commit perl-Git-Repository for openSUSE:Factory

Sat, 03 Dec 2022 03:48:49 -0800 

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package perl-Git-Repository for 
openSUSE:Factory checked in at 2022-12-03 12:48:34
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/perl-Git-Repository (Old)
 and      /work/SRC/openSUSE:Factory/.perl-Git-Repository.new.1835 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "perl-Git-Repository"

Sat Dec  3 12:48:34 2022 rev:4 rq:1039783 version:1.325

Changes:
--------
--- /work/SRC/openSUSE:Factory/perl-Git-Repository/perl-Git-Repository.changes  
2021-06-02 22:12:38.484093579 +0200
+++ 
/work/SRC/openSUSE:Factory/.perl-Git-Repository.new.1835/perl-Git-Repository.changes
        2022-12-03 12:48:37.434150342 +0100
@@ -1,0 +2,6 @@
+Sat Dec  3 11:00:22 UTC 2022 - Stephan Kulow <co...@suse.com>
+
+- Add fix from https://github.com/book/Git-Repository/pull/22 to work
+  around git 2.38.1's new default behaviour (22.patch)
+
+-------------------------------------------------------------------

New:
----
  22.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ perl-Git-Repository.spec ++++++
--- /var/tmp/diff_new_pack.JKTV8B/_old  2022-12-03 12:48:38.962158877 +0100
+++ /var/tmp/diff_new_pack.JKTV8B/_new  2022-12-03 12:48:38.966158900 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package perl-Git-Repository
 #
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -20,13 +20,15 @@
 Name:           perl-Git-Repository
 Version:        1.325
 Release:        0
-Summary:        Perl interface to Git repositories
 License:        Artistic-1.0 OR GPL-1.0-or-later
+Summary:        Perl interface to Git repositories
 URL:            https://metacpan.org/release/%{cpan_name}
 Source0:        
https://cpan.metacpan.org/authors/id/B/BO/BOOK/%{cpan_name}-%{version}.tar.gz
 Source1:        cpanspec.yml
+# PATCH-FIX-UPSTREAM https://github.com/book/Git-Repository/pull/22
+Patch0:         
https://patch-diff.githubusercontent.com/raw/book/Git-Repository/pull/22.patch
 # PATCH-FIX-UPSTREAM 
https://rt.cpan.org/Public/Ticket/Attachment/1923740/1029935
-Patch0:         
https://salsa.debian.org/perl-team/modules/packages/libgit-repository-perl/-/raw/c5e0eca06ca27fdaa547634b1e49f4637e7c1ca6/debian/patches/git-2.30.0.patch
+Patch1:         
https://salsa.debian.org/perl-team/modules/packages/libgit-repository-perl/-/raw/c5e0eca06ca27fdaa547634b1e49f4637e7c1ca6/debian/patches/git-2.30.0.patch
 BuildArch:      noarch
 BuildRequires:  perl
 BuildRequires:  perl-macros

++++++ 22.patch ++++++
>From 4dc8dedb97891f37b9da2220e5740c65685b0906 Mon Sep 17 00:00:00 2001
From: Jan Pazdziora <jpazdzi...@redhat.com>
Date: Mon, 31 Oct 2022 17:26:00 +0100
Subject: [PATCH] Workaround change of behaviour in git 2.38.1 for
 CVE-2022-39253.

By default, protocol.file.allow now defaults to user, preventing
clones with symlinks.

https://github.blog/2022-10-18-git-security-vulnerabilities-announced/#cve-2022-39253
---
 t/21-submodule.t | 1 +
 1 file changed, 1 insertion(+)

diff --git a/t/21-submodule.t b/t/21-submodule.t
index 444029c..97374f8 100644
--- a/t/21-submodule.t
+++ b/t/21-submodule.t
@@ -44,6 +44,7 @@ $s->run( checkout => 'master', { quiet => 1 } );
 # now test adding a submodule
 my $r = test_repository(@init);
 $r->run(
+    ( Git::Repository->version_ge('2.38.1') ? ('-c', 
'protocol.file.allow=always') : ()),
     submodule => add => $s->work_tree => 'sub',
     { env => { GIT_WORK_TREE => undef } }
 );

++++++ cpanspec.yml ++++++
--- /var/tmp/diff_new_pack.JKTV8B/_old  2022-12-03 12:48:39.018159190 +0100
+++ /var/tmp/diff_new_pack.JKTV8B/_new  2022-12-03 12:48:39.022159213 +0100
@@ -6,6 +6,7 @@
 #  - source2
 patches:
   
https://salsa.debian.org/perl-team/modules/packages/libgit-repository-perl/-/raw/c5e0eca06ca27fdaa547634b1e49f4637e7c1ca6/debian/patches/git-2.30.0.patch:
 -p1 PATCH-FIX-UPSTREAM 
https://rt.cpan.org/Public/Ticket/Attachment/1923740/1029935
+  
https://patch-diff.githubusercontent.com/raw/book/Git-Repository/pull/22.patch: 
-p1 PATCH-FIX-UPSTREAM https://github.com/book/Git-Repository/pull/22
 preamble: |-
  BuildRequires:  git-core
 #post_prep: |-

Reply via email to