Accepting request 628559 from home:iznogood:branches:GNOME:Factory

- Update to version 2.62.3:
  + Check for trailing dots in domains.
  + Set default cookie path for NULL origins.
  + Use atomic-refcounting in classes that are not using
    GObject-refcounting.
  + Many Coverity-found code fixes.
  + Bail out on cookie-jar calls with empty hostnames.
- Drop libsoup-boo1100097-empty-string.patch: Fixed upstream.

OBS-URL: https://build.opensuse.org/request/show/628559
OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/libsoup?expand=0&rev=216

libsoup-2.62.2.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:9e536fe3da60b25d2c63addb84a9d5072d00b0d8b8cbeabc629a6bcd63f879b6
-size 1848752

libsoup-2.62.3.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d312ade547495c2093ff8bda61f9b9727a98cfdae339f3263277dd39c0451172
+size 1851780

libsoup-boo1100097-empty-string.patch

@@ -1,29 +0,0 @@
-From db2b0d5809d5f8226d47312b40992cadbcde439f Mon Sep 17 00:00:00 2001
-From: Michael Catanzaro <mcatanzaro@igalia.com>
-Date: Sun, 24 Jun 2018 19:46:19 -0500
-Subject: [PATCH] cookie-jar: bail if hostname is an empty string
-
-There are several other ways to fix the problem with this function, but
-skipping over all of the code is probably the simplest.
-
-Fixes #3
----
- libsoup/soup-cookie-jar.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/libsoup/soup-cookie-jar.c b/libsoup/soup-cookie-jar.c
-index 2369c8a7..b2b78909 100644
---- a/libsoup/soup-cookie-jar.c
-+++ b/libsoup/soup-cookie-jar.c
-@@ -307,7 +307,7 @@ get_cookies (SoupCookieJar *jar, SoupURI *uri, gboolean for_http, gboolean copy_
- 
- 	priv = soup_cookie_jar_get_instance_private (jar);
- 
--	if (!uri->host)
-+	if (!uri->host || !uri->host[0])
- 		return NULL;
- 
- 	/* The logic here is a little weird, but the plan is that if
--- 
-2.18.0
-

libsoup.changes

@@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Fri Aug 10 09:01:14 UTC 2018 - bjorn.lie@gmail.com
+
+- Update to version 2.62.3:
+  + Check for trailing dots in domains.
+  + Set default cookie path for NULL origins.
+  + Use atomic-refcounting in classes that are not using
+    GObject-refcounting.
+  + Many Coverity-found code fixes.
+  + Bail out on cookie-jar calls with empty hostnames.
+- Drop libsoup-boo1100097-empty-string.patch: Fixed upstream.
+
 -------------------------------------------------------------------
 Fri Jul 20 19:16:31 UTC 2018 - mgorse@suse.com
 

libsoup.spec

@@ -17,7 +17,7 @@
 
 
 Name:           libsoup
-Version:        2.62.2
+Version:        2.62.3
 Release:        0
 Summary:        HTTP client/server library for GNOME
 License:        LGPL-2.1-or-later
@@ -25,8 +25,6 @@ Group:          Development/Libraries/GNOME
 URL:            https://wiki.gnome.org/Projects/libsoup
 Source:         http://download.gnome.org/sources/libsoup/2.62/%{name}-%{version}.tar.xz
 Source99:       baselibs.conf
-# PATCH-FIX-UPSTREAM libsoup-boo1100097-empty-string.patch boo#1100097 mgorse@suse.com -- fix crash when handling empty hostnames (CVE-2018-12910).
-Patch0:         libsoup-boo1100097-empty-string.patch
 
 BuildRequires:  glib-networking
 BuildRequires:  intltool >= 0.35.0
@@ -117,7 +115,6 @@ Features:
 %prep
 %setup -q
 translation-update-upstream
-%patch0 -p1
 
 %build
 %configure\