Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-Brotli for openSUSE:Factory checked in at 2025-11-12 21:41:36 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-Brotli (Old) and /work/SRC/openSUSE:Factory/.python-Brotli.new.1980 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-Brotli" Wed Nov 12 21:41:36 2025 rev:7 rq:1317114 version:1.2.0 Changes: -------- --- /work/SRC/openSUSE:Factory/python-Brotli/python-Brotli.changes 2025-05-06 16:40:15.981253277 +0200 +++ /work/SRC/openSUSE:Factory/.python-Brotli.new.1980/python-Brotli.changes 2025-11-12 21:42:22.832644825 +0100 @@ -1,0 +2,18 @@ +Tue Nov 11 13:31:41 UTC 2025 - Daniel Garcia <[email protected]> + +- Run tests in %check section +- Update to 1.2.0 (bsc#1252945, CVE-2025-6176): + # SECURITY + - python: added `Decompressor::can_accept_more_data` method and optional + `output_buffer_limit` argument `Decompressor::process`; + that allows mitigation of unexpectedly large output; + reported by Charles Chan (https://github.com/charleswhchan) + # Added + - **decoder / encoder: added static initialization to reduce binary size** + - python: allow limiting decoder output (see SECURITY section) + # Improved + - python: modernize extension / allow multi-phase module initialization + # Changed + - decoder / encoder: static tables use "small" model (allows 2GiB+ binaries) + +------------------------------------------------------------------- Old: ---- Brotli-1.1.0.tar.gz New: ---- brotli-1.2.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-Brotli.spec ++++++ --- /var/tmp/diff_new_pack.ZpNz38/_old 2025-11-12 21:42:23.396668515 +0100 +++ /var/tmp/diff_new_pack.ZpNz38/_new 2025-11-12 21:42:23.400668684 +0100 @@ -1,7 +1,7 @@ # # spec file for package python-Brotli # -# Copyright (c) 2025 SUSE LLC +# Copyright (c) 2025 SUSE LLC and contributors # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,13 +18,13 @@ %{?sle15_python_module_pythons} Name: python-Brotli -Version: 1.1.0 +Version: 1.2.0 Release: 0 Summary: Python bindings for the Brotli compression library License: Apache-2.0 Group: Development/Languages/Python URL: https://pypi.org/project/Brotli/ -Source: https://files.pythonhosted.org/packages/source/B/Brotli/Brotli-%{version}.tar.gz +Source: https://files.pythonhosted.org/packages/source/b/brotli/brotli-%{version}.tar.gz BuildRequires: %{python_module devel} BuildRequires: %{python_module pip} BuildRequires: %{python_module setuptools} @@ -43,7 +43,7 @@ The specification of the Brotli Compressed Data Format is defined in RFC 7932. %prep -%setup -q -n Brotli-%{version} +%setup -q -n brotli-%{version} %build export CFLAGS="%{optflags}" @@ -53,6 +53,9 @@ %pyproject_install %python_expand %fdupes %{buildroot}%{$python_sitearch} +%check +%pyunittest_arch python/tests/*_test.py -v + %files %{python_files} %doc README.md %license LICENSE ++++++ Brotli-1.1.0.tar.gz -> brotli-1.2.0.tar.gz ++++++ /work/SRC/openSUSE:Factory/python-Brotli/Brotli-1.1.0.tar.gz /work/SRC/openSUSE:Factory/.python-Brotli.new.1980/brotli-1.2.0.tar.gz differ: char 5, line 1
