Accepting request 77810 from GNOME:Factory

Pushing G:F OBS-URL: https://build.opensuse.org/request/show/77810 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libsoup?expand=0&rev=52
2011-08-03 14:18:13 +00:00 · 2011-08-03 14:18:13 +00:00 · 1c7bb866c1
commit 1c7bb866c1
parent 6bc2e0f903 877568dd4b
4 changed files with 17 additions and 4 deletions
--- a/libsoup-2.35.3.tar.bz2
+++ b/libsoup-2.35.3.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:20b7aab263a44e527b8d89c01e61a3591a719a582ad1163b2a4758dcc598c62d
-size 695424
--- a/libsoup-2.35.4.tar.bz2
+++ b/libsoup-2.35.4.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:958e7c7ff8abfa2257afb4e12f2534502954a3c2f3be291bfa033954cd7a29cf
+size 698398
--- a/libsoup.changes
+++ b/libsoup.changes
@ -1,3 +1,16 @@
+-------------------------------------------------------------------
+Thu Jul 28 21:27:11 CEST 2011 - vuntz@opensuse.org
+
+- Update to version 2.35.4:
+  + CVE-2011-2054: Fixed a security hole that caused some
+    SoupServer users to unintentionally allow accessing the entire
+    local filesystem when they thought they were only providing
+    access to a single directory. [bgo#653258]
+  + Plugged another SoupCache memory leak.
+  + Simplified SoupCache keys, and handle collisions. [bgo#649963]
+  + Annotate SoupSession:add-feature, etc, as (skip), so they don't
+    conflict with the methods of the same name. [bgo#655150]
+
 -------------------------------------------------------------------
 Tue Jul  5 08:24:36 CEST 2011 - vuntz@opensuse.org

--- a/libsoup.spec
+++ b/libsoup.spec
@ -20,7 +20,7 @@

 Name:           libsoup
 Summary:        HTTP client/server library for GNOME
-Version:        2.35.3
+Version:        2.35.4
 Release:        1
 License:        LGPLv2.1+
 Group:          Development/Libraries/GNOME