Add OpenSMTPD

Update patchinfo incident numbers [skip actions]
Merging
2026-02-11 14:41:40 +01:00 · 2026-02-10 11:55:54 +00:00 · 2026-02-10 11:55:35 +00:00 · 2026-02-10 10:25:41 +00:00 · 2026-02-10 10:25:21 +00:00 · 2026-02-10 10:24:10 +00:00
16 changed files with 119 additions and 97 deletions
--- a/.gitmodules
+++ b/.gitmodules
@@ -258,6 +258,10 @@
 	path = OpenShadingLanguage
 	url = ../../pool/OpenShadingLanguage
 	branch = leap-16.0
+[submodule "OpenSMTPD"]
+	path = OpenSMTPD
+	url = ../../pool/OpenSMTPD
+	branch = leap-16.0
 [submodule "OpenSubdiv"]
 	path = OpenSubdiv
 	url = ../../pool/opensubdiv
@@ -3070,6 +3074,10 @@
 	path = dom2-core-tests
 	url = ../../pool/dom2-core-tests
 	branch = leap-16.0
+[submodule "doomsday"]
+	path = doomsday
+	url = ../../pool/doomsday
+	branch = leap-16.0
 [submodule "dosbox"]
 	path = dosbox
 	url = ../../pool/dosbox
@@ -7174,6 +7182,10 @@
 	path = gnu_ddrescue
 	url = ../../pool/gnu_ddrescue
 	branch = leap-16.0
+[submodule "gnucobol"]
+	path = gnucobol
+	url = ../../pool/gnucobol
+	branch = leap-16.0
 [submodule "gnuastro"]
 	path = gnuastro
 	url = ../../pool/gnuastro
--- a/1
+++ b/1
--- a/2
+++ b/2
--- a/1
+++ b/1
--- a/1
+++ b/1
--- a/2
+++ b/2
--- a/2
+++ b/2
--- a/2
+++ b/2
--- a/patchinfo.20260204115012215375.93181000773252/_patchinfo
+++ b/patchinfo.20260204115012215375.93181000773252/_patchinfo
@@ -0,0 +1,30 @@
+<patchinfo incident="packagehub-113">
+  <issue tracker="bnc" id="1257403">VUL-0: CVE-2025-14550: python-Django,python3-Django,python-Django6: Potential denial-of-service vulnerability via repeated headers when using ASGI</issue>
+  <issue tracker="bnc" id="1257406">VUL-0: CVE-2026-1285: python-Django,python3-Django,python-Django6: Potential denial-of-service vulnerability in django.utils.text.Truncator HTML methods</issue>
+  <issue tracker="bnc" id="1257405">VUL-0: CVE-2026-1207: python-Django,python3-Django,python-Django6: Potential SQL injection via raster lookups on PostGIS</issue>
+  <issue tracker="cve" id="2026-1207"/>
+  <issue tracker="cve" id="2026-1312"/>
+  <issue tracker="cve" id="2026-1287"/>
+  <issue tracker="bnc" id="1257407">VUL-0: CVE-2026-1287: python-Django,python3-Django,python-Django6: Potential SQL injection in column aliases via control characters</issue>
+  <issue tracker="cve" id="2025-13473"/>
+  <issue tracker="bnc" id="1257401">VUL-0: CVE-2025-13473: python-Django,python3-Django,python-Django6: Username enumeration through timing difference in mod_wsgi authentication handler</issue>
+  <issue tracker="bnc" id="1257408">VUL-0: CVE-2026-1312: python-Django,python3-Django,python-Django6: Potential SQL injection via QuerySet.order_by and FilteredRelation</issue>
+  <issue tracker="cve" id="2025-14550"/>
+  <issue tracker="cve" id="2026-1285"/>
+  <packager>mcalabkova</packager>
+  <rating>important</rating>
+  <category>security</category>
+  <summary>Security update for python-Django</summary>
+  <description>This update for python-Django fixes the following issues:
+
+Changes in python-Django:
+
+- CVE-2026-1312: Fixed potential SQL injection via QuerySet.order_by and FilteredRelation (bsc#1257408).
