Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package apr-util for openSUSE:Factory
checked in at 2023-02-04 14:11:08
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/apr-util (Old)
and /work/SRC/openSUSE:Factory/.apr-util.new.4462 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "apr-util"
Sat Feb 4 14:11:08 2023 rev:13 rq:1062991 version:1.6.3
Changes:
--------
--- /work/SRC/openSUSE:Factory/apr-util/apr-util.changes 2021-12-23
17:53:39.827715930 +0100
+++ /work/SRC/openSUSE:Factory/.apr-util.new.4462/apr-util.changes
2023-02-04 14:11:50.800371712 +0100
@@ -1,0 +2,12 @@
+Thu Feb 2 19:38:22 UTC 2023 - Andreas Stieger <andreas.stie...@gmx.de>
+
+- update to 1.6.3
+ * CVE-2022-25147: Integer Overflow or Wraparound vulnerability in
+ apr_base64 function allows an attacker to write beyond bounds
+ of a buffer (boo#1207866)
+ * build system updates
+- drop patches now included upstream:
+ * apr-util-apr_dbm_gdbm-fix-handling-of-error-codes.patch
+ * apr-util-mariadb-10.2.patch
+
+-------------------------------------------------------------------
Old:
----
apr-util-1.6.1.tar.bz2
apr-util-1.6.1.tar.bz2.asc
apr-util-apr_dbm_gdbm-fix-handling-of-error-codes.patch
apr-util-mariadb-10.2.patch
New:
----
apr-util-1.6.3.tar.bz2
apr-util-1.6.3.tar.bz2.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ apr-util.spec ++++++
--- /var/tmp/diff_new_pack.KNFu85/_old 2023-02-04 14:11:51.264374222 +0100
+++ /var/tmp/diff_new_pack.KNFu85/_new 2023-02-04 14:11:51.268374244 +0100
@@ -1,7 +1,7 @@
#
# spec file for package apr-util
#
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -21,7 +21,7 @@
%define dso_libdir %{_libdir}/apr-util-%{apuver}
%define includedir %{_includedir}/apr-%{apuver}
Name: apr-util
-Version: 1.6.1
+Version: 1.6.3
Release: 0
Summary: Apache Portable Runtime (APR) Utility Library
License: Apache-2.0
@@ -29,15 +29,11 @@
URL: https://apr.apache.org/
Source: http://www.apache.org/dist/apr/apr-util-%{version}.tar.bz2
Source2: http://www.apache.org/dist/apr/apr-util-%{version}.tar.bz2.asc
-Source3: %{name}.keyring
+Source3: https://downloads.apache.org/apr/KEYS#/%{name}.keyring
Patch1: apr-util-1.4.1-testmemcache-initialize-values-array.patch
Patch2: apr-util-visibility.patch
-# PATCH-FIX-OPENSUSE apr-util-mariadb-10.2.patch dims...@opensuse.org -- Fix
build with mariadb 10.2
-Patch3: apr-util-mariadb-10.2.patch
# PATCH-FIX-OPENSUSE apr-util-postgresql.patch m...@suse.com -- Fix build with
PostgreSQL 11
Patch4: apr-util-postgresql.patch
-# https://svn.apache.org/viewvc?view=revision&revision=1825312
-Patch5: apr-util-apr_dbm_gdbm-fix-handling-of-error-codes.patch
BuildRequires: apr-devel
BuildRequires: autoconf
BuildRequires: doxygen
@@ -112,12 +108,7 @@
DBD driver for SQLite 3 database.
%prep
-%setup -q
-%patch1 -p1
-%patch2 -p1
-%patch3 -p1
-%patch4 -p1
-%patch5 -p1
+%autosetup -p1
%build
echo 'HTML_TIMESTAMP=NO' >> docs/doxygen.conf
++++++ apr-util-1.6.1.tar.bz2 -> apr-util-1.6.3.tar.bz2 ++++++
++++ 28943 lines of diff (skipped)
++++++ apr-util.keyring ++++++
++++ 7478 lines (skipped)
++++ between /work/SRC/openSUSE:Factory/apr-util/apr-util.keyring
++++ and /work/SRC/openSUSE:Factory/.apr-util.new.4462/apr-util.keyring
