Accepting request 1113576 from home:firstyear:branches:security

- bsc#1215657 - chosen ciphertext attack possible against aes-gcm * update vendor.tar.zst to contain aes-gcm >= 0.10.3 - Update to version 0.9.2+0: * CI: Ensure `apt` repository is up-to-date before installing build deps * CI: Build Linux releases using `ubuntu-20.04` runner * CI: Remove most uses of `actions-rs` actions OBS-URL: https://build.opensuse.org/request/show/1113576 OBS-URL: https://build.opensuse.org/package/show/security/rage-encryption?expand=0&rev=29
2023-09-26 15:08:09 +00:00 · 2023-09-26 15:08:09 +00:00 · 2c10f03d7a
commit 2c10f03d7a
parent 1dbbeb5ded
7 changed files with 22 additions and 8 deletions
--- a/2
+++ b/2
@ -18,7 +18,7 @@
  <service mode="disabled" name="set_version"/>
  <service name="cargo_vendor" mode="disabled">
     <param name="srcdir">rage</param>
-     <param name="compression">xz</param>
+     <param name="compression">zst</param>
     <param name="update">true</param>
  </service>
  <service name="cargo_audit" mode="disabled">
--- a/2
+++ b/2
@ -1,4 +1,4 @@
 <servicedata>
 <service name="tar_scm">
                <param name="url">https://github.com/str4d/rage.git</param>
-              <param name="changesrevision">267f383d3c1623c10bc6715c07fa77689171f940</param></service></servicedata>
+              <param name="changesrevision">e6180f1a2004008873b8e8d40110995ecec416c4</param></service></servicedata>
--- a/rage-0.9.2+0.tar.gz
+++ b/rage-0.9.2+0.tar.gz
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:ae51d06e2829215baaa51f828acf316e71577eef778601d332a28e8c83dec81d
-size 1599818
+oid sha256:faaf7716819e4d30d47bead3e35c7776442a790fe072b80485cb69930dc28661
+size 1600116
--- a/rage-encryption.changes
+++ b/rage-encryption.changes
@ -1,3 +1,17 @@
+-------------------------------------------------------------------
+Tue Sep 26 03:59:43 UTC 2023 - William Brown <william.brown@suse.com>
+
+- bsc#1215657 - chosen ciphertext attack possible against aes-gcm
+  * update vendor.tar.zst to contain aes-gcm >= 0.10.3
+
+-------------------------------------------------------------------
+Tue Sep 26 01:06:56 UTC 2023 - william.brown@suse.com
+
+- Update to version 0.9.2+0:
+  * CI: Ensure `apt` repository is up-to-date before installing build deps
+  * CI: Build Linux releases using `ubuntu-20.04` runner
+  * CI: Remove most uses of `actions-rs` actions
+
 -------------------------------------------------------------------
 Tue Jun 13 00:35:46 UTC 2023 - william.brown@suse.com

--- a/rage-encryption.spec
+++ b/rage-encryption.spec
@ -31,7 +31,7 @@ License:        (0BSD OR MIT OR Apache-2.0) AND (Apache-2.0 OR BSL-1.0) AND (Apa
 Group:          Productivity/Security
 URL:            https://github.com/str4d/rage
 Source0:        rage-%{version}.tar.gz
-Source1:        vendor.tar.xz
+Source1:        vendor.tar.zst
 Source2:        cargo_config
 %if %{suse_version} > 1500
 BuildRequires:  cargo-packaging
--- a/vendor.tar.xz
+++ b/vendor.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a4f3e0446cc48a847aa6758aa09c7af56c02be60436e288e6495686cdf64eefa
-size 33837292
--- a/vendor.tar.zst
+++ b/vendor.tar.zst
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:4977cf5bab4d73b8d51f7df9fa0d72bf077922b25f9da05c2f51369b74cbec68
+size 33927832