=map) - - # Don't let wasyncore.dispatcher throttle self.addr on us. + self.connected = True self.addr = addr self.requests = [] @@ -92,13 +91,7 @@ # Precondition: there's data in the out buffer to be sent, or # there's a pending will_close request - if not self.connected: - # we dont want to close the channel twice - - return - # try to flush any pending output - if not self.requests: # 1. There are no running tasks, so we don't need to try to lock # the outbuf before sending @@ -147,7 +140,7 @@ # 1. We're not already about to close the connection. # 2. We're not waiting to flush remaining data before closing the # connection - # 3. There are not too many tasks already queued + # 3. There are not too many tasks already queued (if lookahead is enabled) # 4. There's no data in the output buffer that needs to be sent # before we potentially create a new task. @@ -203,6 +196,15 @@ return False with self.requests_lock: + # Don't bother processing anymore data if this connection is about + # to close. This may happen if readable() returned True, on the + # main thread before the service thread set the close_when_flushed + # flag, and we read data but our service thread is attempting to + # shut down the connection due to an error. We want to make sure we + # do this while holding the request_lock so that we can't race + if self.will_close or self.close_when_flushed: + return False + while data: if self.request is None: self.request = self.parser_class(self.adj) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/waitress-3.0.0/src/waitress/task.py new/waitress-3.0.1/src/waitress/task.py --- old/waitress-3.0.0/src/waitress/task.py 2024-02-04 23:52:18.000000000 +0100 +++ new/waitress-3.0.1/src/waitress/task.py 2024-03-03 22:56:33.000000000 +0100 @@ -557,7 +557,6 @@ } for key, value in dict(request.headers).items(): - value = value.strip() mykey = rename_headers.get(key, None) if mykey is None: mykey = "HTTP_" + key diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/waitress-3.0.0/src/waitress/wasyncore.py new/waitress-3.0.1/src/waitress/wasyncore.py --- old/waitress-3.0.0/src/waitress/wasyncore.py 2024-02-04 23:52:18.000000000 +0100 +++ new/waitress-3.0.1/src/waitress/wasyncore.py 2024-10-27 02:34:09.000000000 +0100 @@ -297,22 +297,6 @@ # get a socket from a blocking source. sock.setblocking(0) self.set_socket(sock, map) - self.connected = True - # The constructor no longer requires that the socket - # passed be connected. - try: - self.addr = sock.getpeername() - except OSError as err: - if err.args[0] in (ENOTCONN, EINVAL): - # To handle the case where we got an unconnected - # socket. - self.connected = False - else: - # The socket is broken in some unknown way, alert - # the user and remove it from the map (to prevent - # polling of broken sockets). - self.del_channel(map) - raise else: self.socket = None @@ -394,23 +378,6 @@ self.addr = addr return self.socket.bind(addr) - def connect(self, address): - self.connected = False - self.connecting = True - err = self.socket.connect_ex(address) - if ( - err in (EINPROGRESS, EALREADY, EWOULDBLOCK) - or err == EINVAL - and os.name == "nt" - ): # pragma: no cover - self.addr = address - return - if err in (0, EISCONN): - self.addr = address - self.handle_connect_event() - else: - raise OSError(err, errorcode[err]) - def accept(self): # XXX can return either an address pair or None try: @@ -469,6 +436,8 @@ if why.args[0] not in (ENOTCONN, EBADF): raise + self.socket = None + # log and log_info may be overridden to provide more sophisticated # logging and warning methods. In general, log is for 'hit' logging # and 'log_info' is for informational, warning and error logging. @@ -519,7 +488,11 @@ # handle_expt_event() is called if there might be an error on the # socket, or if there is OOB data # check for the error condition first - err = self.socket.getsockopt(socket.SOL_SOCKET, socket.SO_ERROR) + err = ( + self.socket.getsockopt(socket.SOL_SOCKET, socket.SO_ERROR) + if self.socket is not None + else 1 + ) if err != 0: # we can get here when select.select() says that there is an # exceptional condition on the socket @@ -572,34 +545,6 @@ self.close() -# --------------------------------------------------------------------------- -# adds simple buffered output capability, useful for simple clients. -# [for more sophisticated usage use asynchat.async_chat] -# --------------------------------------------------------------------------- - - -class dispatcher_with_send(dispatcher): - def __init__(self, sock=None, map=None): - dispatcher.