commit yast2-core for openSUSE:Factory

h_root Thu, 18 Aug 2011 05:24:10 -0700

Hello community,

here is the log from the commit of package yast2-core for openSUSE:Factory
checked in at Thu Aug 18 14:24:04 CEST 2011.




--------
--- yast2-core/yast2-core.changes       2011-08-05 16:53:44.000000000 +0200
+++ /mounts/work_src_done/STABLE/yast2-core/yast2-core.changes  2011-08-18 
13:16:58.000000000 +0200
@@ -1,0 +2,7 @@
+Thu Aug 18 12:40:23 CEST 2011 - mvid...@suse.cz
+
+- change blowfish id from 2a to 2y (bnc#700876 bnc#706705 CVE-2011-2483)
+  (thanks to Ludwig Nussel)
+- 2.21.6
+
+-------------------------------------------------------------------

calling whatdependson for head-i586


Old:
----
  yast2-core-2.21.5.tar.bz2

New:
----
  yast2-core-2.21.6.tar.bz2

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ yast2-core.spec ++++++
--- /var/tmp/diff_new_pack.u0MKKD/_old  2011-08-18 14:22:49.000000000 +0200
+++ /var/tmp/diff_new_pack.u0MKKD/_new  2011-08-18 14:22:49.000000000 +0200
@@ -19,11 +19,11 @@
 
 
 Name:           yast2-core
-Version:        2.21.5
+Version:        2.21.6
 Release:        1
 
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
-Source0:        yast2-core-2.21.5.tar.bz2
+Source0:        yast2-core-2.21.6.tar.bz2
 
 Prefix:         /usr
 
@@ -86,7 +86,7 @@
 YCP debugger client.
 
 %prep
-%setup -n yast2-core-2.21.5
+%setup -n yast2-core-2.21.6
 
 %build
 

++++++ yast2-core-2.21.5.tar.bz2 -> yast2-core-2.21.6.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/yast2-core-2.21.5/VERSION 
new/yast2-core-2.21.6/VERSION
--- old/yast2-core-2.21.5/VERSION       2011-08-05 16:45:50.000000000 +0200
+++ new/yast2-core-2.21.6/VERSION       2011-08-18 13:09:16.000000000 +0200
@@ -1 +1 @@
-2.21.5
+2.21.6
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/yast2-core-2.21.5/configure 
new/yast2-core-2.21.6/configure
--- old/yast2-core-2.21.5/configure     2011-08-05 16:46:02.000000000 +0200
+++ new/yast2-core-2.21.6/configure     2011-08-18 13:09:28.000000000 +0200
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.68 for yast2-core 2.21.5.
+# Generated by GNU Autoconf 2.68 for yast2-core 2.21.6.
 #
 # Report bugs to <http://bugs.opensuse.org/>.
 #
@@ -570,8 +570,8 @@
 # Identity of this package.
 PACKAGE_NAME='yast2-core'
 PACKAGE_TARNAME='yast2-core'
-PACKAGE_VERSION='2.21.5'
-PACKAGE_STRING='yast2-core 2.21.5'
+PACKAGE_VERSION='2.21.6'
+PACKAGE_STRING='yast2-core 2.21.6'
 PACKAGE_BUGREPORT='http://bugs.opensuse.org/'
 PACKAGE_URL=''
 
@@ -1371,7 +1371,7 @@
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures yast2-core 2.21.5 to adapt to many kinds of systems.
+\`configure' configures yast2-core 2.21.6 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1442,7 +1442,7 @@
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of yast2-core 2.21.5:";;
+     short | recursive ) echo "Configuration of yast2-core 2.21.6:";;
    esac
   cat <<\_ACEOF
 
@@ -1559,7 +1559,7 @@
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-yast2-core configure 2.21.5
+yast2-core configure 2.21.6
 generated by GNU Autoconf 2.68
 
 Copyright (C) 2010 Free Software Foundation, Inc.
@@ -2103,7 +2103,7 @@
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by yast2-core $as_me 2.21.5, which was
+It was created by yast2-core $as_me 2.21.6, which was
 generated by GNU Autoconf 2.68.  Invocation command line was
 
   $ $0 $@
@@ -3033,7 +3033,7 @@
 
 # Define the identity of the package.
  PACKAGE='yast2-core'
- VERSION='2.21.5'
+ VERSION='2.21.6'
 
 
 cat >>confdefs.h <<_ACEOF
@@ -3155,7 +3155,7 @@
 
 
 
-VERSION="2.21.5"
+VERSION="2.21.6"
 RPMNAME="yast2-core"
 MAINTAINER="Martin Vidner <mvid...@suse.cz>"
 
@@ -18429,7 +18429,7 @@
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by yast2-core $as_me 2.21.5, which was
+This file was extended by yast2-core $as_me 2.21.6, which was
 generated by GNU Autoconf 2.68.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -18495,7 +18495,7 @@
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; 
s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-yast2-core config.status 2.21.5
+yast2-core config.status 2.21.6
 configured by $0, generated by GNU Autoconf 2.68,
   with options \\"\$ac_cs_config\\"
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/yast2-core-2.21.5/configure.in 
new/yast2-core-2.21.6/configure.in
--- old/yast2-core-2.21.5/configure.in  2011-08-05 16:45:51.000000000 +0200
+++ new/yast2-core-2.21.6/configure.in  2011-08-18 13:09:17.000000000 +0200
@@ -3,7 +3,7 @@
 dnl -- This file is generated by y2autoconf 2.18.11 - DO NOT EDIT! --
 dnl    (edit configure.in.in instead)
 
-AC_INIT(yast2-core, 2.21.5, http://bugs.opensuse.org/, yast2-core)
+AC_INIT(yast2-core, 2.21.6, http://bugs.opensuse.org/, yast2-core)
 dnl Check for presence of file 'RPMNAME'
 AC_CONFIG_SRCDIR([RPMNAME])
 
@@ -18,7 +18,7 @@
 AM_INIT_AUTOMAKE(tar-ustar -Wno-portability)
 
 dnl Important YaST2 variables
-VERSION="2.21.5"
+VERSION="2.21.6"
 RPMNAME="yast2-core"
 MAINTAINER="Martin Vidner <mvid...@suse.cz>"
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/yast2-core-2.21.5/libycp/src/y2crypt.cc 
new/yast2-core-2.21.6/libycp/src/y2crypt.cc
--- old/yast2-core-2.21.5/libycp/src/y2crypt.cc 2011-08-05 16:45:41.000000000 
+0200
+++ new/yast2-core-2.21.6/libycp/src/y2crypt.cc 2011-08-18 13:09:12.000000000 
+0200
@@ -141,7 +141,7 @@
            break;
 
        case BLOWFISH:
-           salt = make_crypt_salt ("$2a$", 0);
+           salt = make_crypt_salt ("$2y$", 0);
            if (!salt)
            {
                y2error ("Cannot create salt for blowfish crypt");
@@ -178,7 +178,9 @@
            return false;
     }
 
-    if (!newencrypted)
+    if (!newencrypted
+    /* catch retval magic by ow-crypt/libxcrypt */
+    || !strcmp(newencrypted, "*0") || !strcmp(newencrypted, "*1"))
     {
        y2error ("crypt_r () returns 0 pointer");
        return false;


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Remember to have fun...

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit yast2-core for openSUSE:Factory

Reply via email to