Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package libcbor for openSUSE:Factory checked in at 2026-05-08 16:42:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libcbor (Old) and /work/SRC/openSUSE:Factory/.libcbor.new.1966 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libcbor" Fri May 8 16:42:23 2026 rev:12 rq:1351351 version:0.14.0 Changes: -------- --- /work/SRC/openSUSE:Factory/libcbor/libcbor.changes 2025-09-08 09:56:30.011838932 +0200 +++ /work/SRC/openSUSE:Factory/.libcbor.new.1966/libcbor.changes 2026-05-08 16:42:25.717841482 +0200 @@ -1,0 +2,78 @@ +Thu May 7 05:56:47 UTC 2026 - Dirk Müller <[email protected]> + +- update to 0.14.0: + * Fix NULL dereference in `cbor_move`, `cbor_serialized_size`, + and `cbor_serialize_tag` when a tag has no item set (reported + by Benjamin608608) + * Document large-allocation risk in `cbor_load` and clarify + test-only CMake flags + * Fix NULL dereference in `cbor_copy`/`cbor_copy_definite` on + allocation failure (reported by Benjamin608608) + * Explicitly guard against `size * 2` overflow in + `cbor_builder_map_start_callback` (reported by + Benjamin608608) + * Only generate CMake coverage build targets when explicitly + enabled + * [Fix CMake feature macro names and ensure `_CBOR_NODISCARD` + is defined with + `[[nodiscard]]`](https://github.com/PJK/libcbor/pull/385) + * Fix integer overflow in `cbor_copy_definite()` when + accumulating indefinite bytestring/string chunk lengths + * Add bounds check in `cbor_array_get()` to return NULL on out- + of-bounds access + * BREAKING: `cbor_tag_set_item` now releases the reference to + the previous tagged item + * Previously, replacing the tagged item would leak the old + item's reference. If you were manually releasing the old item + before calling `cbor_tag_set_item`, you should remove the + extra `cbor_decref`. + * Potentially BREAKING: `cbor_tag_item` now returns NULL if the + tag has no item set + * Previously, this would be undefined behavior (NULL pointer + dereference), so no valid clients should be affected. + * Potentially BUILD BREAKING: CPack Debian package architecture + is now detected via `dpkg` instead of being hardcoded to + `amd64` + * BUILD BREAKING: Remove deprecated `CBOR_CUSTOM_ALLOC` CMake + option + * The option has been a no-op since 0.10.0. If your build + passes `-DCBOR_CUSTOM_ALLOC=ON`, remove it. + * Modernize CMake build: use `project(VERSION ...)`, replace + `add_definitions()` with target-scoped + `target_compile_definitions()`, remove redundant + `include_directories()` + * Replace global `CMAKE_C_FLAGS` mutations with target-scoped + `target_compile_options()` via an INTERFACE library, and + simplify LTO configuration + * Fix Windows CI: propagate `_CRT_SECURE_NO_WARNINGS` to + examples/tests, restrict LTO to Release builds, parallelize + Windows CI build + * Add `cbor_map_get` for key-based map lookup with a caller- + supplied equality function + * Signature: `cbor_map_get(map, key, eq)` — pass any equality + predicate, e.g. `cbor_structurally_equal` + * Parameterised equality allows type-specific comparators or + custom data-model semantics without library changes + * See also: #96 + * Add `cbor_structurally_equal` for encoding-level item + comparison + * Compares two items structurally: encoding width, definite-vs- + indefinite length, chunk boundaries, and map entry order all + count + * Runs in O(n) time in the encoded byte size with no additional + allocations + * See also: #96 + * BREAKING: Fix NaN encoding in `cbor_encode_half` to preserve + sign and payload bits + * Previously, all NaN values were encoded as `0x7E00` (positive + quiet NaN, zero payload). Now the sign bit and the top 10 + mantissa bits are preserved in the half-precision encoding. + * `_cbor_decode_half` now reconstructs the NaN bit pattern + faithfully, enabling encode/decode round-trips. Previously it + always returned the C `NAN` constant. + * Very small normal floats that previously rounded to `+0` now + round to `±0` depending on their sign. + * Clients that relied on all NaNs normalising to `0x7E00` will + see different output. See #215. + +------------------------------------------------------------------- Old: ---- v0.13.0.tar.gz New: ---- v0.14.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libcbor.spec ++++++ --- /var/tmp/diff_new_pack.7MCuV6/_old 2026-05-08 16:42:26.553876126 +0200 +++ /var/tmp/diff_new_pack.7MCuV6/_new 2026-05-08 16:42:26.557876293 +0200 @@ -1,7 +1,7 @@ # # spec file for package libcbor # -# Copyright (c) 2025 SUSE LLC and contributors +# Copyright (c) 2026 SUSE LLC and contributors # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ %define socurrent 0 -%define sorevision 13 +%define sorevision 14 %define soage 0 %define lname libcbor%{socurrent}_%{sorevision} %global flavor @BUILD_FLAVOR@%{nil} @@ -38,7 +38,7 @@ %else Name: libcbor %endif -Version: 0.13.0 +Version: 0.14.0 Release: 0 Summary: Library for parsing Concise Binary Object Representation (CBOR) License: MIT ++++++ v0.13.0.tar.gz -> v0.14.0.tar.gz ++++++ ++++ 4065 lines of diff (skipped)
