Accepting request 1161156 from devel:languages:python
- update to 261 (bsc#1220157, CVE-2024-25711):
* Don't crash if we encounter an .rdb file without an
equivalent .rdx file.
* Actually test 7z support in the test_7z set of tests, not the
lz4 functionality.
* In addition, correctly check for the 7z binary being
available (and not lz4) when testing 7z.
* Prevent a traceback when comparing a contentful .pyc file
with an empty one. (Re: Debian:#1064973)
* Don't error-out with a traceback if we encounter
"struct.unpack"-related errors when parsing .pyc files.
* Fix compatibility with PyTest 8.0.
* Don't try and compare rdb_expected_diff on non-GNU systems as
%p formatting can vary.
* Use the 7zip package (over p7zip-full) after package
transition.
* Parse the header and hunksize of diffs strictly before
parsing the context below.
* Reformat code to comply with the latest version of Black
(24.1.1).
* Expand the previous changelog entry to include the CVE number
that was subsequently assigned.
* Bump the miniumum Black requirement to run the "Black clean"
test and make test_zip.py Black clean.
* CVE-2024-25711: Use a determistic name when extracting
content from GPG artifacts instead of trusting the value of
gpg's --use- embedded-filenames.
* Temporarily fix support for Python 3.11.8 re. a potential
regression with the handling of ZIP files.
* Add/fix compatibility for Python progressbar 2.5 & 3.0 etc.
OBS-URL: https://build.opensuse.org/request/show/1161156
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/diffoscope?expand=0&rev=44
This commit is contained in:
Ana Guerrero
Git OBS Bridge
commit
c9d09b54d9
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:ee8005c732cb11db3d488d7817cf104618ab6ffde98d786619a5b4496520a6fe
|
||||
size 3095764
|
||||
@ -1,16 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmUo+OIACgkQHpU+J9Qx
|
||||
HlghnA/9HzS4msedatmezOWDxIA7RTjY+cdzQ7DQL143S/KJ7C8Zuh6m5liYe8DV
|
||||
RwoQtklN4vKAY1lRatLQbgdTzEOX/DfTCu4Ot/Q08prmJECOwYV9yCmzSoWcbq/3
|
||||
pUxKIbIN9FDctybHx2wzdHbco+spaiNL9QohJv2g3rHw18+KELfbFw2HIK6n+s3o
|
||||
xzPD1qvHGDmmuOYkrJx5YUYnvwnhkgNN3Mtzpfwzzw7veJ8JKTPT1Sw+T8jScj9c
|
||||
KZqX1ohdwRLU4cs1EhdtErVMUe8KBdXcvyvGNmJVeMT9cl39efMblxyev3SVdZCN
|
||||
/Xk/WTmHsT0dYLpzggku7oS5Oh7laGKHIl1xoC1FOEteW+IE5ytZmes4PfC8sA+t
|
||||
Bvim7ekevfk2Qv7izGLwQPchXC5x0JaTqp65fmo7crmfnNZHK2K/FaQPn3TddAxC
|
||||
Fp27kvDWs/pXykbfnT2AMkHvkNi5lARCeZf1+xv9euS8p2TnViosqPYATwAY3Ljv
|
||||
p6+7bVD4wvEXqyer4Ru+0D6spq85vUTVwVQ6Gvki5NTOXHQ+rlu5SYpwI3bGxOgE
|
||||
KhmJqbzdaPB3i3Fwq74D7yuSEEyKzenfQelVX7OeZnDAS68GcKG5wiZ4EYNe6LGo
|
||||
1KvifnKekB7Cf5SKrsEUQC5PJ/NXjtz2FrHqQiccs/lnoEH6hCM=
|
||||
=wwtm
|
||||
-----END PGP SIGNATURE-----
|
||||
3
diffoscope-261.tar.bz2
Normal file
3
diffoscope-261.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:05bc58e70d94a7921a0c9c998309d40e6ebcdc6f152066959e152f68c4591ea5
|
||||
size 3116751
|
||||
16
diffoscope-261.tar.bz2.asc
Normal file
16
diffoscope-261.tar.bz2.asc
Normal file
@ -0,0 +1,16 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmX9UoAACgkQHpU+J9Qx
|
||||
HlinXg//eKgnP/iE8fKg2vdo2XWff5QkvBHCtHIGTwOQPlrXGsCtESXqA47jEx6G
|
||||
U1IUYJCo7qBXendULvTJamJoXfbYK/MDbsXq0DrlV6A6PY2NN0U2nPyQead1hNoL
|
||||
dy5sh14fdXkbjIcUE4sFeBsMHu6n60XCe4yJm7IoQquCnctxYBn+Rbay1KboRLO6
|
||||
lBhY5qUeiRyqEzAAG4I5Dz375b3Ey3DVNzmaS17ZW209tmjfq/Fj/TxmG9mQDZPo
|
||||
UfmuFAfBvZxD8RHb8j82dog1dN158yZOBKrpcZGD+CgX3vDHnGE6h5PIdHyXUl82
|
||||
j6Z2WMbCMFrATxozFlb02gVYlA+8GgAl6XOEO9vNJN8wnuunY1yEK6cdZdlU1Yqd
|
||||
sg9CZJz7iRspC6L96KIt6pomsVtUzLWQ4tlVl7IGE64+ukrlxNrwMHBO98IZUXQ3
|
||||
bpw78DYfh/dWJexNgNSgGN9C3jm3JJtsaWMP/7xesVC8VjC+4S5EMAUccM82o3SP