+- CVE-2026-1287: Fixed potential SQL injection in column aliases via control characters (bsc#1257407).
+- CVE-2026-1207: Fixed potential SQL injection via raster lookups on PostGIS (bsc#1257405).
+- CVE-2026-1285: Fixed potential denial-of-service in django.utils.text.Truncator HTML methods (bsc#1257406).
+- CVE-2025-13473: Fixed username enumeration through timing difference in mod_wsgi authentication handler (bsc#1257401).
+- CVE-2025-14550: Fixed potential denial-of-service via repeated headers when using ASGI (bsc#1257403).
+</description>
+  <package>python-Django</package>
+</patchinfo>
--- a/patchinfo.20260204115510991084.93181000773252/_patchinfo
+++ b/patchinfo.20260204115510991084.93181000773252/_patchinfo
@@ -0,0 +1,22 @@
+<patchinfo incident="packagehub-112">
+  <issue tracker="cve" id="2026-1862"/>
+  <issue tracker="cve" id="2026-1861"/>
+  <issue tracker="bnc" id="1257650">VUL-0: chromium: release 144.0.7559.132</issue>
+  <packager>oertel</packager>
+  <rating>important</rating>
+  <category>security</category>
+  <summary>Security update for chromium</summary>
+  <description>This update for chromium fixes the following issues:
+
+Changes in chromium:
+
+- Chromium 144.0.7559.132 (boo#1257650)
+  * CVE-2026-1861: Heap buffer overflow in libvpx in Google Chrome
+    prior to 144.0.7559.132 allowed a remote attacker to potentially
+    exploit heap corruption via a crafted HTML page.
+  * CVE-2026-1862: Type Confusion in V8 in Google Chrome prior to
+    144.0.7559.132 allowed a remote attacker to potentially exploit
+    heap corruption via a crafted HTML page.
+</description>
+  <package>chromium</package>
+</patchinfo>
--- a/patchinfo.20260206094000823685.93181000773252/_patchinfo
+++ b/patchinfo.20260206094000823685.93181000773252/_patchinfo
@@ -0,0 +1,11 @@
+<patchinfo incident="packagehub-115">
+  <packager>eroca</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for gnucobol</summary>
+  <description>This update for gnucobol fixes the following issues:
+
+Introduce gnucobol.
+</description>
+  <package>gnucobol</package>
+</patchinfo>
--- a/patchinfo.20260206095645434427.93181000773252/_patchinfo
+++ b/patchinfo.20260206095645434427.93181000773252/_patchinfo
@@ -1,92 +0,0 @@
-<patchinfo>
-  <packager>os-autoinst-obs-workflow</packager>
-  <rating>moderate</rating>
-  <category>recommended</category>
-  <summary>Recommended update for openQA, os-autoinst</summary>
-  <description>This update for openQA, os-autoinst fixes the following issues:
-
-Changes in openQA:
-
- Update to version 5.1770274061.387b318c:
-  * Remove dependencies not available in 16
-  * Remove all explicit versions from ci-packages.txt
-  * Explicitly use new cache key for fullstack_cache
-  * Use devel:openQA 16.0 repositories
-  * fix: Create user directory without sudo
-  * refactor(ui): use native DOM APIs for bulk action logic
-  * Update devel:openQA:ci/base container to Leap 16
-  * Mark some one line catch statements uncoverable
-  * Move t/07-api_jobtokens.t to t/api/
-  * refactor: Avoid mapping of actions in df-based cleanup
-  * refactor: Use loop to invoke `_delete_jobs` repeatedly
-  * refactor: Simplify code for df-based cleanup further
-  * refactor: Extract repeated lookup and loop into separate function
-  * Dependency cron 2026-02-03
-  * feat(ui): add bulk action checkboxes to test overview filters
-  * feat(openqa-clone-custom-git-refspec): add "BADGE" mode
-  * fix(openqa-clone-custom-git-refspec): fix "MARKDOWN" mode
-  * feat(UI): add delete button for job groups and parent groups
