Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package mbedtls for openSUSE:Factory checked
in at 2024-01-31 23:54:49
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/mbedtls (Old)
and /work/SRC/openSUSE:Factory/.mbedtls.new.1815 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "mbedtls"
Wed Jan 31 23:54:49 2024 rev:44 rq:1142919 version:3.5.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/mbedtls/mbedtls.changes 2024-01-23
22:57:34.927569557 +0100
+++ /work/SRC/openSUSE:Factory/.mbedtls.new.1815/mbedtls.changes
2024-01-31 23:55:08.460000544 +0100
@@ -1,0 +2,28 @@
+Wed Jan 31 08:11:12 UTC 2024 - Martin Pluskal <mplus...@suse.com>
+
+- Update to version 3.5.2:
+ * Update BRANCHES.md
+ * Bump version
+ * Assemble Changelog
+ * Update Marvin fix Changelog entry
+ * Add warning for PKCS 1.5 decryption
+ * Fix typo
+ * RSA: improve readability
+ * RSA: remove unneeded temporaries
+ * RSA: document Montgomery trick in unblind
+ * Fix style
+ * Make local function static
+ * Add Changelog for the Marvin attack fix
+ * Extend blinding to RSA result check
+ * Make RSA unblinding constant flow
+ * Add Changelog for #8687
+ * Add required dependency to the testcase
+ * Remove unneeded testcase
+ * Update test-data to use SIZE_MAX
+ * Add missing newline at the end of test_suite_x509write.data
+ * Update fix to be more platform-independent
+ * Fix Issue #8687
+ * Add tests for Issue #8687
+- Resolves CVE-2024-23170 boo#1219336
+
+-------------------------------------------------------------------
Old:
----
mbedtls-3.5.1.obscpio
New:
----
mbedtls-3.5.2.obscpio
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ mbedtls.spec ++++++
--- /var/tmp/diff_new_pack.DaHcUq/_old 2024-01-31 23:55:09.492037786 +0100
+++ /var/tmp/diff_new_pack.DaHcUq/_new 2024-01-31 23:55:09.492037786 +0100
@@ -1,7 +1,7 @@
#
# spec file for package mbedtls
#
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -22,7 +22,7 @@
%define lib_everest libeverest
%define lib_p256m libp256m
Name: mbedtls
-Version: 3.5.1
+Version: 3.5.2
Release: 0
Summary: Libraries for crypto and SSL/TLS protocols
License: Apache-2.0 OR GPL-2.0-or-later
@@ -87,10 +87,10 @@
%package devel
Summary: Development files for mbedtls, a SSL/TLS library
Requires: %{lib_crypto} = %{version}
-Requires: %{lib_tls} = %{version}
-Requires: %{lib_x509} = %{version}
Requires: %{lib_everest} = %{version}
Requires: %{lib_p256m} = %{version}
+Requires: %{lib_tls} = %{version}
+Requires: %{lib_x509} = %{version}
%description devel
This subpackage contains the development files for mbedtls,
++++++ _service ++++++
--- /var/tmp/diff_new_pack.DaHcUq/_old 2024-01-31 23:55:09.520038797 +0100
+++ /var/tmp/diff_new_pack.DaHcUq/_new 2024-01-31 23:55:09.520038797 +0100
@@ -1,11 +1,11 @@
<services>
<service name="obs_scm" mode="manual">
- <param name="versionformat">3.5.1</param>
+ <param name="versionformat">3.5.2</param>
<param name="url">https://github.com/Mbed-TLS/mbedtls.git</param>
<param name="scm">git</param>
<param name="changesgenerate">enable</param>
<param name="exclude">.*</param>
- <param name="revision">refs/tags/v3.5.1</param>
+ <param name="revision">refs/tags/v3.5.2</param>
</service>
<service name="tar" mode="buildtime"/>
<service name="recompress" mode="buildtime">
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.DaHcUq/_old 2024-01-31 23:55:09.540039519 +0100
+++ /var/tmp/diff_new_pack.DaHcUq/_new 2024-01-31 23:55:09.544039663 +0100
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://github.com/Mbed-TLS/mbedtls.git</param>
- <param
name="changesrevision">edb8fec9882084344a314368ac7fd957a187519c</param></service></servicedata>
+ <param
name="changesrevision">daca7a3979c22da155ec9dce49ab1abf3b65d3a9</param></service></servicedata>
(No newline at EOF)
++++++ mbedtls-3.5.1.obscpio -> mbedtls-3.5.2.obscpio ++++++
/work/SRC/openSUSE:Factory/mbedtls/mbedtls-3.5.1.obscpio
/work/SRC/openSUSE:Factory/.mbedtls.new.1815/mbedtls-3.5.2.obscpio differ: char
49, line 1
++++++ mbedtls.obsinfo ++++++
--- /var/tmp/diff_new_pack.DaHcUq/_old 2024-01-31 23:55:09.592041395 +0100
+++ /var/tmp/diff_new_pack.DaHcUq/_new 2024-01-31 23:55:09.592041395 +0100
@@ -1,5 +1,5 @@
name: mbedtls
-version: 3.5.1
-mtime: 1699443360
-commit: edb8fec9882084344a314368ac7fd957a187519c
+version: 3.5.2
+mtime: 1706089751
+commit: daca7a3979c22da155ec9dce49ab1abf3b65d3a9
