Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package libdwarf for openSUSE:Factory checked in at 2022-07-18 18:34:15 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libdwarf (Old) and /work/SRC/openSUSE:Factory/.libdwarf.new.1523 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libdwarf" Mon Jul 18 18:34:15 2022 rev:26 rq:989491 version:0.4.1 Changes: -------- --- /work/SRC/openSUSE:Factory/libdwarf/libdwarf.changes 2022-06-08 14:25:04.168513408 +0200 +++ /work/SRC/openSUSE:Factory/.libdwarf.new.1523/libdwarf.changes 2022-07-18 18:34:29.233804407 +0200 @@ -1,0 +2,19 @@ +Fri Jul 15 19:11:15 UTC 2022 - Dirk M??ller <dmuel...@suse.com> + +- update to 0.4.1: + * Two places where a carefully corrupted object file + could result in libdwarf crashing a caller due to + referencing memory outside the intended read area + have been fixed (DW202205-001 and DW202206-001). + One related to DW_FORM_ref_sig8, the other to + the .debug_pubnames section. + * The library now accepts DW_AT_entry_pc in a CU DIE as a base address + when DW_AT_low_pc is missing (an extension used by + a current compiler). + * Added function dwarf_suppress_debuglink_crc() to allow + callers to turn off doing a CRC calculation + reading GNU debuglink data (saves time for library + users accessing near-identical builds). +- drop fix-CVE-2022-32200.patch (upstream) + +------------------------------------------------------------------- Old: ---- fix-CVE-2022-32200.patch libdwarf-0.4.0.tar.xz New: ---- libdwarf-0.4.1.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libdwarf.spec ++++++ --- /var/tmp/diff_new_pack.BWOdBq/_old 2022-07-18 18:34:29.837805265 +0200 +++ /var/tmp/diff_new_pack.BWOdBq/_new 2022-07-18 18:34:29.841805271 +0200 @@ -17,14 +17,13 @@ Name: libdwarf -Version: 0.4.0 +Version: 0.4.1 Release: 0 Summary: Access DWARF debugging information License: GPL-2.0-or-later AND LGPL-2.1-or-later Group: Development/Libraries/C and C++ URL: https://prevanders.net/dwarf.html Source: https://github.com/davea42/libdwarf-code/releases/download/v%{version}/libdwarf-%{version}.tar.xz -Patch1: https://github.com/davea42/libdwarf-code/commit/8151575a6ace77d005ca5bb5d71c1bfdba3f7069.patch#/fix-CVE-2022-32200.patch BuildRequires: binutils-devel BuildRequires: libelf-devel ++++++ libdwarf-0.4.0.tar.xz -> libdwarf-0.4.1.tar.xz ++++++ ++++ 11091 lines of diff (skipped)