__init__(self, sock, map) - self.out_buffer = b"" - - def initiate_send(self): - num_sent = 0 - num_sent = dispatcher.send(self, self.out_buffer[:65536]) - self.out_buffer = self.out_buffer[num_sent:] - - handle_write = initiate_send - - def writable(self): - return (not self.connected) or len(self.out_buffer) - - def send(self, data): - if self.debug: # pragma: no cover - self.log_info("sending %s" % repr(data)) - self.out_buffer = self.out_buffer + data - self.initiate_send() - - def close_all(map=None, ignore_all=False): if map is None: # pragma: no cover map = socket_map diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/waitress-3.0.0/src/waitress.egg-info/PKG-INFO new/waitress-3.0.1/src/waitress.egg-info/PKG-INFO --- old/waitress-3.0.0/src/waitress.egg-info/PKG-INFO 2024-02-05 00:32:02.000000000 +0100 +++ new/waitress-3.0.1/src/waitress.egg-info/PKG-INFO 2024-10-29 01:11:17.000000000 +0100 @@ -1,6 +1,6 @@ Metadata-Version: 2.1 Name: waitress -Version: 3.0.0 +Version: 3.0.1 Summary: Waitress WSGI server Home-page: https://github.com/Pylons/waitress Author: Zope Foundation and Contributors @@ -18,17 +18,17 @@ Classifier: License :: OSI Approved :: Zope Public License Classifier: Programming Language :: Python Classifier: Programming Language :: Python :: 3 -Classifier: Programming Language :: Python :: 3.8 Classifier: Programming Language :: Python :: 3.9 Classifier: Programming Language :: Python :: 3.10 Classifier: Programming Language :: Python :: 3.11 Classifier: Programming Language :: Python :: 3.12 +Classifier: Programming Language :: Python :: 3.13 Classifier: Programming Language :: Python :: Implementation :: CPython Classifier: Programming Language :: Python :: Implementation :: PyPy Classifier: Operating System :: OS Independent Classifier: Topic :: Internet :: WWW/HTTP Classifier: Topic :: Internet :: WWW/HTTP :: WSGI -Requires-Python: >=3.8.0 +Requires-Python: >=3.9.0 Description-Content-Type: text/x-rst License-File: LICENSE.txt Provides-Extra: testing @@ -50,19 +50,43 @@ .. image:: https://github.com/Pylons/waitress/actions/workflows/ci-tests.yml/badge.svg :target: https://github.com/Pylons/waitress/actions/workflows/ci-tests.yml -.. image:: https://readthedocs.org/projects/waitress/badge/?version=main - :target: https://docs.pylonsproject.org/projects/waitress/en/main +.. image:: https://readthedocs.org/projects/waitress/badge/?version=stable + :target: https://docs.pylonsproject.org/projects/waitress/en/stable/ :alt: main Documentation Status Waitress is a production-quality pure-Python WSGI server with very acceptable performance. It has no dependencies except ones which live in the Python -standard library. It runs on CPython on Unix and Windows under Python 3.8+. It -is also known to run on PyPy 3 (version 3.8 compatible python and above) on +standard library. It runs on CPython on Unix and Windows under Python 3.9+. It +is also known to run on PyPy 3 (version 3.9 compatible python and above) on UNIX. It supports HTTP/1.0 and HTTP/1.1. For more information, see the "docs" directory of the Waitress package or visit https://docs.pylonsproject.org/projects/waitress/en/latest/ +3.0.1 (2024-11-28) +------------------ + +Security +~~~~~~~~ + +- Fix a bug that would lead to Waitress busy looping on select() on a half-open + socket due to a race condition that existed when creating a new HTTPChannel. + See https://github.com/Pylons/waitress/pull/435, + https://github.com/Pylons/waitress/issues/418 and + https://github.com/Pylons/waitress/security/advisories/GHSA-3f84-rpwh-47g6 + + With thanks to Dylan Jay and Dieter Maurer for their extensive debugging and + helping track this down. + +- No longer strip the header values before passing them to the WSGI environ. + See https://github.com/Pylons/waitress/pull/434 and + https://github.com/Pylons/waitress/issues/432 + +- Fix a race condition in Waitress when `channel_request_lookahead` is enabled + that could lead to HTTP request smuggling. + + See https://github.com/Pylons/waitress/security/advisories/GHSA-9298-4cf8-g4wj + 3.0.0 (2024-02-04) ------------------ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/waitress-3.0.0/src/waitress.egg-info/SOURCES.txt new/waitress-3.0.1/src/waitress.egg-info/SOURCES.txt --- old/waitress-3.0.0/src/waitress.egg-info/SOURCES.txt 2024-02-05 00:32:02.000000000 +0100 +++ new/waitress-3.0.1/src/waitress.egg-info/SOURCES.txt 2024-10-29 01:11:17.000000000 +0100 @@ -1,5 +1,6 @@ .coveragerc .flake8 +.readthedocs.yaml CHANGES.txt CONTRIBUTORS.txt COPYRIGHT.txt @@ -10,7 +11,6 @@ RELEASING.txt contributing.md pyproject.toml -rtd.txt setup.cfg setup.py tox.ini diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/waitress-3.0.0/tests/test_channel.py new/waitress-3.0.1/tests/test_channel.py --- old/waitress-3.0.0/tests/test_channel.py 2024-02-04 23:52:18.000000000 +0100 +++ new/waitress-3.0.1/tests/test_channel.py 2024-10-29 01:06:11.000000000 +0100 @@ -18,7 +18,7 @@ map = {} inst = self._makeOne(sock, "127.0.0.1", adj, map=map) inst.outbuf_lock = DummyLock() - return inst, sock, map + return inst, sock.local(), map def test_ctor(self): inst, _, map = self._makeOneWithMap() @@ -218,7 +218,7 @@ def send(_): return 0 - sock.send = send + sock.remote.send = send wrote = inst.write_soon(b"a") self.assertEqual(wrote, 1) @@ -236,7 +236,7 @@ def send(_): return 0 - sock.send = send + sock.remote.send = send outbufs = inst.outbufs wrote = inst.write_soon(wrapper) @@ -270,7 +270,7 @@ def send(_): return 0 - sock.send = send + sock.remote.send = send