-  * refactor(javascripts): harden by using const in admin_groups.js
-  * feat(api): prevent deletion of non-empty parent job groups
-  * docs: Fix typo in MCP documentation
-  * docs: Improve note about enabling modern Perl features
-  * test: Remove unused parameters in `OpenQA::Test::Case::login`
-  * navbar: add new item in menu to link MCP documentation
-  * Refactor t/lib/OpenQA/Test/Case.pm with signatures
-  * test: Consider all API controller code covered
-  * test: Cover remaining error cases of worker API
-  * fix: Improve error handling when updating records in admin tables
-  * test: Ensure consistent coverage of job cancellation function
-  * Prepare documentation generation for Leap 16.0
-  * test: Cover remaining lines of `Search.pm`
-  * test: Cover remaining lines of `Locks.pm`
-  * refactor: Simplify `JobTemplate::destroy`
-  * refactor: Remove unused code from `JobTemplate.pm`
-  * git subrepo pull (merge) external/os-autoinst-common
-  * style: Add quotes in openqa-bootstrap
-  * feat: default API key expiration to 1 year, aligning with UI
-  * feat: wrap array in an object in api_key API responses
-  * feat: add API endpoint for deleting API keys
-  * feat: add API endpoint for listing API keys
-  * feat: add API endpoint for creating API keys
-  * fix(openqa-bootstrap): prevent shellcheck warning SC2086
-  * Add dependency on 'file'
-  * refactor: Write code in `JobGroup.pm` in a more compact way
-  * test: Consider `Job.pm` fully covered
-  * test: Add tests for error handling of artefact upload
-  * refactor: Format artefact upload test in a more compact way
-  * test: Add tests for using assigned worker on job status updates
-  * test: Add tests for re-scheduling invalid scheduled product
-  * test: Add tests for querying non-existent scheduled product
-  * refactor: Use more compact coding style in `show_scheduled_product`
-  * refactor: Improve `Mm.pm`
-  * test: Improve tests of multi-machine API
-  * Remove unused module Config::Tiny from dependencies
-
- Update to version 5.1769603414.6c0fa72e:
-  * Handle links on test_log on missing git repo extension
-  * test: Consider `Test.pm` fully covered
-  * test: Extend tests for showing dependency graph
-  * fix: Merge parallel clusters correctly for displaying dependency tree
-
-Changes in os-autoinst:
-
-Thu Feb 05 15:25:28 UTC 2026 - okurz@suse.com
- Update to version 5.1770127521.c249fe9:
-  * refactor: Distinguish tests by the script path in `loadtest`
-  * refactor: Simplify approach for avoiding redefine warnings
-  * test: Allow running tests with `Test::Warnings&lt;0.033`
-  * test: Format test of `loadtestdir` in a more compact way
-  * test: Use `ENABLE_MODERN_PERL_FEATURES=1` in test suite
-  * feat: Allow enabling strict/warnings/signatures globally
-</description>
-  <package>openQA</package>
-  <package>openQA:openQA-devel-test</package>
-  <package>openQA:openQA-test</package>
-  <package>openQA:openQA-worker-test</package>
-  <package>openQA:openQA-client-test</package>
-  <package>os-autoinst</package>
-  <package>os-autoinst:os-autoinst-test</package>
-  <package>os-autoinst:os-autoinst-devel-test</package>
-  <package>os-autoinst:os-autoinst-openvswitch-test</package>
-</patchinfo>
--- a/patchinfo.20260209123942988001.93181000773252/_patchinfo
+++ b/patchinfo.20260209123942988001.93181000773252/_patchinfo
@@ -0,0 +1,11 @@
+<patchinfo incident="packagehub-116">
+  <packager>eroca</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for doomsday</summary>
+  <description>This update for doomsday fixes the following issues:
+
+Introduce doomsday.
