Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package socat for openSUSE:Factory checked in at 2021-02-01 13:24:57 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/socat (Old) and /work/SRC/openSUSE:Factory/.socat.new.28504 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "socat" Mon Feb 1 13:24:57 2021 rev:42 rq:866524 version:1.7.4.1 Changes: -------- --- /work/SRC/openSUSE:Factory/socat/socat.changes 2020-04-25 20:07:09.203402884 +0200 +++ /work/SRC/openSUSE:Factory/.socat.new.28504/socat.changes 2021-02-01 13:24:59.117801913 +0100 @@ -1,0 +2,10 @@ +Mon Jan 11 22:24:07 UTC 2021 - Dirk M��ller <dmueller@suse.com> + +- update to 1.7.4.1: + Security: + * Buffer size option (-b) is internally doubled for CR-CRLF conversion, + but not checked for integer overflow. This could lead to heap based buffer + overflow, assuming the attacker could provide this parameter. + * Many further bugfixes and new features, see the CHANGES file + +------------------------------------------------------------------- Old: ---- socat-1.7.3.4.tar.bz2 New: ---- socat-1.7.4.1.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ socat.spec ++++++ --- /var/tmp/diff_new_pack.TflE6f/_old 2021-02-01 13:24:59.805802992 +0100 +++ /var/tmp/diff_new_pack.TflE6f/_new 2021-02-01 13:24:59.809802999 +0100 @@ -1,7 +1,7 @@ # # spec file for package socat # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2021 SUSE LLC # Copyright (c) 2010 Pascal Bleser <pascal.bleser@opensuse.org> # # All modifications and additions to the file contributed by third parties @@ -18,7 +18,7 @@ Name: socat -Version: 1.7.3.4 +Version: 1.7.4.1 Release: 0 Summary: Multipurpose relay for bidirectional data transfer License: SUSE-GPL-2.0-with-openssl-exception AND MIT ++++++ socat-1.7.3.4.tar.bz2 -> socat-1.7.4.1.tar.bz2 ++++++ ++++ 17175 lines of diff (skipped) ++++++ socat-common-fixes.patch ++++++ --- /var/tmp/diff_new_pack.TflE6f/_old 2021-02-01 13:25:00.285803745 +0100 +++ /var/tmp/diff_new_pack.TflE6f/_new 2021-02-01 13:25:00.285803745 +0100 @@ -1,7 +1,7 @@ -Index: socat-1.7.3.4/filan.c +Index: socat-1.7.4.1/filan.c =================================================================== ---- socat-1.7.3.4.orig/filan.c -+++ socat-1.7.3.4/filan.c +--- socat-1.7.4.1.orig/filan.c ++++ socat-1.7.4.1/filan.c @@ -20,6 +20,10 @@ #include "filan.h" @@ -13,21 +13,10 @@ struct sockopt { int so; -@@ -28,10 +32,6 @@ struct sockopt { - - static int filan_streams_analyze(int fd, FILE *outfile); - --/* dirty workaround so we dont get an error on AIX when being linked with -- libwrap */ --int allow_severity, deny_severity; -- - /* global variables for configuring filan */ - bool filan_followsymlinks; - bool filan_rawoutput; -Index: socat-1.7.3.4/procan.c +Index: socat-1.7.4.1/procan.c =================================================================== ---- socat-1.7.3.4.orig/procan.c -+++ socat-1.7.3.4/procan.c +--- socat-1.7.4.1.orig/procan.c ++++ socat-1.7.4.1/procan.c @@ -16,6 +16,9 @@ #include "filan.h" @@ -38,10 +27,10 @@ #include "procan.h" -Index: socat-1.7.3.4/xio-tcpwrap.c +Index: socat-1.7.4.1/xio-tcpwrap.c =================================================================== ---- socat-1.7.3.4.orig/xio-tcpwrap.c -+++ socat-1.7.3.4/xio-tcpwrap.c +--- socat-1.7.4.1.orig/xio-tcpwrap.c ++++ socat-1.7.4.1/xio-tcpwrap.c @@ -13,6 +13,7 @@ #include "xio-tcpwrap.h" ++++++ socat-ignore-tests-failure-boo1078346.patch ++++++ --- /var/tmp/diff_new_pack.TflE6f/_old 2021-02-01 13:25:00.297803764 +0100 +++ /var/tmp/diff_new_pack.TflE6f/_new 2021-02-01 13:25:00.297803764 +0100 @@ -10,12 +10,12 @@ test.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -Index: socat-1.7.3.4/test.sh +Index: socat-1.7.4.1/test.sh =================================================================== ---- socat-1.7.3.4.orig/test.sh -+++ socat-1.7.3.4/test.sh -@@ -13224,7 +13224,7 @@ echo "summary: $((N-1)) tests, $((numOK+ - +--- socat-1.7.4.1.orig/test.sh ++++ socat-1.7.4.1/test.sh +@@ -15042,7 +15042,7 @@ if [ "$numCANT" -gt 0 ]; then + fi if [ "$numFAIL" -gt 0 ]; then echo "FAILED: $listFAIL" - exit 1