inst.adj.outbuf_high_watermark = 3 inst.current_outbuf_count = 4 @@ -286,7 +286,7 @@ def send(_): return 0 - sock.send = send + sock.remote.send = send inst.adj.outbuf_high_watermark = 3 inst.total_outbufs_len = 4 @@ -315,7 +315,7 @@ inst.connected = False raise Exception() - sock.send = send + sock.remote.send = send inst.adj.outbuf_high_watermark = 3 inst.total_outbufs_len = 4 @@ -345,7 +345,7 @@ inst.connected = False raise Exception() - sock.send = send + sock.remote.send = send wrote = inst.write_soon(b"xyz") self.assertEqual(wrote, 3) @@ -376,7 +376,7 @@ inst.total_outbufs_len = len(inst.outbufs[0]) inst.adj.send_bytes = 1 inst.adj.outbuf_high_watermark = 2 - sock.send = lambda x, do_close=True: False + sock.remote.send = lambda x, do_close=True: False inst.will_close = False inst.last_activity = 0 result = inst.handle_write() @@ -400,7 +400,7 @@ def test__flush_some_full_outbuf_socket_returns_zero(self): inst, sock, map = self._makeOneWithMap() - sock.send = lambda x: False + sock.remote.send = lambda x: False inst.outbufs[0].append(b"abc") inst.total_outbufs_len = sum(len(x) for x in inst.outbufs) result = inst._flush_some() @@ -805,11 +805,12 @@ ) return [body] - def _make_app_with_lookahead(self): + def _make_app_with_lookahead(self, recv_bytes=8192): """ Setup a channel with lookahead and store it and the socket in self """ adj = DummyAdjustments() + adj.recv_bytes = recv_bytes adj.channel_request_lookahead = 5 channel, sock, map = self._makeOneWithMap(adj=adj) channel.server.application = self.app_check_disconnect @@ -901,13 +902,66 @@ self.assertEqual(data.split("\r\n")[-1], "finished") self.assertEqual(self.request_body, b"x") + def test_lookahead_bad_request_drop_extra_data(self): + """ + Send two requests, the first one being bad, split on the recv_bytes + limit, then emulate a race that could happen whereby we read data from + the socket while the service thread is cleaning up due to an error + processing the request. + """ + + invalid_request = [ + "GET / HTTP/1.1", + "Host: localhost:8080", + "Content-length: -1", + "", + ] + + invalid_request_len = len("".join([x + "\r\n" for x in invalid_request])) + + second_request = [ + "POST / HTTP/1.1", + "Host: localhost:8080", + "Content-Length: 1", + "", + "x", + ] + + full_request = invalid_request + second_request + + self._make_app_with_lookahead(recv_bytes=invalid_request_len) + self._send(*full_request) + self.channel.handle_read() + self.assertEqual(len(self.channel.requests), 1) + self.channel.server.tasks[0].service() + self.assertTrue(self.channel.close_when_flushed) + # Read all of the next request + self.channel.handle_read() + self.channel.handle_read() + # Validate that there is no more data to be read + self.assertEqual(self.sock.remote.local_sent, b"") + # Validate that we dropped the data from the second read, and did not + # create a new request + self.assertEqual(len(self.channel.requests), 0) + data = self.sock.recv(256).decode("ascii") + self.assertFalse(self.channel.readable()) + self.assertTrue(self.channel.writable()) + + # Handle the write, which will close the socket + self.channel.handle_write() + self.assertTrue(self.sock.closed) + + data = self.sock.recv(256) + self.assertEqual(len(data), 0) + class DummySock: blocking = False closed = False def __init__(self): - self.sent = b"" + self.local_sent = b"" + self.remote_sent = b"" def setblocking(self, *arg): self.blocking = True @@ -925,14 +979,44 @@ self.closed = True def send(self, data): - self.sent += data + self.remote_sent += data return len(data) def recv(self, buffer_size): - result = self.sent[:buffer_size] - self.sent = self.sent[buffer_size:] + result = self.local_sent[:buffer_size] + self.local_sent = self.local_sent[buffer_size:] return result + def local(self): + outer = self + + class LocalDummySock: + def send(self, data): + outer.local_sent += data + return len(data) + + def recv(self, buffer_size): + result = outer.remote_sent[:buffer_size] + outer.remote_sent = outer.remote_sent[buffer_size:] + return result + + def close(self): + outer.closed = True + + @property + def sent(self): + return outer.remote_sent + + @property + def closed(self): + return outer.closed + + @property + def remote(self): + return outer + + return LocalDummySock() + class DummyLock: notified = False diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/waitress-3.0.0/tests/test_parser.py new/waitress-3.0.1/tests/test_parser.py --- old/waitress-3.0.0/tests/test_parser.py 2024-02-05 00:29:06.000000000 +0100 +++ new/waitress-3.0.1/tests/test_parser.py 2024-03-03 22:56:33.000000000 +0100 @@ -384,6 +384,11 @@ else: # pragma: nocover self.assertTrue(False) + def test_parse_header_other_whitespace(self): + data = b"GET /foobar HTTP/1.1\r\nfoo: \xa0something\x85\r\n" + self.parser.parse_header(data) + self.assertEqual(self.parser.headers["FOO"], "\xa0something\x85") + def test_parse_header_empty(self): data = b"GET /foobar HTTP/1.1\r\nfoo: bar\r\nempty:\r\n" self.parser.parse_header(data) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/waitress-3.0.0/tests/test_task.py