Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package libxcrypt for openSUSE:Factory checked in at 2021-08-25 20:55:53 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libxcrypt (Old) and /work/SRC/openSUSE:Factory/.libxcrypt.new.1899 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libxcrypt" Wed Aug 25 20:55:53 2021 rev:12 rq:912878 version:4.4.25 Changes: -------- --- /work/SRC/openSUSE:Factory/libxcrypt/libxcrypt.changes 2021-07-21 19:05:24.807190710 +0200 +++ /work/SRC/openSUSE:Factory/.libxcrypt.new.1899/libxcrypt.changes 2021-08-25 20:55:56.277340020 +0200 @@ -1,0 +2,13 @@ +Wed Aug 18 10:22:27 UTC 2021 - Andreas Schwab <sch...@suse.de> + +- Update to 4.4.25 + * Fix several issues found by Covscan in the testsuite. These include: + - CWE-170: String not null terminated (STRING_NULL) + - CWE-188: Reliance on integer endianness (INCOMPATIBLE_CAST) + - CWE-190: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN) + - CWE-569: Wrong sizeof argument (SIZEOF_MISMATCH) + - CWE-573: Missing varargs init or cleanup (VARARGS) + - CWE-687: Argument cannot be negative (NEGATIVE_RETURNS) + * Stricter checking of invalid salt characters (issue #135). + +------------------------------------------------------------------- Old: ---- libxcrypt-4.4.23.tar.gz New: ---- libxcrypt-4.4.25.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libxcrypt.spec ++++++ --- /var/tmp/diff_new_pack.te0H9z/_old 2021-08-25 20:55:56.993339081 +0200 +++ /var/tmp/diff_new_pack.te0H9z/_new 2021-08-25 20:55:56.997339075 +0200 @@ -17,7 +17,7 @@ Name: libxcrypt -Version: 4.4.23 +Version: 4.4.25 Release: 0 Summary: Extended crypt library for DES, MD5, Blowfish and others License: BSD-2-Clause AND GPL-3.0-or-later AND LGPL-2.1-or-later AND BSD-3-Clause AND SUSE-Public-Domain ++++++ libxcrypt-4.4.23.tar.gz -> libxcrypt-4.4.25.tar.gz ++++++ ++++ 5325 lines of diff (skipped)