+</description>
+  <package>doomsday</package>
+</patchinfo>
--- a/patchinfo.20260209155200377268.93181000773252/_patchinfo
+++ b/patchinfo.20260209155200377268.93181000773252/_patchinfo
@@ -0,0 +1,14 @@
+<patchinfo incident="packagehub-114">
+  <issue tracker="bnc" id="1257869">KMail2: Klick on link does not open Browser</issue>
+  <packager>favogt</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for messagelib</summary>
+  <description>This update for messagelib fixes the following issues:
+
+Changes in messagelib:
+
+- Fix links sometimes not opening (boo#1257869, kde#493325):
+</description>
+  <package>messagelib</package>
+</patchinfo>
--- a/patchinfo.20260211133956922544.255638743075857/_patchinfo
+++ b/patchinfo.20260211133956922544.255638743075857/_patchinfo
@@ -0,0 +1,11 @@
+<patchinfo>
+  <packager>eroca</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for OpenSMTPD</summary>
+  <description>This update for OpenSMTPD fixes the following issues:
+
+Introduce OpenSMTPD.
+</description>
+  <package>OpenSMTPD</package>
+</patchinfo>
--- a/2
+++ b/2
Author	SHA256	Message	Date
Robert Frohl	4a3eb4b09d	Add OpenSMTPD	2026-02-11 14:41:40 +01:00
Patchinfo incident numbering	203c9ebc1c	Update patchinfo incident numbers [skip actions]	2026-02-10 11:55:54 +00:00
AutoGits PR Review Bot	5ce11d2031	Merging PR: products/PackageHub!425	2026-02-10 11:55:35 +00:00
Patchinfo incident numbering	4a8a71cfaa	Update patchinfo incident numbers [skip actions]	2026-02-10 10:25:41 +00:00
AutoGits PR Review Bot	5e193e7b0c	Merging PR: products/PackageHub!423	2026-02-10 10:25:21 +00:00
Patchinfo incident numbering	2ba789da73	Update patchinfo incident numbers [skip actions]	2026-02-10 10:24:10 +00:00
AutoGits PR Review Bot	5d155cfc8e	Merging PR: products/PackageHub!428	2026-02-10 10:23:48 +00:00
Robert Frohl	f0fd57da25	Update submodules from pool/messagelib#1 and create patchinfo.20260209155200377268.93181000773252/_patchinfo	2026-02-09 16:52:16 +01:00
Robert Frohl	a75756a1dd	Add doomsday	2026-02-09 13:42:34 +01:00
Patchinfo incident numbering	a5e36132b4	Update patchinfo incident numbers [skip actions]	2026-02-07 13:28:27 +00:00
AutoGits PR Review Bot	93d5c851b6	Merging PR: products/PackageHub!393	2026-02-07 13:27:50 +00:00
Patchinfo incident numbering	735cc2c65c	Update patchinfo incident numbers [skip actions]	2026-02-06 19:18:47 +00:00
AutoGits PR Review Bot	50931b6594	Merging PR: products/PackageHub!394	2026-02-06 19:18:07 +00:00
Robert Frohl	bad747d321	Add gnucobol	2026-02-06 10:42:14 +01:00
AutoGits PR Review Bot	1c6a2a337d	auto-created for chromium This commit was autocreated by AutoGits PR Review Bot referencing PRs: PR: pool/chromium!31	2026-02-05 08:28:00 +00:00
AutoGits PR Review Bot	4cfc011cfb	auto-created for python-Django This commit was autocreated by AutoGits PR Review Bot referencing PRs: PR: pool/python-Django!4	2026-02-04 15:10:55 +00:00
Robert Frohl	b32cb083da	Update submodules from pool/chromium#31 and create patchinfo.20260204115510991084.93181000773252/_patchinfo	2026-02-04 12:55:51 +01:00
Robert Frohl	fae13248f7	Update submodules from pool/python-Django#4 and create patchinfo.20260204115012215375.93181000773252/_patchinfo	2026-02-04 12:54:31 +01:00