new/waitress-3.0.1/tests/test_task.py --- old/waitress-3.0.0/tests/test_task.py 2024-02-04 23:39:05.000000000 +0100 +++ new/waitress-3.0.1/tests/test_task.py 2024-03-03 22:56:33.000000000 +0100 @@ -776,7 +776,7 @@ request.headers = { "CONTENT_TYPE": "abc", "CONTENT_LENGTH": "10", - "X_FOO": "BAR", + "X_FOO": "\xa0BAR\x85", "CONNECTION": "close", } request.query = "abc" @@ -830,7 +830,8 @@ self.assertEqual(environ["REMOTE_PORT"], "39830") self.assertEqual(environ["CONTENT_TYPE"], "abc") self.assertEqual(environ["CONTENT_LENGTH"], "10") - self.assertEqual(environ["HTTP_X_FOO"], "BAR") + # Make sure we don't strip non RFC compliant whitespace + self.assertEqual(environ["HTTP_X_FOO"], "\xa0BAR\x85") self.assertEqual(environ["wsgi.version"], (1, 0)) self.assertEqual(environ["wsgi.url_scheme"], "http") self.assertEqual(environ["wsgi.errors"], sys.stderr) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/waitress-3.0.0/tests/test_wasyncore.py new/waitress-3.0.1/tests/test_wasyncore.py --- old/waitress-3.0.0/tests/test_wasyncore.py 2024-02-04 20:29:14.000000000 +0100 +++ new/waitress-3.0.1/tests/test_wasyncore.py 2024-06-08 23:51:25.000000000 +0200 @@ -1,6 +1,7 @@ import _thread as thread import contextlib import errno +from errno import EALREADY, EINPROGRESS, EINVAL, EISCONN, EWOULDBLOCK, errorcode import functools import gc from io import BytesIO @@ -641,62 +642,6 @@ self.assertTrue(err != "") -class dispatcherwithsend_noread(asyncore.dispatcher_with_send): # pragma: no cover - def readable(self): - return False - - def handle_connect(self): - pass - - -class DispatcherWithSendTests(unittest.TestCase): - def setUp(self): - pass - - def tearDown(self): - asyncore.close_all() - - @reap_threads - def test_send(self): - evt = threading.Event() - sock = socket.socket() - sock.settimeout(3) - port = bind_port(sock) - - cap = BytesIO() - args = (evt, cap, sock) - t = threading.Thread(target=capture_server, args=args) - t.start() - try: - # wait a little longer for the server to initialize (it sometimes - # refuses connections on slow machines without this wait) - time.sleep(0.2) - - data = b"Suppose there isn't a 16-ton weight?" - d = dispatcherwithsend_noread() - d.create_socket() - d.connect((HOST, port)) - - # give time for socket to connect - time.sleep(0.1) - - d.send(data) - d.send(data) - d.send(b"\n") - - n = 1000 - - while d.out_buffer and n > 0: # pragma: no cover - asyncore.poll() - n -= 1 - - evt.wait() - - self.assertEqual(cap.getvalue(), data * 2) - finally: - join_thread(t, timeout=TIMEOUT) - - @unittest.skipUnless( hasattr(asyncore, "file_wrapper"), "asyncore.file_wrapper required" ) @@ -839,6 +784,23 @@ self.create_socket(family) self.connect(address) + def connect(self, address): + self.connected = False + self.connecting = True + err = self.socket.connect_ex(address) + if ( + err in (EINPROGRESS, EALREADY, EWOULDBLOCK) + or err == EINVAL + and os.name == "nt" + ): # pragma: no cover + self.addr = address + return + if err in (0, EISCONN): + self.addr = address + self.handle_connect_event() + else: + raise OSError(err, errorcode[err]) + def handle_connect(self): pass @@ -1454,17 +1416,6 @@ return dispatcher(sock=sock, map=map) - def test_unexpected_getpeername_exc(self): - sock = dummysocket() - - def getpeername(): - raise OSError(errno.EBADF) - - map = {} - sock.getpeername = getpeername - self.assertRaises(socket.error, self._makeOne, sock=sock, map=map) - self.assertEqual(map, {}) - def test___repr__accepting(self): sock = dummysocket() map = {} @@ -1500,13 +1451,6 @@ inst.set_reuse_addr() self.assertTrue(sock.errored) - def test_connect_raise_socket_error(self): - sock = dummysocket() - map = {} - sock.connect_ex = lambda *arg: 1 - inst = self._makeOne(sock=sock, map=map) - self.assertRaises(socket.error, inst.connect, 0) - def test_accept_raise_TypeError(self): sock = dummysocket() map = {} @@ -1675,21 +1619,6 @@ self.assertTrue(sock.closed) -class Test_dispatcher_with_send(unittest.TestCase): - def _makeOne(self, sock=None, map=None): - from waitress.wasyncore import dispatcher_with_send - - return dispatcher_with_send(sock=sock, map=map) - - def test_writable(self): - sock = dummysocket() - map = {} - inst = self._makeOne(sock=sock, map=map) - inst.out_buffer = b"123" - inst.connected = True - self.assertTrue(inst.writable()) - - class Test_close_all(unittest.TestCase): def _callFUT(self, map=None, ignore_all=False): from waitress.wasyncore import close_all diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/waitress-3.0.0/tox.ini new/waitress-3.0.1/tox.ini --- old/waitress-3.0.0/tox.ini 2024-02-04 23:39:05.000000000 +0100 +++ new/waitress-3.0.1/tox.ini 2024-10-27 02:15:47.000000000 +0100 @@ -1,7 +1,7 @@ [tox] envlist = lint, - py38,py39,py310,py311,py312,pypy38,pypy39,pypy310 + py39,py310,py311,py312,py313,pypy39,pypy310 coverage, docs isolated_build = True @@ -10,7 +10,6 @@ commands = python --version python -mpytest \ - pypy38: --no-cov \ pypy39: --no-cov \ pypy310: --no-cov \ {posargs:}

