Hello community, here is the log from the commit of package rubygem-nokogiri-1_6 for openSUSE:Factory checked in at 2017-02-19 01:01:14 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rubygem-nokogiri-1_6 (Old) and /work/SRC/openSUSE:Factory/.rubygem-nokogiri-1_6.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-nokogiri-1_6" Changes: -------- New Changes file: --- /dev/null 2017-01-26 09:49:33.150892021 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-nokogiri-1_6.new/rubygem-nokogiri-1_6.changes 2017-02-19 01:01:15.821630076 +0100 @@ -0,0 +1,834 @@ +------------------------------------------------------------------- +Tue Oct 4 04:59:00 UTC 2016 - co...@suse.com + +- updated to version 1.6.8.1 + see installed CHANGELOG.rdoc + +------------------------------------------------------------------- +Tue Jun 7 04:31:57 UTC 2016 - co...@suse.com + +- updated to version 1.6.8 + + ==== Features + + Several changes were made to improve performance: + + * [MRI] Simplify NodeSet#to_a with a minor speed-up. (#1397) + * XML::Node#ancestors optimization. (#1297) (Thanks, Bruno Sutic!) + * Use Symbol#to_proc where we weren't previously. (#1296) (Thanks, Bruno Sutic!) + * XML::DTD#each uses implicit block calls. (Thanks, @glaucocustodio!) + * Fall back to the `pkg-config` gem if we're having trouble finding the system libxml2. This should help many FreeBSD users. (#1417) + * Set document encoding appropriately even on blank document. (#1043) (Thanks, @batter!) + + ==== Bug Fixes + + * [JRuby] fix slow add_child (#692) + * [JRuby] fix load errors when deploying to JRuby/Torquebox (#1114) (Thanks, @atambo and @jvshahid!) + * [JRuby] fix NPE when inspecting nodes returned by NodeSet#drop (#1042) (Thanks, @mkristian!) + * [JRuby] fix nil attriubte node's namespace in reader (#1327) (Thanks, @codekitchen!) + * [JRuby] fix Nokogiri munging unicode characters that require more than 2 bytes (#1113) (Thanks, @mkristian!) + * [JRuby] allow unlinking an unparented node (#1112, #1152) (Thanks, @esse!) + * [JRuby] allow Fragment parsing on a frozen string (#444, #1077) + * [JRuby] HTML `style` tags are no longer encoded (#1316) (Thanks, @tbeauvais!) + * [MRI] fix assertion failure while accessing attribute node's namespace in reader (#843) (Thanks, @2potatocakes!) + * [MRI] fix issue with GCing namespace nodes returned in an xpath query. (#1155) + * [MRI] Ensure C strings are null-terminated. (#1381) + * [MRI] Ensure Rubygems is loaded before using mini_portile2 at installation. (#1393, #1411) (Thanks, @JonRowe!) + * [MRI] Handling another edge case where the `libxml-ruby` gem's global callbacks were smashing the heap. (#1426). (Thanks to @bbergstrom for providing an isolated test case!) + * [MRI] Ensure encodings are passed to Sax::Parser xmldecl callback. (#844) + * [MRI] Ensure default ns prefix is applied correctly when reparenting nodes to another document. (#391) (Thanks, @ylecuyer!) + * [MRI] Ensure Reader handles non-existent attributes as expected. (#1254) (Thanks, @ccutrer!) + * [MRI] Cleanup around namespace handling when reparenting nodes. (#1332, #1333, #1444) (Thanks, @cuttrer and @bradleybeddoes!) + * unescape special characters in CSS queries (#1303) (Thanks, @twalpole!) + * consistently handle empty documents (#1349) + * Update to mini_portile2 2.1.0 to address whitespace-handling during patching. (#1402) + * Fix encoding of xml node namespaces. + * Work around issue installing Nokogiri on overlayfs (commonly used in Docker containers). (#1370, #1405) + + ==== Other Notes + + * Removed legacy code remaining from Ruby 1.8.x support. + * Removed legacy code remaining from REE support. + * Removing hacky workarounds for bugs in some older versions of libxml2. + * Handling C strings in a forward-compatible manner, see https://github.com/ruby/ruby/blob/v2_2_0/NEWS#L319 + +- remove nokogiri-1.6.7.2_mini_portile2_version.diff as upstreamed + +------------------------------------------------------------------- +Wed Mar 23 12:07:48 UTC 2016 - o...@aepfle.de + +- Force fixed timestamps for patched gems (bsc#916047) + +------------------------------------------------------------------- +Tue Jan 26 14:30:07 UTC 2016 - mrueck...