forked from products/PackageHub
Compare commits
4 Commits
add_uzdoom
...
maintenanc
| Author | SHA256 | Date | |
|---|---|---|---|
| 41f701dcc1 | |||
| 3c13caa4c0 | |||
|
7b4b273e45 | ||
| 95ca3e6bac |
4
.gitmodules
vendored
4
.gitmodules
vendored
@@ -26242,7 +26242,3 @@
|
||||
path = openQA-devel-container
|
||||
url = ../../pool/openQA-devel-container
|
||||
branch = leap-16.0
|
||||
[submodule "uzdoom"]
|
||||
path = uzdoom
|
||||
url = ../../pool/uzdoom
|
||||
branch = leap-16.0
|
||||
|
||||
2
hauler
2
hauler
Submodule hauler updated: 4061841edd...69ca5e4eea
@@ -1,15 +0,0 @@
|
||||
<patchinfo incident="packagehub-86">
|
||||
<issue tracker="cve" id="2025-68616">VUL-0: CVE-2025-68616: python-weasyprint: server-side request forgery (SSRF) protection bypass via HTTP redirects allows access to internal network resources</issue>
|
||||
<issue tracker="bnc" id="1256936">VUL-0: CVE-2025-68616: python-weasyprint: server-side request forgery (SSRF) protection bypass via HTTP redirects allows access to internal network resources</issue>
|
||||
<packager>dgarcia</packager>
|
||||
<rating>important</rating>
|
||||
<category>security</category>
|
||||
<summary>Security update for python-weasyprint</summary>
|
||||
<description>This update for python-weasyprint fixes the following issues:
|
||||
|
||||
Changes in python-weasyprint:
|
||||
|
||||
- CVE-2025-68616: Fixed a server-side request forgery in default fetcher (boo#1256936).
|
||||
</description>
|
||||
<package>python-weasyprint</package>
|
||||
</patchinfo>
|
||||
32
patchinfo.20260120155333040130.93181000773252/_patchinfo
Normal file
32
patchinfo.20260120155333040130.93181000773252/_patchinfo
Normal file
@@ -0,0 +1,32 @@
|
||||
<patchinfo>
|
||||
<issue tracker="cve" id="2026-22772"/>
|
||||
<issue tracker="bnc" id="1256546">VUL-0: CVE-2025-47911: TRACKERBUG: golang.org/x/net/html: various algorithms with quadratic complexity when parsing HTML documents</issue>
|
||||
<packager>dirkmueller</packager>
|
||||
<rating>moderate</rating>
|
||||
<category>recommended</category>
|
||||
<summary>Recommended update for hauler</summary>
|
||||
<description>This update for hauler fixes the following issues:
|
||||
|
||||
Changes in hauler:
|
||||
|
||||
- Update to version 1.4.1 (bsc#1256546, CVE-2026-22772):
|
||||
* fixed typos for containerd imports (#493)
|
||||
* fix and support containerd imports of `hauls` (#492)
|
||||
* bump github.com/sigstore/fulcio (#489)
|
||||
|
||||
- Update to version 1.4.0:
|
||||
* added/updated logging for `serve` and `remove` (#487)
|
||||
* added/fixed helm chart images/dependencies features (#485)
|
||||
* more experimental feature updates (#486)
|
||||
* add experimental notes (#483)
|
||||
* updated tempdir flag to store persistent flags (#484)
|
||||
* delete artifacts from store (#473)
|
||||
* path rewrites (#475)
|
||||
* updated/fixed workflow dependency versions (#478)
|
||||
|
||||
- Update to version 1.3.2:
|
||||
* bump to latest cosign fork release (#481)
|
||||
* Bump golang.org/x/crypto in the go_modules group across 1 directory (#476)
|
||||
</description>
|
||||
<package>hauler</package>
|
||||
</patchinfo>
|
||||
@@ -1,12 +0,0 @@
|
||||
<patchinfo>
|
||||
<packager>eroca</packager>
|
||||
<rating>moderate</rating>
|
||||
<category>recommended</category>
|
||||
<summary>Recommended update for uzdoom</summary>
|
||||
<description>This update for uzdoom fixes the following issues:
|
||||
|
||||
Introduces uzdoom.
|
||||
|
||||
</description>
|
||||
<package>uzdoom</package>
|
||||
</patchinfo>
|
||||
Submodule python-weasyprint updated: 6a88841ded...7179e10f1f
1
uzdoom
1
uzdoom
Submodule uzdoom deleted from 9a62caf05a
Reference in New Issue
Block a user