1 0

commit jsch-agent-proxy for openSUSE:Factory
by Source-Sync 31 Oct '24

31 Oct '24

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package jsch-agent-proxy for openSUSE:Factory checked in at 2024-10-31 16:08:52 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/jsch-agent-proxy (Old) and /work/SRC/openSUSE:Factory/.jsch-agent-proxy.new.2020 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "jsch-agent-proxy" Thu Oct 31 16:08:52 2024 rev:6 rq:1219256 version:0.0.9 Changes: -------- --- /work/SRC/openSUSE:Factory/jsch-agent-proxy/jsch-agent-proxy.changes 2024-03-13 22:16:12.835052292 +0100 +++ /work/SRC/openSUSE:Factory/.jsch-agent-proxy.new.2020/jsch-agent-proxy.changes 2024-10-31 16:08:59.278113753 +0100 @@ -1,0 +2,6 @@ +Wed Oct 30 04:56:32 UTC 2024 - Fridrich Strba <fstrba(a)suse.com> + +- Re-add trilead-ssh2 dependency, since the bsc#1218198, + CVE-2023-48795 has been fixed + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ jsch-agent-proxy.spec ++++++ --- /var/tmp/diff_new_pack.dHH2Ni/_old 2024-10-31 16:08:59.742133115 +0100 +++ /var/tmp/diff_new_pack.dHH2Ni/_new 2024-10-31 16:08:59.746133282 +0100 @@ -32,6 +32,7 @@ BuildRequires: jna BuildRequires: jna-contrib BuildRequires: jsch +BuildRequires: trilead-ssh2 BuildArch: noarch %description @@ -76,6 +77,13 @@ %description sshagent %{summary}. +%package svnkit-trilead-ssh2 +Summary: trilead-ssh2 connector for jsch-agent-proxy +Group: Development/Libraries/Java + +%description svnkit-trilead-ssh2 +%{summary}. + %package usocket-jna Summary: USocketFactory implementation using JNA Group: Development/Libraries/Java @@ -108,7 +116,7 @@ %build mkdir lib -build-jar-repository -s lib jna jna-platform jsch +build-jar-repository -s lib jna jna-platform jsch trilead-ssh2 %{ant} \ -Dtest.skip=true \ @@ -119,7 +127,7 @@ install -dm 0755 %{buildroot}%{_mavenpomdir} for package in connector-factory core jsch pageant sshagent \ - usocket-jna usocket-nc; do + svnkit-trilead-ssh2 usocket-jna usocket-nc; do install -pm 0644 %{name}-${package}/target/jsch.agentproxy.${package}-%{version}.jar %{buildroot}%{_javadir}/jsch.agentproxy.${package}.jar %{mvn_install_pom} %{name}-${package}/pom.xml %{buildroot}%{_mavenpomdir}/jsch.agentproxy.${package}.pom %add_maven_depmap jsch.agentproxy.${package}.pom jsch.agentproxy.${package}.jar -f ${package} @@ -143,6 +151,8 @@ %files sshagent -f .mfiles-sshagent +%files svnkit-trilead-ssh2 -f .mfiles-svnkit-trilead-ssh2 + %files usocket-jna -f .mfiles-usocket-jna %files usocket-nc -f .mfiles-usocket-nc ++++++ jsch-agent-proxy-0.0.9-build.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/build.xml new/build.xml --- old/build.xml 2024-03-12 19:07:14.061059680 +0100 +++ new/build.xml 2024-10-30 05:53:17.906779835 +0100 @@ -13,6 +13,7 @@ <ant antfile="build.xml" dir="jsch-agent-proxy-sshagent" target="clean"/> <ant antfile="build.xml" dir="jsch-agent-proxy-usocket-jna" target="clean"/> <ant antfile="build.xml" dir="jsch-agent-proxy-usocket-nc" target="clean"/> + <ant antfile="build.xml" dir="jsch-agent-proxy-svnkit-trilead-ssh2" target="clean"/> <ant antfile="build.xml" dir="jsch-agent-proxy-connector-factory" target="clean"/> </target> @@ -27,6 +28,7 @@ <ant antfile="build.xml" dir="jsch-agent-proxy-sshagent" target="compile"/> <ant antfile="build.xml" dir="jsch-agent-proxy-usocket-jna" target="compile"/> <ant antfile="build.xml" dir="jsch-agent-proxy-usocket-nc" target="compile"/> + <ant antfile="build.xml" dir="jsch-agent-proxy-svnkit-trilead-ssh2" target="compile"/> <ant antfile="build.xml" dir="jsch-agent-proxy-connector-factory" target="compile"/> </target> @@ -41,6 +43,7 @@ <ant antfile="build.xml" dir="jsch-agent-proxy-sshagent" target="compile-tests"/> <ant antfile="build.xml" dir="jsch-agent-proxy-usocket-jna" target="compile-tests"/> <ant antfile="build.xml" dir="jsch-agent-proxy-usocket-nc" target="compile-tests"/> + <ant antfile="build.xml" dir="jsch-agent-proxy-svnkit-trilead-ssh2" target="compile-tests"/> <ant antfile="build.xml" dir="jsch-agent-proxy-connector-factory" target="compile-tests"/> </target> @@ -55,6 +58,7 @@ <ant antfile="build.xml" dir="jsch-agent-proxy-sshagent" target="test"/> <ant antfile="build.xml" dir="jsch-agent-proxy-usocket-jna" target="test"/> <ant antfile="build.xml" dir="jsch-agent-proxy-usocket-nc" target="test"/> + <ant antfile="build.xml" dir="jsch-agent-proxy-svnkit-trilead-ssh2" target="test"/> <ant antfile="build.xml" dir="jsch-agent-proxy-connector-factory" target="test"/> </target> @@ -69,6 +73,7 @@ <ant antfile="build.xml" dir="jsch-agent-proxy-sshagent" target="javadoc"/> <ant antfile="build.xml" dir="jsch-agent-proxy-usocket-jna" target="javadoc"/> <ant antfile="build.xml" dir="jsch-agent-proxy-usocket-nc" target="javadoc"/> + <ant antfile="build.xml" dir="jsch-agent-proxy-svnkit-trilead-ssh2" target="javadoc"/> <ant antfile="build.xml" dir="jsch-agent-proxy-connector-factory" target="javadoc"/> </target> @@ -83,6 +88,7 @@ <ant antfile="build.xml" dir="jsch-agent-proxy-sshagent" target="package"/> <ant antfile="build.xml" dir="jsch-agent-proxy-usocket-jna" target="package"/> <ant antfile="build.xml" dir="jsch-agent-proxy-usocket-nc" target="package"/> + <ant antfile="build.xml" dir="jsch-agent-proxy-svnkit-trilead-ssh2" target="package"/> <ant antfile="build.xml" dir="jsch-agent-proxy-connector-factory" target="package"/> </target>

