Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package mirrorsorcerer for openSUSE:Factory
checked in at 2025-06-12 15:53:14
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/mirrorsorcerer (Old)
and /work/SRC/openSUSE:Factory/.mirrorsorcerer.new.19631 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "mirrorsorcerer"
Thu Jun 12 15:53:14 2025 rev:15 rq:1284971 version:0.1.3~0
Changes:
--------
--- /work/SRC/openSUSE:Factory/mirrorsorcerer/mirrorsorcerer.changes
2023-09-06 18:58:17.823780689 +0200
+++ /work/SRC/openSUSE:Factory/.mirrorsorcerer.new.19631/mirrorsorcerer.changes
2025-06-12 15:55:06.593787029 +0200
@@ -1,0 +2,7 @@
+Wed Jun 11 04:41:44 UTC 2025 - william.br...@suse.com
+
+- bsc#1244201 - CVE-2025-5791 - replace users crate
+- Update to version 0.1.3~0:
+ * Update users crate
+
+-------------------------------------------------------------------
Old:
----
mirrorsorcerer-0.1.2~1.tar.zst
New:
----
mirrorsorcerer-0.1.3~0.tar.zst
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ mirrorsorcerer.spec ++++++
--- /var/tmp/diff_new_pack.Sjb1Hp/_old 2025-06-12 15:55:07.521825435 +0200
+++ /var/tmp/diff_new_pack.Sjb1Hp/_new 2025-06-12 15:55:07.525825600 +0200
@@ -1,7 +1,7 @@
#
# spec file for package mirrorsorcerer
#
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: mirrorsorcerer
-Version: 0.1.2~1
+Version: 0.1.3~0
Release: 0
Summary: Mirror Sorcerer tool to magically make OpenSUSE mirror sources
more magic-er
License: (Apache-2.0 OR BSL-1.0) AND (Apache-2.0 OR MIT) AND
(Apache-2.0 OR MIT OR Zlib) AND (MIT OR Unlicense) AND (Apache-2.0 OR Zlib OR
MIT) AND BSD-3-Clause AND MIT AND MPL-2.0
@@ -42,8 +42,6 @@
%prep
%autosetup -a1
-mkdir .cargo
-cp %{SOURCE2} .cargo/config
# Remove exec bits to prevent an issue in fedora shebang checking. Uncomment
only if required.
# find vendor -type f -name \*.rs -exec chmod -x '{}' \;
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.Sjb1Hp/_old 2025-06-12 15:55:07.577827752 +0200
+++ /var/tmp/diff_new_pack.Sjb1Hp/_new 2025-06-12 15:55:07.581827918 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://github.com/Firstyear/mirrorsorcerer.git</param>
- <param
name="changesrevision">483d2fbdf34f9ba9c14bbd7b148be4e85ec335ce</param></service></servicedata>
+ <param
name="changesrevision">78cbb92b96b91f517c22e00dfd99c744ee27be72</param></service></servicedata>
(No newline at EOF)
++++++ mirrorsorcerer-0.1.2~1.tar.zst -> mirrorsorcerer-0.1.3~0.tar.zst ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/mirrorsorcerer-0.1.2~1/Cargo.toml
new/mirrorsorcerer-0.1.3~0/Cargo.toml
--- old/mirrorsorcerer-0.1.2~1/Cargo.toml 2023-08-14 07:27:39.000000000
+0200
+++ new/mirrorsorcerer-0.1.3~0/Cargo.toml 2025-06-11 06:38:57.000000000
+0200
@@ -1,6 +1,6 @@
[package]
name = "mirrorsorcerer"
-version = "0.1.2"
+version = "0.1.3"
edition = "2021"
description = "Mirror Sorcerer tool to magically make OpenSUSE mirror sources
more magic-er"
@@ -23,7 +23,7 @@
url = { version = "2", features = ["serde"] }
surge-ping = "0.4"
-users = "0.11"
+uzers = "0.12"
notify = "4.0.17"
crc32c = "0.6"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/mirrorsorcerer-0.1.2~1/src/main.rs
new/mirrorsorcerer-0.1.3~0/src/main.rs
--- old/mirrorsorcerer-0.1.2~1/src/main.rs 2023-08-14 07:27:39.000000000
+0200
+++ new/mirrorsorcerer-0.1.3~0/src/main.rs 2025-06-11 06:38:57.000000000
+0200
@@ -375,8 +375,7 @@
.cloned()
.collect();
- let mirror = Url::parse("https://download.opensuse.org";)
- .expect("Invalid upstream mirror");
+ let mirror =
Url::parse("https://download.opensuse.org";).expect("Invalid upstream mirror");
info!("Setting mirrors to upstream default. {}", mirror);
@@ -421,14 +420,13 @@
(known_m, m)
};
-
if !config.doit {
info!("do it not requested, not changing /etc/zypp/repos.d");
info!("To update your mirrors re-run with '-x'");
return;
}
- if users::get_effective_uid() != 0 {
+ if uzers::get_effective_uid() != 0 {
info!("not running as root, not changing /etc/zypp/repos.d");
info!("To update your mirrors re-run with 'sudo'");
return;
++++++ vendor.tar.zst ++++++
/work/SRC/openSUSE:Factory/mirrorsorcerer/vendor.tar.zst
/work/SRC/openSUSE:Factory/.mirrorsorcerer.new.19631/vendor.tar.zst differ:
char 7, line 1
