Hello community, here is the log from the commit of package lhasa for openSUSE:Factory checked in at 2016-04-06 11:52:41 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/lhasa (Old) and /work/SRC/openSUSE:Factory/.lhasa.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "lhasa" Changes: -------- --- /work/SRC/openSUSE:Factory/lhasa/lhasa.changes 2015-11-10 10:03:04.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.lhasa.new/lhasa.changes 2016-04-06 11:52:45.000000000 +0200 @@ -1,0 +2,8 @@ +Mon Apr 4 17:32:33 UTC 2016 - kstreitova@suse.com + +- Update to new upstream release 0.3.1 + * This release fixes an integer underflow vulnerability in the + code for doing LZH level 3 header decodes (TALOS-CAN-0095) + [bnc#973790] [CVE-2016-2347] + +------------------------------------------------------------------- Old: ---- lhasa-0.3.0.tar.gz lhasa-0.3.0.tar.gz.asc New: ---- lhasa-0.3.1.tar.gz lhasa-0.3.1.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ lhasa.spec ++++++ --- /var/tmp/diff_new_pack.2FEM4e/_old 2016-04-06 11:52:46.000000000 +0200 +++ /var/tmp/diff_new_pack.2FEM4e/_new 2016-04-06 11:52:46.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package lhasa # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ Name: lhasa %define lname liblhasa0 -Version: 0.3.0 +Version: 0.3.1 Release: 0 Summary: Program to unpack LHARC archives License: ISC ++++++ lhasa-0.3.0.tar.gz -> lhasa-0.3.1.tar.gz ++++++ ++++ 9511 lines of diff (skipped)