pool/libconfuse
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
factory
libconfuse/libconfuse.changes
Dirk Mueller 424f8c88d7 Accepting request 1002767 from home:oertel:branches:devel:libraries:c_c++ 
- add fix from upstream git
  libconfuse-d73777c2c3566fb2647727bb56d9a2295b81669b.patch
  cfg_tilde_expand in confuse.c has a heap-based buffer over-read
  (CVE-2022-40320 boo#1203326)

OBS-URL: https://build.opensuse.org/request/show/1002767
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libconfuse?expand=0&rev=11
2022-09-12 14:58:28 +00:00

62 lines
2.5 KiB
Plaintext
Raw Permalink Blame History

-------------------------------------------------------------------
Mon Sep 12 11:02:59 CEST 2022 - ro@suse.de
- add fix from upstream git
libconfuse-d73777c2c3566fb2647727bb56d9a2295b81669b.patch
cfg_tilde_expand in confuse.c has a heap-based buffer over-read
(CVE-2022-40320 boo#1203326)
-------------------------------------------------------------------
Thu Jun 25 07:08:53 UTC 2020 - Michael Vetter <mvetter@suse.com>
- Update to 3.3:
Changes:
* Support building static library on Windows
* Support for fmemopen() in Windows UWP applications
* Support for cfg_getopt(cfg, "sub=name|option"), i.e., get an
option from a sub-section, by Peter Rosin
* Support for CFGF_MODIFIED flag, to detect changes to settings
in memory after parsing, by Peter Rosin
* Support for filtering out settings when printing, by Peter Rosin
* Support for dynamic key=value sections with no pre-runtime
knowledge of setting names, useful for environment variables
and similar
* Updated German translation, by Chris Leick
Fixes:
* Fix loop-forever bug found by Christian Reitter; a .conf file
containing only "=", will cause even the simplest parser to loop
forever in internal function cfg_getopt_secidx()
* Issue #113: Fail to build strdup() replacement
* Issue #118: Fix build on Windows, missing fmemopen() replacement
* Issue #120: Handle shell and C++ comments with no space separator
* Issue #125: Drop developer debug msg QSTR: ...
* Issue #131: Fix CFG_PTR_CB() regression, segfaults when, e.g.,
cfg_free() is called. Found and fixed by Peter Rosin
* Issue #135: Revert CFGF_RESET flag if cfg_setmulti() family fail
* Issue #137: Memory leak in cfg_setopt() for PTR options
-------------------------------------------------------------------
Fri Oct 12 14:40:04 UTC 2018 - Jan Engelhardt <jengelh@inai.de>
- Use new %lang_package -r semantics.
-------------------------------------------------------------------
Tue Aug 21 07:14:58 UTC 2018 - kbabioch@suse.com
- Update to 3.2.2:
- Security release for CVE-2018-14447: Out-of-bounds reads in trim_whitespace
in lexer.l
- Removed xz as build requirement
- Removed -lang recommendation from main package
-------------------------------------------------------------------
Mon Aug 6 16:29:11 UTC 2018 - jengelh@inai.de
- Ensure neutrality of description. Trim redundancies and
future goals from description.
-------------------------------------------------------------------
Thu Aug 2 09:36:08 UTC 2018 - kbabioch@suse.com
- Initial packaging of version 3.2.1:
Reference in New Issue View Git Blame Copy Permalink