@suse.de + +- lockdown mini_portile2 to 2.0 + +------------------------------------------------------------------- +Mon Jan 25 14:00:09 UTC 2016 - mrueck...@suse.de + +- update to version 1.6.7.2 + This version pulls in several upstream patches to the vendored + libxml2 and libxslt to address: + + CVE-2015-7499 + + Ubuntu classifies this as "Priority: Low", RedHat classifies this + as "Impact: Moderate", and NIST classifies this as "Severity: 5.0 + (MEDIUM)". + + MITRE record is + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499 + + This is not effecting us as we are using the system copy. + +- refresh mini_portile patch to apply cleanly again + old: nokogiri-1.6.7.diff + new: nokogiri-1.6.7.2_mini_portile2_version.diff + +------------------------------------------------------------------- +Thu Jan 21 13:19:15 UTC 2016 - mrueck...@suse.de + +- fix buildrequires for mini_portile + +------------------------------------------------------------------- +Thu Dec 17 05:32:41 UTC 2015 - co...@suse.com + +- updated to version 1.6.7.1 + see installed CHANGELOG.rdoc + + === 1.6.7.1 / 2015-12-16 + + This version pulls in several upstream patches to the vendored libxml2 and libxslt to address: + + CVE-2015-5312 + CVE-2015-7497 + CVE-2015-7498 + CVE-2015-7499 + CVE-2015-7500 + CVE-2015-8241 + CVE-2015-8242 + CVE-2015-8317 + + See also http://www.ubuntu.com/usn/usn-2834-1/ + +------------------------------------------------------------------- +Tue Dec 15 18:27:36 UTC 2015 - co...@suse.com + +- add nokogiri-1.6.7.diff to fix the mini_portile2 dependency + +------------------------------------------------------------------- +Tue Dec 1 05:30:04 UTC 2015 - co...@suse.com + +- updated to version 1.6.7 + see installed CHANGELOG.rdoc + + === 1.6.7 / 2015-11-29 + + ==== Notes + + This version supports native builds on Windows using the RubyInstaller + DevKit. It also supports Ruby 2.2.x on Windows, as well as making + several other improvements to the installation process on various + platforms. + + This version also includes the security patches already applied in + v1.6.6.3 and v1.6.6.4 to the vendored libxml2 and libxslt source. + See #1374 and #1376 for details. + + ==== Features + + * Cross-built gems now have a proper ruby version requirement. (#1266) + * Ruby 2.2.x is supported on Windows. + * Native build is supported on Windows. + * [MRI] libxml2 and libxslt `config.guess` files brought up to date. (#1326) (Thanks, @hernan-erasmo!) + * [JRuby] fix error in validating files with jruby (#1355, #1361) (Thanks, @twalpole!) + * [MRI, OSX] Patch to handle nonstandard location of `iconv.h`. (#1206, #1210, #1218, #1345) (Thanks, @neonichu!) + + ==== Bug Fixes + + * [JRuby] reset the namespace cache when replacing the document's innerHtml (#1265) (Thanks, @mkristian!) + * [JRuby] Document#parse should support IO objects that respond to #read. (#1124) (Thanks, Jake Byman!) + * [MRI] Duplicate-id errors when setting the `id` attribute on HTML documents are now silenced. (#1262) + * [JRuby] SAX parser cuts texts in peices when quare brackets exist. (#1261) + * [JRuby] Namespaced attributes aren't removed by remove_attribute. (#1299) + +------------------------------------------------------------------- +Tue Nov 24 08:38:05 UTC 2015 - co...@suse.com + +- updated to version 1.6.6.4 + see installed CHANGELOG.rdoc + + === 1.6.6.4 / 2015-11-19 + + This version pulls in an upstream patche to the vendored libxml2 to address: + + * unclosed comment uninitialized access issue (#1376) + + This issue does not have a CVE assigned to it as this time. + +------------------------------------------------------------------- +Tue Nov 17 05:37:56 UTC 2015 - co...@suse.com + +- updated to version 1.6.6.3 + see installed CHANGELOG.rdoc + + === 1.6.6.3 / 2015-11-16 + + This version pulls in several upstream patches to the vendored libxml2 and libxslt to address: + + * CVE-2015-1819 + * CVE-2015-7941_1 + * CVE-2015-7941_2 + * CVE-2015-7942 + * CVE-2015-7942-2 + * CVE-2015-8035 + * CVE-2015-7995 + + See #1374 for details. + +------------------------------------------------------------------- +Wed Feb 4 12:32:06 UTC 2015 - hvo...