1 0

commit schily for openSUSE:Factory
by Source-Sync 31 Oct '24

31 Oct '24

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package schily for openSUSE:Factory checked in at 2024-10-31 16:08:48 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/schily (Old) and /work/SRC/openSUSE:Factory/.schily.new.2020 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "schily" Thu Oct 31 16:08:48 2024 rev:50 rq:1219212 version:unknown Changes: -------- --- /work/SRC/openSUSE:Factory/schily/schily.changes 2024-04-14 11:54:05.906301933 +0200 +++ /work/SRC/openSUSE:Factory/.schily.new.2020/schily.changes 2024-10-31 16:08:52.109814644 +0100 @@ -1,0 +2,5 @@ +Tue Oct 29 06:00:12 UTC 2024 - Bernhard Wiedemann <bwiedemann(a)suse.com> + +- Add 81.patch to not store the build host kernel version (boo#1232434) + +------------------------------------------------------------------- New: ---- 81.patch BETA DEBUG BEGIN: New: - Add 81.patch to not store the build host kernel version (boo#1232434) BETA DEBUG END: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ schily.spec ++++++ --- /var/tmp/diff_new_pack.6RslVA/_old 2024-10-31 16:08:52.869846358 +0100 +++ /var/tmp/diff_new_pack.6RslVA/_new 2024-10-31 16:08:52.873846524 +0100 @@ -40,6 +40,7 @@ # and submit patches upstream FIRST (cc to the bspkg maintainer perhaps). Patch1: iconv-name.diff Patch2: schily-2018-05-25_star_configuration.patch +Patch3: 81.patch BuildRequires: autoconf BuildRequires: fdupes BuildRequires: gcc-c++ ++++++ 81.patch ++++++ From 275c6bb242a12e9cfbc1a3b76ca447406b04858e Mon Sep 17 00:00:00 2001 From: "Bernhard M. Wiedemann" <bwiedemann(a)suse.de> Date: Mon, 28 Oct 2024 12:06:27 +0100 Subject: [PATCH] Stop storing build host kernel version References: https://codeberg.org/schilytools/schilytools/pulls/81 References: https://bugzilla.opensuse.org/show_bug.cgi?id=1232434 to make reproducible builds easier. See https://reproducible-builds.org/ for why this is good. This patch was done while working on reproducible builds for openSUSE, sponsored by the NLnet NGI0 fund. --- cdda2wav/local.cnf.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cdda2wav/local.cnf.in b/cdda2wav/local.cnf.in index 0874731c..d325cfa3 100644 --- a/cdda2wav/local.cnf.in +++ b/cdda2wav/local.cnf.in @@ -151,5 +151,5 @@ $(WANT_INFOFILES) $(WANT_MD5) -DAUX_DEVICE=$(AUX_DEVICE) LIBS += @LIBS@ #VERSION_OS=@CDRTOOLS_VERSION@_$(O_ARCH)_$(OSREL)_$(K_ARCH)_$(P_ARCH) -VERSION_OS=_$(O_ARCH)_$(OSREL)_$(K_ARCH)_$(P_ARCH) +VERSION_OS=_$(O_ARCH)_$(K_ARCH)_$(P_ARCH) CUR_VERSION='"$(VERSION_OS)"' -- 2.45.2

