commit indent for openSUSE:Factory

Wed, 23 Aug 2023 05:59:13 -0700 

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package indent for openSUSE:Factory checked 
in at 2023-08-23 14:57:54
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/indent (Old)
 and      /work/SRC/openSUSE:Factory/.indent.new.1766 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "indent"

Wed Aug 23 14:57:54 2023 rev:24 rq:1105231 version:2.2.13

Changes:
--------
--- /work/SRC/openSUSE:Factory/indent/indent.changes    2023-03-25 
18:56:30.315024260 +0100
+++ /work/SRC/openSUSE:Factory/.indent.new.1766/indent.changes  2023-08-23 
14:59:05.990149501 +0200
@@ -1,0 +2,7 @@
+Mon Aug 21 15:53:01 UTC 2023 - Antonio Teixeira <antonio.teixe...@suse.com>
+
+- Fix memory safety issues, bsc#1214243, CVE-2023-40305:
+  * fix-out-of-buffer-read-CVE-2023-40305.patch
+  * fix-heap-buffer-overwrite-search_brace-CVE-2023-40305.patch 
+
+-------------------------------------------------------------------

New:
----
  fix-heap-buffer-overwrite-search_brace-CVE-2023-40305.patch
  fix-out-of-buffer-read-CVE-2023-40305.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ indent.spec ++++++
--- /var/tmp/diff_new_pack.YxaIyu/_old  2023-08-23 14:59:06.750150860 +0200
+++ /var/tmp/diff_new_pack.YxaIyu/_new  2023-08-23 14:59:06.754150867 +0200
@@ -26,6 +26,9 @@
 Source0:        ftp://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.xz
 Source1:        ftp://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.xz.sig
 Source2:        
https://savannah.gnu.org/people/viewgpg.php?user_id=94096#/%{name}.keyring
+# PATCH-FIX-SECURITY fix-out-of-buffer-read-CVE-2023-40305.patch 
fix-heap-buffer-overwrite-search_brace-CVE-2023-40305 bsc#1214243 
CVE-2023-40305 antonio.teixe...@suse.com -- indent: heap-based buffer overflow 
in search_brace() in indent.c via a crafted file
+Patch0:         fix-out-of-buffer-read-CVE-2023-40305.patch
+Patch1:         fix-heap-buffer-overwrite-search_brace-CVE-2023-40305.patch
 BuildRequires:  makeinfo
 BuildRequires:  texi2html
 
@@ -38,7 +41,7 @@
 %lang_package
 
 %prep
-%autosetup
+%autosetup -p1
 
 %build
 %configure \

++++++ fix-heap-buffer-overwrite-search_brace-CVE-2023-40305.patch ++++++
++++ 4250 lines (skipped)

++++++ fix-out-of-buffer-read-CVE-2023-40305.patch ++++++
++++ 4192 lines (skipped)

Reply via email to