Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package perl-Git-Repository for openSUSE:Factory checked in at 2022-12-03 12:48:34 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/perl-Git-Repository (Old) and /work/SRC/openSUSE:Factory/.perl-Git-Repository.new.1835 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "perl-Git-Repository" Sat Dec 3 12:48:34 2022 rev:4 rq:1039783 version:1.325 Changes: -------- --- /work/SRC/openSUSE:Factory/perl-Git-Repository/perl-Git-Repository.changes 2021-06-02 22:12:38.484093579 +0200 +++ /work/SRC/openSUSE:Factory/.perl-Git-Repository.new.1835/perl-Git-Repository.changes 2022-12-03 12:48:37.434150342 +0100 @@ -1,0 +2,6 @@ +Sat Dec 3 11:00:22 UTC 2022 - Stephan Kulow <co...@suse.com> + +- Add fix from https://github.com/book/Git-Repository/pull/22 to work + around git 2.38.1's new default behaviour (22.patch) + +------------------------------------------------------------------- New: ---- 22.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ perl-Git-Repository.spec ++++++ --- /var/tmp/diff_new_pack.JKTV8B/_old 2022-12-03 12:48:38.962158877 +0100 +++ /var/tmp/diff_new_pack.JKTV8B/_new 2022-12-03 12:48:38.966158900 +0100 @@ -1,7 +1,7 @@ # # spec file for package perl-Git-Repository # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -20,13 +20,15 @@ Name: perl-Git-Repository Version: 1.325 Release: 0 -Summary: Perl interface to Git repositories License: Artistic-1.0 OR GPL-1.0-or-later +Summary: Perl interface to Git repositories URL: https://metacpan.org/release/%{cpan_name} Source0: https://cpan.metacpan.org/authors/id/B/BO/BOOK/%{cpan_name}-%{version}.tar.gz Source1: cpanspec.yml +# PATCH-FIX-UPSTREAM https://github.com/book/Git-Repository/pull/22 +Patch0: https://patch-diff.githubusercontent.com/raw/book/Git-Repository/pull/22.patch # PATCH-FIX-UPSTREAM https://rt.cpan.org/Public/Ticket/Attachment/1923740/1029935 -Patch0: https://salsa.debian.org/perl-team/modules/packages/libgit-repository-perl/-/raw/c5e0eca06ca27fdaa547634b1e49f4637e7c1ca6/debian/patches/git-2.30.0.patch +Patch1: https://salsa.debian.org/perl-team/modules/packages/libgit-repository-perl/-/raw/c5e0eca06ca27fdaa547634b1e49f4637e7c1ca6/debian/patches/git-2.30.0.patch BuildArch: noarch BuildRequires: perl BuildRequires: perl-macros ++++++ 22.patch ++++++ >From 4dc8dedb97891f37b9da2220e5740c65685b0906 Mon Sep 17 00:00:00 2001 From: Jan Pazdziora <jpazdzi...@redhat.com> Date: Mon, 31 Oct 2022 17:26:00 +0100 Subject: [PATCH] Workaround change of behaviour in git 2.38.1 for CVE-2022-39253. By default, protocol.file.allow now defaults to user, preventing clones with symlinks. https://github.blog/2022-10-18-git-security-vulnerabilities-announced/#cve-2022-39253 --- t/21-submodule.t | 1 + 1 file changed, 1 insertion(+) diff --git a/t/21-submodule.t b/t/21-submodule.t index 444029c..97374f8 100644 --- a/t/21-submodule.t +++ b/t/21-submodule.t @@ -44,6 +44,7 @@ $s->run( checkout => 'master', { quiet => 1 } ); # now test adding a submodule my $r = test_repository(@init); $r->run( + ( Git::Repository->version_ge('2.38.1') ? ('-c', 'protocol.file.allow=always') : ()), submodule => add => $s->work_tree => 'sub', { env => { GIT_WORK_TREE => undef } } ); ++++++ cpanspec.yml ++++++ --- /var/tmp/diff_new_pack.JKTV8B/_old 2022-12-03 12:48:39.018159190 +0100 +++ /var/tmp/diff_new_pack.JKTV8B/_new 2022-12-03 12:48:39.022159213 +0100 @@ -6,6 +6,7 @@ # - source2 patches: https://salsa.debian.org/perl-team/modules/packages/libgit-repository-perl/-/raw/c5e0eca06ca27fdaa547634b1e49f4637e7c1ca6/debian/patches/git-2.30.0.patch: -p1 PATCH-FIX-UPSTREAM https://rt.cpan.org/Public/Ticket/Attachment/1923740/1029935 + https://patch-diff.githubusercontent.com/raw/book/Git-Repository/pull/22.patch: -p1 PATCH-FIX-UPSTREAM https://github.com/book/Git-Repository/pull/22 preamble: |- BuildRequires: git-core #post_prep: |-