Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package obs-service-download_url for
openSUSE:Factory checked in at 2024-07-11 20:33:53
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/obs-service-download_url (Old)
and /work/SRC/openSUSE:Factory/.obs-service-download_url.new.17339 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "obs-service-download_url"
Thu Jul 11 20:33:53 2024 rev:8 rq:1186878 version:0.2.1
Changes:
--------
---
/work/SRC/openSUSE:Factory/obs-service-download_url/obs-service-download_url.changes
2023-07-25 11:52:34.697970677 +0200
+++
/work/SRC/openSUSE:Factory/.obs-service-download_url.new.17339/obs-service-download_url.changes
2024-07-11 20:34:34.783916290 +0200
@@ -1,0 +2,6 @@
+Wed Jul 10 15:07:46 UTC 2024 - adr...@suse.de
+
+- Update to version 0.2.1:
+ * fixed argument parsing boo#1227203 CVE-2024-22033
+
+-------------------------------------------------------------------
Old:
----
obs-service-download_url-0.2.0.tar.gz
New:
----
obs-service-download_url-0.2.1.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ obs-service-download_url.spec ++++++
--- /var/tmp/diff_new_pack.PSx57s/_old 2024-07-11 20:34:35.295934803 +0200
+++ /var/tmp/diff_new_pack.PSx57s/_new 2024-07-11 20:34:35.295934803 +0200
@@ -1,7 +1,7 @@
#
# spec file for package obs-service-download_url
#
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -21,7 +21,7 @@
License: GPL-2.0-or-later
Group: Development/Tools/Building
URL: https://github.com/openSUSE/obs-service-download_url
-Version: 0.2.0
+Version: 0.2.1
Release: 0
Source: %name-%version.tar.gz
Requires: wget
++++++ PKGBUILD ++++++
--- /var/tmp/diff_new_pack.PSx57s/_old 2024-07-11 20:34:35.327935960 +0200
+++ /var/tmp/diff_new_pack.PSx57s/_new 2024-07-11 20:34:35.331936104 +0200
@@ -1,6 +1,6 @@
pkgname=obs-service-download_url
-pkgver=0.2.0
-pkgrel=0
+pkgver=0.2.1
+pkgrel=3da8c4cae60a501dff91b30e54ef679f
pkgdesc="An OBS source service: wget download tool"
arch=(any)
license=(GPL-2.0+)
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.PSx57s/_old 2024-07-11 20:34:35.363937262 +0200
+++ /var/tmp/diff_new_pack.PSx57s/_new 2024-07-11 20:34:35.363937262 +0200
@@ -1,6 +1,10 @@
<servicedata>
<service name="tar_scm">
<param
name="url">g...@github.com:openSUSE/obs-service-download_url.git</param>
- <param
name="changesrevision">401d580f04a2fe488f60d6ad61f3754091814b28</param></service></servicedata>
+ <param name="changesrevision">gpg: Signature made Wed 10 Jul
2024 04:54:19 PM CEST
+gpg: using RSA key D50175CE6FE935BBF28602C5918D8C954C08DB67
+gpg: Good signature from "Adrian Schroeter (OBS Project Manager)
<adr...@suse.de>" [ultimate]
+Primary key fingerprint: D501 75CE 6FE9 35BB F286 02C5 918D 8C95 4C08 DB67
+f0a346983ad38b03d6de6056be98febf33385c1a</param></service></servicedata>
(No newline at EOF)
++++++ debian.changelog ++++++
--- /var/tmp/diff_new_pack.PSx57s/_old 2024-07-11 20:34:35.387938129 +0200
+++ /var/tmp/diff_new_pack.PSx57s/_new 2024-07-11 20:34:35.391938274 +0200
@@ -1,4 +1,4 @@
-obs-service-download-url (0.2.0) unstable; urgency=low
+obs-service-download-url (0.2.1) unstable; urgency=low
* fix script permissions.
++++++ debian.dsc ++++++
--- /var/tmp/diff_new_pack.PSx57s/_old 2024-07-11 20:34:35.439940010 +0200
+++ /var/tmp/diff_new_pack.PSx57s/_new 2024-07-11 20:34:35.443940154 +0200
@@ -1,6 +1,6 @@
Format: 1.0
Source: obs-service-download-url
-Version: 0.2.0
+Version: 0.2.1
Binary: obs-service-download-url
Maintainer: Adrian Schroeter <adr...@suse.com>
Architecture: all
++++++ obs-service-download_url-0.2.0.tar.gz ->
obs-service-download_url-0.2.1.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/obs-service-download_url-0.2.0/download_url
new/obs-service-download_url-0.2.1/download_url
--- old/obs-service-download_url-0.2.0/download_url 2023-07-24
08:16:15.000000000 +0200
+++ new/obs-service-download_url-0.2.1/download_url 2024-07-10
16:53:55.000000000 +0200
@@ -75,7 +75,7 @@
shift
;;
*-download-manifest)
- download_manifest=$2
+ download_manifest="${2##*/}"
shift
path=`pwd`
manifest_file="$path/$download_manifest"
@@ -129,9 +129,9 @@
fi
cd "$outdir"
-if [ -z "$url" ];then
-set -- /usr/bin/wget "${args[@]}"
-else
-set -- /usr/bin/wget "${args[@]}" "$url"
+if [ -n "$url" ];then
+ args+=('--')
+ args+=($url)
fi
+set -- /usr/bin/wget "${args[@]}"
exec "$@"