1 0

commit xkeyboard-config for openSUSE:Factory
by Source-Sync 31 Oct '24

31 Oct '24

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package xkeyboard-config for openSUSE:Factory checked in at 2024-10-31 16:08:47 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/xkeyboard-config (Old) and /work/SRC/openSUSE:Factory/.xkeyboard-config.new.2020 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "xkeyboard-config" Thu Oct 31 16:08:47 2024 rev:106 rq:1219707 version:2.42 Changes: -------- --- /work/SRC/openSUSE:Factory/xkeyboard-config/xkeyboard-config.changes 2024-06-13 15:37:48.553514049 +0200 +++ /work/SRC/openSUSE:Factory/.xkeyboard-config.new.2020/xkeyboard-config.changes 2024-10-31 16:08:50.653753887 +0100 @@ -1,0 +2,8 @@ +Mon Oct 28 10:38:05 UTC 2024 - Stefan Dirsch <sndirsch(a)suse.com> + +- n_fi-kotoistus-metainfo.patch + * add meta information for default variant of "fi" keyboard layout + "kotoistus" needed for GNOME or other users of xkeyboard meta XML + files (boo#1227420) + +------------------------------------------------------------------- New: ---- n_fi-kotoistus-metainfo.patch BETA DEBUG BEGIN: New: - n_fi-kotoistus-metainfo.patch * add meta information for default variant of "fi" keyboard layout BETA DEBUG END: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ xkeyboard-config.spec ++++++ --- /var/tmp/diff_new_pack.Eh6526/_old 2024-10-31 16:08:51.257779091 +0100 +++ /var/tmp/diff_new_pack.Eh6526/_new 2024-10-31 16:08:51.257779091 +0100 @@ -26,6 +26,7 @@ Source: https://xorg.freedesktop.org/archive/individual/data/%{name}/%{name}-%{vers… # PATCH-FIX-OPENSUSE disable-2xalt_2xctrl-toggle.diff fdo#4927 -- This is just a workaround until fdo#4927 is fixed Patch109: n_disable-2xalt_2xctrl-toggle.diff +Patch110: n_fi-kotoistus-metainfo.patch BuildRequires: fdupes BuildRequires: intltool BuildRequires: meson ++++++ n_fi-kotoistus-metainfo.patch ++++++ diff -u -r xkeyboard-config-2.42.orig/rules/base.xml xkeyboard-config-2.42/rules/base.xml --- xkeyboard-config-2.42.orig/rules/base.xml 2024-10-28 11:16:26.702599000 +0100 +++ xkeyboard-config-2.42/rules/base.xml 2024-10-28 11:36:02.956383000 +0100 @@ -3375,6 +3375,12 @@ <variantList> <variant> <configItem> + <name>kotoistus</name> + <description>Finnish (official)</description> + </configItem> + </variant> + <variant> + <configItem> <name>winkeys</name> <description>Finnish (Windows)</description> </configItem>

