From 9bbe5ea75dcbde00ef05bec0e063493d9cfaab154e14100a8f6a4fe42f7c1fd0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ismail=20D=C3=B6nmez?= Date: Mon, 27 Apr 2015 09:45:48 +0000 Subject: [PATCH] Accepting request 304096 from home:AndreasStieger:branches:utilities GNU parallel 20150422, including security fix [boo#928664] OBS-URL: https://build.opensuse.org/request/show/304096 OBS-URL: https://build.opensuse.org/package/show/utilities/gnu_parallel?expand=0&rev=34 --- gnu_parallel.changes | 13 +++++++++++ gnu_parallel.spec | 2 +- parallel-20150322.tar.bz2 | 3 --- parallel-20150322.tar.bz2.sig | 42 ----------------------------------- parallel-20150422.tar.bz2 | 3 +++ parallel-20150422.tar.bz2.sig | 42 +++++++++++++++++++++++++++++++++++ 6 files changed, 59 insertions(+), 46 deletions(-) delete mode 100644 parallel-20150322.tar.bz2 delete mode 100644 parallel-20150322.tar.bz2.sig create mode 100644 parallel-20150422.tar.bz2 create mode 100644 parallel-20150422.tar.bz2.sig diff --git a/gnu_parallel.changes b/gnu_parallel.changes index 721a372..2f29d13 100644 --- a/gnu_parallel.changes +++ b/gnu_parallel.changes @@ -1,3 +1,16 @@ +------------------------------------------------------------------- +Sun Apr 26 19:38:50 UTC 2015 - astieger@suse.com + +- GNU parallel 20150422: + * Security fix: A local attacker could make a user overwrite one + of his own files with a single byte when using --compress, + --tmux, --pipe, --cat or --fifo when guessing random file names + within a time window of 15 ms. [boo#928664] + * --shuf will generate all jobs, and shuffle them before running + them. This is useful to get a quick preview of the results before + running the full batch. + * Bug fixes and man page updates. + ------------------------------------------------------------------- Sun Mar 22 20:22:03 UTC 2015 - jengelh@inai.de diff --git a/gnu_parallel.spec b/gnu_parallel.spec index 30b8a8a..6f898ff 100644 --- a/gnu_parallel.spec +++ b/gnu_parallel.spec @@ -17,7 +17,7 @@ Name: gnu_parallel -Version: 20150322 +Version: 20150422 Release: 0 Summary: Shell tool for executing jobs in parallel License: GPL-3.0+ diff --git a/parallel-20150322.tar.bz2 b/parallel-20150322.tar.bz2 deleted file mode 100644 index 27eebaa..0000000 --- a/parallel-20150322.