|
||||
IB815UG4CjwITOUIdoU63mTCWKlV+62tbRD+rQx++2a0cegxWqleyLc/HJHqvF7Q
|
||||
lZ9YMWQStoOCEU9efceJi14RQFkBn0Zcqt4JH1fOf9fQGUwI5081KsxE5wUOT1ih
|
||||
TB1hc65AYob1WWo1XocWhknLzQwoDUZoEq0GCKyphliekZOYxcQ=
|
||||
=/pxC
|
||||
-----END PGP SIGNATURE-----
|
||||
@ -1,3 +1,49 @@
|
||||
-------------------------------------------------------------------
|
||||
Sun Mar 24 17:59:20 UTC 2024 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- update to 261 (bsc#1220157, CVE-2024-25711):
|
||||
* Don't crash if we encounter an .rdb file without an
|
||||
equivalent .rdx file.
|
||||
* Actually test 7z support in the test_7z set of tests, not the
|
||||
lz4 functionality.
|
||||
* In addition, correctly check for the 7z binary being
|
||||
available (and not lz4) when testing 7z.
|
||||
* Prevent a traceback when comparing a contentful .pyc file
|
||||
with an empty one. (Re: Debian:#1064973)
|
||||
* Don't error-out with a traceback if we encounter
|
||||
"struct.unpack"-related errors when parsing .pyc files.
|
||||
* Fix compatibility with PyTest 8.0.
|
||||
* Don't try and compare rdb_expected_diff on non-GNU systems as
|
||||
%p formatting can vary.
|
||||
* Use the 7zip package (over p7zip-full) after package
|
||||
transition.
|
||||
* Parse the header and hunksize of diffs strictly before
|
||||
parsing the context below.
|
||||
* Reformat code to comply with the latest version of Black
|
||||
(24.1.1).
|
||||
* Expand the previous changelog entry to include the CVE number
|
||||
that was subsequently assigned.
|
||||
* Bump the miniumum Black requirement to run the "Black clean"
|
||||
test and make test_zip.py Black clean.
|
||||
* CVE-2024-25711: Use a determistic name when extracting
|
||||
content from GPG artifacts instead of trusting the value of
|
||||
gpg's --use- embedded-filenames.
|
||||
* Temporarily fix support for Python 3.11.8 re. a potential
|
||||
regression with the handling of ZIP files.
|
||||
* Add/fix compatibility for Python progressbar 2.5 & 3.0 etc.
|
||||
* Add external tool on GNU Guix for 7z.
|
||||
* Improve DOS/MBR extraction by adding support for 7z.
|
||||
* Process objdump symbol comment filter inputs as the Python
|
||||
"bytes" type (and not str). (Closes: reproducible-
|
||||
builds/diffoscope#358)
|
||||
* Add a missing RequiredToolNotFound import.
|
||||
* Update copyright years.
|
||||
* As UI/UX improvement, try and avoid printing an extended
|
||||
traceback if diffoscope runs out of memory. This may not
|
||||
always be possible to detect.
|
||||
* Mark diffoscope as stable in setup.py (for PyPI.org).
|
||||
Whatever diffoscope is, at least, not "alpha" anymore.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Nov 1 17:44:17 UTC 2023 - Andrea Manzini <andrea.manzini@suse.com>
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package diffoscope
|
||||
#
|
||||
# Copyright (c) 2023 SUSE LLC
|
||||
# Copyright (c) 2024 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -17,7 +17,7 @@
|
||||
|
||||
|
||||
Name: diffoscope
|
||||
Version: 251
|
||||
Version: 261
|
||||
Release: 0
|
||||
Summary: In-depth comparison of files, archives, and directories
|
||||
License: GPL-3.0-or-later
|
||||
@ -39,7 +39,7 @@ Requires: python3-libarchive-c
|
||||
Requires: python3-python-magic
|
||||
Requires: python3-setuptools
|
||||
Requires(post): update-alternatives
|
||||
Requires(postun):update-alternatives
|
||||
Requires(postun): update-alternatives
|
||||
# Tools required for proper function of this program
|
||||
# in extras_require
|
||||
Recommends: python3-distro
|
||||
|
||||
Loading…
Reference in New Issue
Block a user