Hello community, here is the log from the commit of package libsoup for openSUSE:Factory checked in at 2017-08-18 15:00:13 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libsoup (Old) and /work/SRC/openSUSE:Factory/.libsoup.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libsoup" Fri Aug 18 15:00:13 2017 rev:97 rq:516877 version:2.58.2 Changes: -------- --- /work/SRC/openSUSE:Factory/libsoup/libsoup.changes 2017-05-31 12:13:56.309555781 +0200 +++ /work/SRC/openSUSE:Factory/.libsoup.new/libsoup.changes 2017-08-18 15:00:17.568880898 +0200 @@ -1,0 +2,7 @@ +Mon Aug 14 12:22:57 UTC 2017 - zai...@opensuse.org + +- Update to version 2.58.2 (CVE-2017-2885): + + Fixed a chunked decoding buffer overrun that could be exploited + against either clients or servers (bgo#785774, CVE-2017-2885). + +------------------------------------------------------------------- Old: ---- libsoup-2.58.1.tar.xz New: ---- libsoup-2.58.2.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libsoup.spec ++++++ --- /var/tmp/diff_new_pack.8uh5O1/_old 2017-08-18 15:00:20.076527891 +0200 +++ /var/tmp/diff_new_pack.8uh5O1/_new 2017-08-18 15:00:20.080527328 +0200 @@ -20,10 +20,10 @@ Summary: HTTP client/server library for GNOME License: LGPL-2.1+ Group: Development/Libraries/GNOME -Version: 2.58.1 +Version: 2.58.2 Release: 0 Url: http://www.gnome.org -Source: http://download.gnome.org/sources/libsoup/2.58/%{name}-%{version}.tar.xz +Source: https://download.gnome.org/sources/libsoup/2.58/%{name}-%{version}.tar.xz Source99: baselibs.conf BuildRequires: glib-networking BuildRequires: glib2-devel >= 2.38.0 ++++++ libsoup-2.58.1.tar.xz -> libsoup-2.58.2.tar.xz ++++++ ++++ 2675 lines of diff (skipped)