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:2c00799cbbc07a57b4c1411bb9fb787ef2d2f6d1ff491093258baf4fda0a52ff -size 1117390 diff --git a/parallel-20150322.tar.bz2.sig b/parallel-20150322.tar.bz2.sig deleted file mode 100644 index 2196b54..0000000 --- a/parallel-20150322.tar.bz2.sig +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash - -# To check the signature run: -# echo | gpg -# gpg --auto-key-locate keyserver --keyserver-options auto-key-retrieve parallel-20150322.tar.bz2.sig - -echo | gpg 2>/dev/null -gpg --auto-key-locate keyserver --keyserver-options auto-key-retrieve $0 -exit $? - ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.22 (GNU/Linux) - -iQTwBAABCgAGBQJVDhiXAAoJENGrRRaIiIiImo0mn1BT8qCAB2eBGZzxsECQuaih -FA3jeebRLraZiG6/VK6XtUYQnOrOADyGIkuy68eYdNiK4g5MH7iCbPblJfXaQIlW -7jTNi2ZIDO4SookQbEts+BiI6Ykjk/owIyRh49OTRLD7uUoIsFNC143B64NHj/zJ -N99gGoa9u24G3ynBbRNjXtJqUmJ1XAbcCasUrwvD85iEIomcjSUJrt5V1EJzARkx -XOXagv3+cdN6b3sDFjkKW1X/gCN9ThuxMq+TJuxTD7OzjLt7wrXUhSlQiNSJFFr2 -8a7X1bfbTuoyZzf2Li0jOTnxGmRZp/JuMqY9LxosB2XGxO+X691aff+4fIIUMCx+ -AhM2bo0y6y/AN8vHfPsLM0+MeBxBj5Ks25Wjn+YvYYmk3CcO9o0E42w3Cm8f1ONa -15wzGZk+g+XJ8geN3EAg4FUNCAvvNMVRh/LyrwapXcztv5Ii9jSLRInjEmLfl6oX -GOaduTFXolgwTWRocjUrobADNoiXtMh+iTOLZMRe0215cR4Vo9x+/oSqkXDFRdbe -Q7vxCMf/Ust4Ss9GuOY5fPF3MdwyFrVgSYaSV2ghr16FG2or5le7hGDpC1g3HnNG -3gw3wasOAl3fy4CobaroPAK13+BR4ieBOnLb/nX9FxRI7mrZL3cLBzKkLzXQbz3E -yBbXaEmH2vVfhrH0ECC1a0/IL6pCoBkdGyB1KngEg+/Oo7gyyOzbdKlrpgBnaFGm -uaOx+KLXUpH2ttz/MqkkQMLN1dIOyOT9p2yGrEf+yn0dHs166mTt0rueHWLFPoA5 -0s70u8SEHz2v/KRcjX+Ezhd7zkRDSi2OChBVWz2r1hgol61e8EiOYw16Br8+STTf -nLkHAMlDrYaBwX2OTW4C46pKVwcHFdj9g/IMZ1sMYA07qOJUxEeT4C34cCPGzgHa -aoOZxj+VC0baOzmqX1T0J1q8OqCNob66OHDVhVfL8QW/6en8yGmnzvENQTzxKCmN -xwv72OgJUMjXHtmhCn699SZ0Dn9k59nLmHfs89dYBolrSteke4VWO/DqaiJT444U -rW5JQlXqQBcXCdb0ldpYhJ5TEzDMKKQtS47XFP8oQqPEogAIeSaxPAEp94XM2pyT -pNlEmOqGtyl4EbxoJVX67YTQDhKUhvuSyvLJN3WhM73OKLEEf3BUkp3m4pR955Z+ -xpws8srPSe1/GoSLlEMBo/Ffar3aM05mo5pSXXqcpvO4AWZ+Oc28fiqtIQv0XImi -Mp8PmAan1uuC2HGXCD0uEWU/sjjRMOdS3/HEyrY5V9rXdnVtcV6SRvU9g5w/PecY -hWOrcUSGvEL+blyRRX45WE2tz2uuHF2JelfMJiZXfCcaI4EDfx++jgSrH6DUR7Fa -P+0rzEGDLyvccqJqMnR/iRx4Vyn/m/Xc4mK21VDOofUWIr8unY8IWs0PcaRUCb1z -z0OngaPbqG4J7OBsg+0xBbjjS8UC/CwXtBFRLFoDdzNS4Oa9f4ioeKEB6rVfRXAq -hoPoIqjuDKDYLuEp26gbbbjcCiZDHUScP0B7yDprrGjiVdB4oPCr1zR+z/2j1M3w -R8vr3dcJabpeeRxgfG2TCGrKLtk+Tube31mqyhHFFxZNc2b1iISQBYGcHYKGV7mr -GmTirrxAnPwnkuP2wor+r4xqOA== -=X53f ------END PGP SIGNATURE----- diff --git a/parallel-20150422.tar.bz2 b/parallel-20150422.tar.bz2 new file mode 100644 index 0000000..0d737df --- /dev/null +++ b/parallel-20150422.