Hello community, here is the log from the commit of package rubygem-rack for openSUSE:Factory checked in at 2018-11-13 17:02:08 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rubygem-rack (Old) and /work/SRC/openSUSE:Factory/.rubygem-rack.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "rubygem-rack" Tue Nov 13 17:02:08 2018 rev:14 rq:648607 version:2.0.6 Changes: -------- --- /work/SRC/openSUSE:Factory/rubygem-rack/rubygem-rack.changes 2018-11-10 17:02:15.283542695 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-rack.new/rubygem-rack.changes 2018-11-13 17:43:34.220127192 +0100 @@ -4,2 +4,3 @@ -- update to 2.0.6 - see installed HISTORY.md +- update to 2.0.6: + * CVE-2018-16471: cross-site scripting (XSS) flaw via the scheme + method on Rack::Request (bsc#1114828) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-rack.spec ++++++ --- /var/tmp/diff_new_pack.ZmFk1A/_old 2018-11-13 17:43:34.624126630 +0100 +++ /var/tmp/diff_new_pack.ZmFk1A/_new 2018-11-13 17:43:34.628126626 +0100 @@ -37,9 +37,9 @@ %endif # /MANUAL BuildRoot: %{_tmppath}/%{name}-%{version}-build -BuildRequires: ruby-macros >= 5 BuildRequires: %{ruby >= 2.2.2} BuildRequires: %{rubygem gem2rpm} +BuildRequires: ruby-macros >= 5 BuildRequires: update-alternatives Url: https://rack.github.io/ Source: https://rubygems.org/gems/%{mod_full_name}.gem @@ -72,7 +72,6 @@ chmod 644 %{buildroot}%{_libdir}/ruby/gems/*/gems/%{mod_name}-%{version}/test/cgi/test.gz # /MANUAL - %gem_packages %changelog