1 0

commit ghostscript for openSUSE:Factory
by Source-Sync 31 Oct '24

31 Oct '24

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package ghostscript for openSUSE:Factory checked in at 2024-10-31 16:08:37 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ghostscript (Old) and /work/SRC/openSUSE:Factory/.ghostscript.new.2020 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "ghostscript" Thu Oct 31 16:08:37 2024 rev:69 rq:1219571 version:10.04.0 Changes: -------- --- /work/SRC/openSUSE:Factory/ghostscript/ghostscript.changes 2024-10-23 21:08:28.278189828 +0200 +++ /work/SRC/openSUSE:Factory/.ghostscript.new.2020/ghostscript.changes 2024-10-31 16:08:44.449495004 +0100 @@ -1,0 +2,11 @@ +Wed Oct 30 12:27:04 UTC 2024 - Johannes Meixner <jsmeix(a)suse.com> + +- Enhanced entry below dated "Wed Oct 23 08:54:59 UTC 2024" + by adding the individual "bsc" numbers for each CVE, see + https://bugzilla.suse.com/show_bug.cgi?id=1232173#c4 + and by adding the "IMPORTANT" change in Ghostscript 10.04.0 +- spec file cleanup: removed the special cases for SLE12 + i.e. rely on "suse_version >= 1500" as given precondition + (recent Ghostscript versions fail to build in SLE12 anyway) + +------------------------------------------------------------------- @@ -4,8 +15,24 @@ -- update to 10.04.0 (bsc#1232173): - * Amongst other general bugs fixes, this release addresses: - + CVE-2024-46951 - + CVE-2024-46952 - + CVE-2024-46953 - + CVE-2024-46954 - + CVE-2024-46955 - + CVE-2024-46956 +- Version upgrade to 10.04.0 (bsc#1232173): + Highlights in this release include: + See 'Recent Changes in Ghostscript' at Ghostscript upstream + https://ghostscript.readthedocs.io/en/gs10.04.0/News.html + * This release addresses: + + CVE-2024-46951 (bsc#1232265) + + CVE-2024-46952 (bsc#1232266) + + CVE-2024-46953 (bsc#1232267) + + CVE-2024-46954 (bsc#1232268) + + CVE-2024-46955 (bsc#1232269) + + CVE-2024-46956 (bsc#1232270) + * IMPORTANT: In this release (10.04.0) + we (i.e. Ghostscript upstream) have be added + protection for device selection from PostScript input. + This will mean that, by default, only the device specified + on the command line will be permitted. Similar to the file + permissions, there will be a "--permit-devices=" allowing + a comma separation list of allowed devices. This will also + take a single wildcard "*" allowing any device. + Any application which relies on allowing PostScript + to change devices during a job will have to be aware, + and take action to deal with this change. + The exception is "nulldevice", switching to that requires + no special action. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ghostscript.spec ++++++ --- /var/tmp/diff_new_pack.E3j9QS/_old 2024-10-31 16:08:45.369533394 +0100 +++ /var/tmp/diff_new_pack.E3j9QS/_new 2024-10-31 16:08:45.369533394 +0100 @@ -1,5 +1,5 @@ # -# spec file for package ghostscript +# spec file # # Copyright (c) 2024 SUSE LLC # @@ -30,8 +30,15 @@ License: AGPL-3.0-only Group: Productivity/Office/Other URL: https://www.ghostscript.com/ -# use "osc service manualrun" to fetch +# Use "osc service manualrun" to fetch Source0: Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs1… +# How to manually (i.e. without "osc service") find the Source0 URL at Ghostscript upstream +# (example for the Ghostscript 10.03.1 release): +# Go to https://www.ghostscript.com +# -> "The current Ghostscript release 10.03.1 can be downloaded here" https://www.ghostscript.com/releases/index.html +# -> "Ghostscript" https://www.ghostscript.com/releases/gsdnld.html +# -> "Ghostscript 10.03.1 Source for all platforms / GNU Affero General Public License" = "Ghostscript AGPL Release" +# https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs1… Source10: apparmor_ghostscript # Patch0...Patch9 is for patches from upstream: # Source10...Source99 is for sources from SUSE which are intended for upstream: @@ -52,7 +59,7 @@ BuildRequires: update-alternatives BuildRequires: zlib-devel Requires(post): update-alternatives -Requires(preun): update-alternatives +Requires(preun):update-alternatives # Provide the additional RPM Provides of the ghostscript-library package # (ghostscript_x11 is provided by the ghostscript-x11 sub-package, see below). # The "Provides: ghostscript_any" is there to support "BuildRequires: ghostscript_any" @@ -66,6 +73,7 @@ # in openSUSE products, cf. https://build.opensuse.org/request/show/877083 Provides: ghostscript_any = %{version} %if "%{flavor}" != "mini" +BuildRequires: cups-devel BuildRequires: dbus-1-devel BuildRequires: libexpat-devel BuildRequires: xorg-x11-fonts @@ -75,18 +83,11 @@ BuildRequires: pkgconfig(xext) BuildRequires: pkgconfig(xproto) BuildRequires: pkgconfig(xt) -%if 0%{?suse_version} == 1315 -BuildRequires: cups154-devel -%else -BuildRequires: cups-devel -%endif %if %{with apparmor} -%if 0%{?suse_version} >= 1500 BuildRequires: apparmor-abstractions BuildRequires: apparmor-rpm-macros %endif %endif -%endif # Always check if latest version of openjpeg becomes compatible with ghostscript %if 0%{?suse_version} >= 1550 BuildRequires: pkgconfig(libopenjp2) >= 2.3.1 @@ -108,10 +109,8 @@ # The "Obsoletes: ghostscript-mini" is intentionally unversioned because # this package ghostscript should replace any version of ghostscript-mini. Obsoletes: ghostscript-mini -%if 0%{?suse_version} > 1210 Recommends: (cups-filters-ghostscript if cups) %endif -%endif %description Ghostscript is a package of software that provides: @@ -325,11 +324,9 @@ /sbin/ldconfig %if %{with apparmor} %if "%{flavor}" != "mini" -%if 0%{?suse_version} >= 1500 %apparmor_reload %{_sysconfdir}/apparmor.d/ghostscript %endif %endif -%endif %{_sbindir}/update-alternatives \ --install %{_bindir}/gs gs %{_bindir}/gs.bin 15 @@ -408,9 +405,6 @@ %if "%{flavor}" != "mini" %exclude %{_libdir}/ghostscript/%{version}/X11.so %if %{with apparmor} -%if 0%{?suse_version} < 1500 -%dir %{_sysconfdir}/apparmor.d -%endif %{_sysconfdir}/apparmor.d/ghostscript %endif

1 0