openSUSE Security Update: Security update for fossil ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:1051-1 Rating: moderate References: #1187988 Affected Products: openSUSE Backports SLE-15-SP2 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for fossil fixes the following issues: fossil 2.16: * Add the fossil patch command * Improve the fossil ui command to work on check-out directories and remote machines * web UI improvements * Add fossil bisect run command for improved automation of bisects * Improve fossil merge handling of renames * wiki now defaults to markdown * email alerts can now be set to expire to prevent sending mail to abandoned accounts forever fossil 2.15.2: * Fix the client-side TLS so that it verifies that the server hostname matches its certificate (boo#1187988) fossil 2.15.1: * fix access to tables starting "fx_" in ticket report fossil 2.15: * Relax default Content Security policy to allow images to be loaded from any URL * Updates to skins and their configuration options * Built-in skin can now be selected via the skin= request parameter and the /skins page. * /cookies page can now now delete individual cookies * Various extensions to diff displaz and operations * Add the --list option to the tarball, zip, and sqlar commands. * New TH1 commands: "builtin_request_js", "capexpr", "foreach", "lappend", and "string match" * The leaves command now shows the branch point of each leaf. * The fossil add command refuses to add files whose names are reserved by Windows (ex: "aux") unless the --allow-reserved option is included. fossil 2.14 * add fossil chat * enhanced fossil clone * performance optimization * enhanced documents * Pikchr improvements * Schema Update Notice #1: This release drops a trigger from the database schema * Schema Update Notice #2: This release changes how the descriptions of wiki edits are stored in the EVENT table, for improved display on timelines fossil 2.13: * wiki improvements: interwiki links, markup features * support for rendering pikchr markup scriptions * line number modes support interactive selection of range of lines to hyperlink to * Enhance finfo page to track a file across renames - minimum/bundled version of sqlite increased to 3.34.0 Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP2: zypper in -t patch openSUSE-2021-1051=1 Package List: - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64): fossil-2.16-bp152.2.6.1 References: https://bugzilla.suse.com/1187988