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:860c5ab565d5fcb70a1ee2b4ce05149dad558116f9c3d8d48a53ea6af8dad4f4 +size 1127485 diff --git a/parallel-20150422.tar.bz2.sig b/parallel-20150422.tar.bz2.sig new file mode 100644 index 0000000..23062c8 --- /dev/null +++ b/parallel-20150422.tar.bz2.sig @@ -0,0 +1,42 @@ +#!/bin/bash + +# To check the signature run: +# echo | gpg +# gpg --auto-key-locate keyserver --keyserver-options auto-key-retrieve parallel-20150422.tar.bz2.sig + +echo | gpg 2>/dev/null +gpg --auto-key-locate keyserver --keyserver-options auto-key-retrieve $0 +exit $? + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (GNU/Linux) + +iQTwBAABCgAGBQJVOCnuAAoJENGrRRaIiIiIXZkmmQHHtzQPMWzetWZgOW1O6xdA +bqi8+9hOQxLaOoZIX+K1hLLYsiTQ3fjOGOmLPqy5ISGbI9cCqKO54OR+OMOvplit +6YYmGgs1A8NBZThoXjga87tMu4mfbMqiacQVcXTVUzTT3PG5JWNgJ7dmhgbOeLb0 +B2esDduIm8TUNmTEb+AcAF6sg3B3nSPLqYgpAILUWxscbHEoffuKEzCXP6NhOMMw +gtEz2EEDoIR49/4MgWBs6ocCKNgY+1q5/4X8UgxsoEKBW7gkvXzZnFF934syYW/w +n5yWXpelJix8GxNjASK7U461WpZ9s7RR9vuemekJYYBHWCsM6HquRL0NTKBBvjht +uAINwBp2KAY4YyRf3FI7h4cR7EkAOiqi1WPVL7KlA9uwa03TcL6yAF5CsKMUsLQ4 +i5Mv8ifhdBWs4LoUsBmgtrNih7BSOQhlOrkOz7d7GTYWRDB6gTrarj26K9LXXpcy +j/DzhHf8ENnfTiKTgGMqanplJlsztMPZ4OCUde3D7bDlWhUZYvWxPt0xQ8/Rk16k +V80FulTJjm4AHRkb+Vmw+tHOsT8sJ3Fq+ROhFhJJ/c0O8VMob5HKWQd6NveLAfbd +AK0Tnj3bjiJ7RPyvDLqV+OTkmW3aB+MdJILyYD0VjXlftxZkhM7jjw/2D5YUa/bZ +Q9mEjkgf/AF9O/GbZ822DWPOLME5PftQ4NXQNuGXfbvTJ3VpZI3t55NyWx4GBFLh +y+XWSMgo2suZzp5ML1NlBhs+uoTopXrtMGXIBOJB9OYY23jMsNzg23v7hWzROoWh +qBfxsyr5m5DZugoplzhgEBObSt6PuebfnIe/74n41yoXvBFwSFfjc2btyfEtLmik +oq8RynaEcvuli32iGsZBoCqyYJ/d9lo31SYENBx3m6LzW64DcQnjlDQBQi7+5Zni +spMJ4TrCGOpHDeq1bqbuyKsGIzODFV0GF2hsbXUzIEuABN2mtGhF3Vss2S73q8l4 +O1BA6IkyAe7jCA7Iv3BzWnWqmfGD1Zi18qeEmUYm+2kg/2Tg2vmO3OjMTzGyoqTi +/Uk0tSkPrqpKGaf5oU0nbpDIdNQbB4iMEJCF4gGcgRe76Q5iNT2x+Z288aJk3ULq +rQ72h1KLVM0mRYwVhJq8PP2dV/r7ePZW3PYa2xPZH/WL2nG1N9ZegzwDhtgznVnU +KSZihoMAD9OxqCd6pwyTQfcf9O+gnDLJS3KogzNEJIVa6zQMwXdHJU0tu+8lwbPR +I2ir/NcVoibfBINPP9ttPZ6s6Rzk4LlYHaihwqoNyh7LcJFTbwiGq0uYkypr41WG +hTcRAnwinXcMfB4O33ogvySNxs5WtlQYMu06TlvMwRMVRspP9dD9rKrIx+O/7RDY +GezQDyorEH2dHwjCh2mEMm8deThlAF6xVOk7AbI0aLccHuNfWyuLkA2ltkRZz8oi +3pN0syzX5X6lAujz/1y967peI8Fvexg9wxiYfxuAlLhiAuO3qDCcrFV7jAQ2eH+l +huvIELGbffLBC9rFEwobyQe9+go3XAuJBDtQpcMPn2QXDHNYDrmxUgtPNyfAgsNG +BZlpMfSKuMeJysOg4+2s6X8CbD3tiNm2nAFD2lbTN7k/npBiTtsHmkTCuK/G4kjR ++0StKFRKIo4qOoG5sMXLYwfH0A== +=7QLH +-----END PGP SIGNATURE-----