Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package istioctl for openSUSE:Factory checked in at 2026-02-18 17:12:04 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/istioctl (Old) and /work/SRC/openSUSE:Factory/.istioctl.new.1977 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "istioctl" Wed Feb 18 17:12:04 2026 rev:45 rq:1333745 version:1.28.4 Changes: -------- --- /work/SRC/openSUSE:Factory/istioctl/istioctl.changes 2026-01-21 14:15:26.710099522 +0100 +++ /work/SRC/openSUSE:Factory/.istioctl.new.1977/istioctl.changes 2026-02-18 17:12:37.819711421 +0100 @@ -1,0 +2,20 @@ +Tue Feb 17 06:02:49 UTC 2026 - Johannes Kastl <[email protected]> + +- update to 1.28.4: + https://istio.io/latest/news/releases/1.28.x/announcing-1.28.4/ + Security update + * CVE-2025-61732 (CVSS score 8.6, High): A discrepancy between + how Go and C/C++ comments were parsed allowed for code + smuggling into the resulting cgo binary. + * CVE-2025-68121 (CVSS score 4.8, Moderate): A flaw in crypto/tls + session resumption allows resumed handshakes to succeed when + they should fail if ClientCAs or RootCAs are mutated between + the initial and resumed handshake. This can occur when using + Config.Clone with mutations or Config.GetConfigForClient. As a + result, clients may resume sessions with unintended servers, + and servers may resume sessions with unintended clients. + istioctl-related changes + * Fixed translation function lookup errors for MeshConfig and + MeshNetworks in istioctl. (Issue #57967) + +------------------------------------------------------------------- Old: ---- istioctl-1.28.3.obscpio New: ---- istioctl-1.28.4.obscpio ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ istioctl.spec ++++++ --- /var/tmp/diff_new_pack.CKsDcz/_old 2026-02-18 17:12:39.175767949 +0100 +++ /var/tmp/diff_new_pack.CKsDcz/_new 2026-02-18 17:12:39.175767949 +0100 @@ -17,7 +17,7 @@ Name: istioctl -Version: 1.28.3 +Version: 1.28.4 Release: 0 Summary: CLI for the istio servic mesh in Kubernetes License: Apache-2.0 ++++++ _service ++++++ --- /var/tmp/diff_new_pack.CKsDcz/_old 2026-02-18 17:12:39.235770450 +0100 +++ /var/tmp/diff_new_pack.CKsDcz/_new 2026-02-18 17:12:39.239770617 +0100 @@ -3,7 +3,7 @@ <param name="url">https://github.com/istio/istio</param> <param name="scm">git</param> <param name="exclude">.git</param> - <param name="revision">1.28.3</param> + <param name="revision">1.28.4</param> <param name="versionformat">@PARENT_TAG@</param> <param name="changesgenerate">disable</param> <param name="filename">istioctl</param> ++++++ istioctl-1.28.3.obscpio -> istioctl-1.28.4.obscpio ++++++ ++++ 2311 lines of diff (skipped) ++++++ istioctl.obsinfo ++++++ --- /var/tmp/diff_new_pack.CKsDcz/_old 2026-02-18 17:12:44.816003066 +0100 +++ /var/tmp/diff_new_pack.CKsDcz/_new 2026-02-18 17:12:44.820003233 +0100 @@ -1,5 +1,5 @@ name: istioctl -version: 1.28.3 -mtime: 1768385074 -commit: 4c1f845d839e9086ee85ad9337f2647492322eb4 +version: 1.28.4 +mtime: 1770393950 +commit: 0cc9a3e0b248766541f79f0256668e84b02d4bc8 ++++++ vendor.tar.gz ++++++ /work/SRC/openSUSE:Factory/istioctl/vendor.tar.gz /work/SRC/openSUSE:Factory/.istioctl.new.1977/vendor.tar.gz differ: char 14, line 1