@suse.com + +- Update to 1.6.6.2 + * Fixed installation issue affecting compiler arguments. (#1230) + * Unified Node and NodeSet implementations of #search, #xpath and #css. + * Added Node#lang and Node#lang=. + * bin/nokogiri passes the URI to parse() if an HTTP URL is given. ++++ 637 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:Factory/.rubygem-nokogiri-1_6.new/rubygem-nokogiri-1_6.changes New: ---- gem2rpm.yml nokogiri-1.6.8.1.gem rubygem-nokogiri-1_6.changes rubygem-nokogiri-1_6.spec rubygem-nokogiri-rpmlintrc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-nokogiri-1_6.spec ++++++ # # spec file for package rubygem-nokogiri-1_6 # # Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # # This file was generated with a gem2rpm.yml and not just plain gem2rpm. # All sections marked as MANUAL, license headers, summaries and descriptions # can be maintained in that file. Please consult this file before editing any # of those fields # Name: rubygem-nokogiri-1_6 Version: 1.6.8.1 Release: 0 %define mod_name nokogiri %define mod_full_name %{mod_name}-%{version} %define mod_version_suffix -1_6 # MANUAL BuildRequires: %{rubygem mini_portile2} BuildRequires: %{rubygem pkg-config} BuildRequires: libxml2-devel >= 2.6.21 BuildRequires: libxslt-devel # /MANUAL BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: %{rubydevel >= 1.9.2} BuildRequires: %{rubygem gem2rpm} BuildRequires: %{rubygem rdoc > 3.10} BuildRequires: ruby-macros >= 5 BuildRequires: update-alternatives Url: http://nokogiri.org Source: http://rubygems.org/gems/%{mod_full_name}.gem Source1: rubygem-nokogiri-rpmlintrc Source2: gem2rpm.yml Summary: Nokogiri (鋸) is an HTML, XML, SAX, and Reader parser License: MIT Group: Development/Languages/Ruby PreReq: update-alternatives %description Nokogiri (鋸) is an HTML, XML, SAX, and Reader parser. Among Nokogiri\'s many features is the ability to search documents via XPath or CSS3 selectors. %prep %build %install # MANUAL export NOKOGIRI_USE_SYSTEM_LIBRARIES=1 # /MANUAL %gem_install \ --symlink-binaries \ --doc-files="CHANGELOG.rdoc LICENSE.txt README.md" \ -f %gem_cleanup # MANUAL rm -rf %{buildroot}%{_libdir}/ruby/gems/%{rb_ver}/gems/%{mod_full_name}/ports # /MANUAL %gem_packages %changelog ++++++ gem2rpm.yml ++++++ # --- # ## used by gem2rpm # :summary: this is a custom summary # ## used by gem2rpm # :description: |- # this is a custom description # # it can be multiline # ## used by gem2rpm # :license: MIT or Ruby # ## used by gem2rpm and gem_packages :version_suffix: '-1_6' # ## used by gem2rpm and gem_packages # :disable_docs: true # ## used by gem2rpm # :disable_automatic_rdoc_dep: true # ## used by gem2rpm :preamble: |- BuildRequires: libxml2-devel >= 2.6.21 BuildRequires: libxslt-devel BuildRequires: %{rubygem mini_portile2} BuildRequires: %{rubygem pkg-config} # BuildRequires: foobar # Requires: foobar # ## used by gem2rpm #:patches :sources: - rubygem-nokogiri-rpmlintrc # - foo.desktop # - bar.desktop # :gem_install_args: '....' # ## used by gem2rpm :pre_install: |- export NOKOGIRI_USE_SYSTEM_LIBRARIES=1 :post_install: |- rm -rf %{buildroot}%{_libdir}/ruby/gems/%{rb_ver}/gems/%{mod_full_name}/ports # %if 0%{?use_system_libev} # export USE_VENDORED_LIBEV="no" # %endif # ## used by gem2rpm # :post_install: |- # # delete custom files here or do other fancy stuff # install -D -m 0644 %{S:1} %{buildroot}%{_bindir}/gem2rpm-opensuse # ## used by gem2rpm # :testsuite_command: |- # (pushd %{buildroot}%{gem_base}/gems/%{mod_full_name} && rake test) # ## used by gem2rpm # :filelist: |- # /usr/bin/gem2rpm-opensuse # ## used by gem2rpm # :scripts: # :post: |- # /bin/echo foo # ## used by gem_packages # :main: # :preamble: |- # Requires: util-linux # Recommends: pwgen # :filelist: |- # /usr/bin/gem2rpm-opensuse # ## used by gem_packages # :custom: # apache: # :preamble: |- # Requires: ..... # :filelist: |- # /etc/apache2/conf.d/passenger.conf # :summary: Custom summary is optional # :description: |- # Custom description is optional # # bar # :post: |- # /bin/echo foo # ++++++ rubygem-nokogiri-rpmlintrc ++++++ addFilter("devel-file-in-non-devel-package")