Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package iperf for openSUSE:Factory checked in at 2024-05-15 21:28:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/iperf (Old) and /work/SRC/openSUSE:Factory/.iperf.new.1880 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "iperf" Wed May 15 21:28:55 2024 rev:38 rq:1174204 version:3.17.1 Changes: -------- --- /work/SRC/openSUSE:Factory/iperf/iperf.changes 2023-12-28 23:03:26.830792587 +0100 +++ /work/SRC/openSUSE:Factory/.iperf.new.1880/iperf.changes 2024-05-15 21:29:17.203433918 +0200 @@ -1,0 +2,29 @@ +Wed May 15 10:53:18 UTC 2024 - Dirk Müller <dmuel...@suse.com> + +- update to 3.17.1 (bsc#1224262, CVE-2024-26306): + * BREAKING CHANGE: iperf3's authentication features, when used + with OpenSSL prior to 3.2.0, contain a vulnerability to a + side-channel timing attack. To address this flaw, a change + has been made to the padding applied to encrypted strings. + This change is not backwards compatible with older versions of + iperf3 (before 3.17). To restore + the older (vulnerable) behavior, and hence + backwards-compatibility, use the --use-pkcs1-padding flag. The + iperf3 team thanks Hubert Kario from RedHat for reporting this + issue and providing feedback on the fix. (CVE-2024-26306)(PR#1695) + * iperf3 no longer changes its current working directory in --daemon + mode. This results in more predictable behavior with relative + paths, in particular finding key and credential files for + authentication. (PR#1672) + * A new --json-stream option has been added to enable a streaming + output format, consisting of a series of JSON objects (for the + start of the test, each measurement interval, and the end of the + test) separated by newlines (#444, #923, #1098). + * UDP tests now work correctly between different endian hosts + * The --fq-rate parameter now works for --reverse tests + * The statistics reporting interval is now available in the --json + start test object (#1663). + * A negative time test duration is now properly flagged as an error + (IS#1662 / PR#1666). + +------------------------------------------------------------------- Old: ---- iperf-3.16.tar.gz iperf-3.16.tar.gz.sha256 New: ---- iperf-3.17.1.tar.gz iperf-3.17.1.tar.gz.sha256 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ iperf.spec ++++++ --- /var/tmp/diff_new_pack.Qd3ojl/_old 2024-05-15 21:29:17.723452739 +0200 +++ /var/tmp/diff_new_pack.Qd3ojl/_new 2024-05-15 21:29:17.723452739 +0200 @@ -1,7 +1,7 @@ # # spec file for package iperf # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %define soname 0 Name: iperf -Version: 3.16 +Version: 3.17.1 Release: 0 Summary: A tool to measure network performance License: BSD-3-Clause ++++++ iperf-3.16.tar.gz -> iperf-3.17.1.tar.gz ++++++ ++++ 8003 lines of diff (skipped) ++++++ iperf-3.16.tar.gz.sha256 -> iperf-3.17.1.tar.gz.sha256 ++++++ --- /work/SRC/openSUSE:Factory/iperf/iperf-3.16.tar.gz.sha256 2023-12-28 23:03:26.762790102 +0100 +++ /work/SRC/openSUSE:Factory/.iperf.new.1880/iperf-3.17.1.tar.gz.sha256 2024-05-15 21:29:17.171432759 +0200 @@ -1 +1 @@ -cc740c6bbea104398cc3e466befc515a25896ec85e44a662d5f4a767b9cf713e iperf-3.16.tar.gz +84404ca8431b595e86c473d8f23d8bb102810001f15feaf610effd3b318788aa iperf-3.17.1.tar.gz
