commit heroic-games-launcher for openSUSE:Factory

Source-Sync Thu, 26 Feb 2026 10:02:54 -0800

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package heroic-games-launcher for 
openSUSE:Factory checked in at 2026-02-26 18:59:56
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/heroic-games-launcher (Old)
 and      /work/SRC/openSUSE:Factory/.heroic-games-launcher.new.29461 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "heroic-games-launcher"

Thu Feb 26 18:59:56 2026 rev:5 rq:1335286 version:2.20.0

Changes:
--------
--- 
/work/SRC/openSUSE:Factory/heroic-games-launcher/heroic-games-launcher.changes  
    2026-02-23 16:13:31.279741933 +0100
+++ 
/work/SRC/openSUSE:Factory/.heroic-games-launcher.new.29461/heroic-games-launcher.changes
   2026-02-26 19:00:16.750621652 +0100
@@ -1,0 +2,7 @@
+Thu Feb 26 01:45:14 UTC 2026 - Jonatas Gonçalves <[email protected]>
+
+- Security: Fix CVE-2026-27606
+  rollup was reported vulnerable. Enforce patched version
+  via pnpm overrides to fix embedded dependency. 
+
+-------------------------------------------------------------------

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ _scmsync.obsinfo ++++++
--- /var/tmp/diff_new_pack.bPMLIP/_old  2026-02-26 19:01:56.614794306 +0100
+++ /var/tmp/diff_new_pack.bPMLIP/_new  2026-02-26 19:01:56.666796479 +0100
@@ -1,5 +1,5 @@
-mtime: 1771726237
-commit: f7e1fa11c8ffc6e218aea06c61d692e38fb62fc9215da250e94534d141feddbe
+mtime: 1772070590
+commit: 3418d0b4e4535771bf8eb92264e808b47437a5308b75963ac7d72842a5bb0861
 url: https://src.opensuse.org/MaxxedSUSE/heroic-games-launcher
 revision: master
 

++++++ get-sources.sh ++++++
--- /var/tmp/diff_new_pack.bPMLIP/_old  2026-02-26 19:01:56.862804669 +0100
+++ /var/tmp/diff_new_pack.bPMLIP/_new  2026-02-26 19:01:56.914806842 +0100
@@ -111,6 +111,14 @@
           "fast-xml-parser": "5.3.6"
         }
     )
+
+  # === CVE-2026-27606: rollup fix ===
+  | .pnpm.overrides = (
+      (.pnpm.overrides // {})
+      + {
+          "rollup": "4.59.0"
+        }
+    )
 ' package.json > temp.json && mv temp.json package.json
 
 echo "++++++++++++++++++++++++++++++++++++++++++++++"

++++++ heroic-games-launcher-2.20.0.obscpio ++++++
/work/SRC/openSUSE:Factory/heroic-games-launcher/heroic-games-launcher-2.20.0.obscpio
 
/work/SRC/openSUSE:Factory/.heroic-games-launcher.new.29461/heroic-games-launcher-2.20.0.obscpio
 differ: char 38707, line 886

++++++ pnpm-offline-store.tar.gz ++++++
/work/SRC/openSUSE:Factory/heroic-games-launcher/pnpm-offline-store.tar.gz 
/work/SRC/openSUSE:Factory/.heroic-games-launcher.new.29461/pnpm-offline-store.tar.gz
 differ: char 15, line 1

commit heroic-games-launcher for openSUSE:Factory

Reply via email to