Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package kanidm for openSUSE:Factory checked in at 2025-05-07 19:19:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/kanidm (Old) and /work/SRC/openSUSE:Factory/.kanidm.new.30101 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kanidm" Wed May 7 19:19:55 2025 rev:47 rq:1275084 version:1.6.0~git0.d7ae0f336 Changes: -------- --- /work/SRC/openSUSE:Factory/kanidm/kanidm.changes 2025-02-22 19:05:20.731772837 +0100 +++ /work/SRC/openSUSE:Factory/.kanidm.new.30101/kanidm.changes 2025-05-07 19:20:07.688316425 +0200 @@ -1,0 +2,101 @@ +Wed May 7 04:40:56 UTC 2025 - William Brown <[email protected]> + +- bsc#1242642 - CVE-2025-3416 - openssl use after free + +------------------------------------------------------------------- +Wed May 07 04:10:43 UTC 2025 - [email protected] + +- Update to version 1.6.0~git0.d7ae0f336: + * Release 1.6.0 + * Avoid openssl for md4 + * Fixes #3586, inverts the navbar button color (#3593) + * Release 1.6.0-pre + * chore: Release Notes (#3588) + * Do not require instances to exist during optional config load (#3591) + * Fix std::fmt::Display for some objects (#3587) + * Drop fernet in favour of JWE (#3577) + * docs: document how to configure oauth2 for opkssh (#3566) + * Add kanidm_ssh_authorizedkeys_direct to client deb (#3585) + * Bump the all group in /pykanidm with 2 updates (#3581) + * Update dependencies, fix a bunch of clippy lints (#3576) + * Support spaces in ssh key comments (#3575) + * 20250402 3423 proxy protocol (#3542) + * fix(web): Preserve SSH key content on form validation error (#3574) + * Bump the all group in /pykanidm with 3 updates (#3572) + * Bump the all group in /pykanidm with 2 updates (#3564) + * Bump crossbeam-channel from 0.5.14 to 0.5.15 in the cargo group (#3560) + * Improve token handling (#3553) + * Bump tokio from 1.44.1 to 1.44.2 in the cargo group (#3549) + * Update fs4 and improve klock handling (#3551) + * Less footguns (#3552) + * Unify unix config parser (#3533) + * Bump openssl from 0.10.71 to 0.10.72 in the cargo group (#3544) + * Bump the all group in /pykanidm with 8 updates (#3547) + * implement notify-reload protocol (#3540) + * Allow versioning of server configs (#3515) + * 20250314 remove protected plugin (#3504) + * Bump the all group with 10 updates (#3539) + * Bump mozilla-actions/sccache-action from 0.0.8 to 0.0.9 in the all group (#3538) + * Bump the all group in /pykanidm with 4 updates (#3537) + * Add max_ber_size to freeipa sync (#3530) + * Bump the all group in /pykanidm with 5 updates (#3524) + * Update Concread + * Update developer_ethics.md (#3520) + * Update examples.md (#3519) + * Make schema indexing a boolean instead of index types (#3517) + * Add missing lld dependency and fix syntax typo (#3490) + * Update shell.nix to work with stable nixpkgs (#3514) + * Improve unixd tasks channel comments (#3510) + * Update kanidm_ppa_automation reference to latest (#3512) + * Add set-description to group tooling (#3511) + * packaging: Add kanidmd deb package, update documentation (#3506) + * Bump the all group in /pykanidm with 5 updates (#3508) + * 20250313 unixd system cache (#3501) + * Support rfc2307 memberUid in sync operations. (#3466) + * Bump mozilla-actions/sccache-action from 0.0.7 to 0.0.8 in the all group (#3496) + * Update Traefik config example to remove invalid label (#3500) + * Add uid/gid allocation table (#3498) + * 20250225 ldap testing in testkit (#3460) + * Bump the all group in /pykanidm with 5 updates (#3494) + * Bump ring from 0.17.10 to 0.17.13 in the cargo group (#3491) + * Handle form-post as a response mode (#3467) + * book: fix english (#3487) + * Correct paths with Kanidm Tools Container (#3486) + * 20250225 improve test performance (#3459) + * Bump the all group in /pykanidm with 8 updates (#3484) + * Use lld by default on linux (#3477) + * 20250213 patch used wrong acp (#3432) + * Android support (#3475) + * Changed all CI/CD builds to locked (#3471) + * Make it a bit clearer that providers are needed (#3468) + * Fix incorrect credential generation in radius docs (#3465) + * Add crypt formats for password import (#3458) + * build: Create daemon image from scratch (#3452) + * address webfinger doc feedbacks (#3446) + * Bump the all group across 1 directory with 5 updates (#3453) + * [htmx] Admin ui for groups and users management (#3019) + * Fixes #3406: add configurable maximum queryable attributes for LDAP (#3431) + * Accept invalid certs and fix token_cache_path (#3439) + * Accept lowercase ldap pwd hashes (#3444) + * TOTP label verification (#3419) + * Rewrite WebFinger docs (#3443) + * doc: fix formatting of URL table, remove Caddyfile instructions (#3442) + * book: add OAuth2 Proxy example (#3434) + * Exempt idm_admin and admin from denied names. (#3429) + * Book fixes (#3433) + * ci: uniform Docker builds (#3430) + * 20240213 3413 domain displayname (#3425) + * Correct path to kanidm config example in documentation. (#3424) + * Support redirect uris with query parameters (#3422) + * Update to 1.6.0-dev (#3418) + * Remove white background from square logo. (#3417) + * feat: Added webfinger implementation (#3410) + * Bump the all group in /pykanidm with 7 updates (#3412) + +------------------------------------------------------------------- +Wed May 07 03:48:37 UTC 2025 - [email protected] + +- Update to version 1.5.0~git2.21c2a1bd0: + * fix: documentation fail (#3555) + +------------------------------------------------------------------- Old: ---- kanidm-1.5.0~git1.0fa57fc.tar.zst New: ---- kanidm-1.6.0~git0.d7ae0f336.tar.zst ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ kanidm.spec ++++++ --- /var/tmp/diff_new_pack.oxveLp/_old 2025-05-07 19:20:11.668482523 +0200 +++ /var/tmp/diff_new_pack.oxveLp/_new 2025-05-07 19:20:11.680483024 +0200 @@ -20,7 +20,7 @@ %define configdir %{_sysconfdir}/kanidm Name: kanidm -Version: 1.5.0~git1.0fa57fc +Version: 1.6.0~git0.d7ae0f336 Release: 0 Summary: A identity management service and clients. License: ( Apache-2.0 OR BSL-1.0 ) AND ( Apache-2.0 OR ISC OR MIT ) AND ( Apache-2.0 OR MIT ) AND ( Apache-2.0 WITH LLVM-exception OR Apache-2.0 OR MIT ) AND ( CC0-1.0 OR Apache-2.0 ) AND ( MIT OR Apache-2.0 OR Zlib ) AND ( Unlicense OR MIT ) AND ( Zlib OR Apache-2.0 OR MIT ) AND Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND CC0-1.0 AND ISC AND MIT AND MPL-2.0 AND MPL-2.0+ ++++++ _service ++++++ --- /var/tmp/diff_new_pack.oxveLp/_old 2025-05-07 19:20:12.116501219 +0200 +++ /var/tmp/diff_new_pack.oxveLp/_new 2025-05-07 19:20:12.160503056 +0200 @@ -3,7 +3,7 @@ <param name="url">https://github.com/kanidm/kanidm.git</param> <param name="versionformat">@PARENT_TAG@~git@TAG_OFFSET@.%h</param> <param name="scm">git</param> - <param name="revision">1.5.0</param> + <param name="revision">1.6.0</param> <param name="match-tag">v*</param> <param name="versionrewrite-pattern">v(\d+\.\d+\.\d+)</param> <param name="versionrewrite-replacement">\1</param> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.oxveLp/_old 2025-05-07 19:20:12.376512070 +0200 +++ /var/tmp/diff_new_pack.oxveLp/_new 2025-05-07 19:20:12.408513405 +0200 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/kanidm/kanidm.git</param> - <param name="changesrevision">0fa57fcf49a5e3cff55d10f84cbf77c89ce971ce</param></service></servicedata> + <param name="changesrevision">d7ae0f33621bb5872dd0d98bffd3454a08ace2ba</param></service></servicedata> (No newline at EOF) ++++++ kanidm-1.5.0~git1.0fa57fc.tar.zst -> kanidm-1.6.0~git0.d7ae0f336.tar.zst ++++++ /work/SRC/openSUSE:Factory/kanidm/kanidm-1.5.0~git1.0fa57fc.tar.zst /work/SRC/openSUSE:Factory/.kanidm.new.30101/kanidm-1.6.0~git0.d7ae0f336.tar.zst differ: char 8, line 1 ++++++ vendor.tar.zst ++++++ /work/SRC/openSUSE:Factory/kanidm/vendor.tar.zst /work/SRC/openSUSE:Factory/.kanidm.new.30101/vendor.tar.zst differ: char 7, line 1
