Overview

File _patchinfo of Package patchinfo.26156

<patchinfo incident="26156">
  <issue tracker="bnc" id="1156501">Regression: can not use OSC without kwallet</issue>
  <issue tracker="bnc" id="1142662">[TRACKERBUG] update osc to version 0.165.3</issue>
  <issue tracker="bnc" id="1127932">osc : extremely slow log downloads</issue>
  <issue tracker="bnc" id="1173926">osc lbl terrible slow</issue>
  <issue tracker="bnc" id="1126055">osc build -p fails with TypeError</issue>
  <issue tracker="bnc" id="1160446">osc (or obs) creates wrong submit request</issue>
  <issue tracker="bnc" id="1137477">osc lbl throws UnicodeDecodeError</issue>
  <issue tracker="bnc" id="1138977">Error running osc command</issue>
  <issue tracker="bnc" id="1138165">[TRACKERBUG] update osc to version 0.165.1</issue>
  <issue tracker="bnc" id="1136584">osc build requires running in a checked out directory even with --alternative-project</issue>
  <issue tracker="bnc" id="1155953">osc v0.166 broke my osc vc use case</issue>
  <issue tracker="bnc" id="1154972">release osc 0.166.0^</issue>
  <issue tracker="bnc" id="1131512">osc: backtrace when setting meta attribute</issue>
  <issue tracker="bnc" id="1166537">osc rq accept - forwarding request causes backtrace</issue>
  <issue tracker="bnc" id="1144211">[TRACKERBUG] update osc to version 0.165.4</issue>
  <issue tracker="bnc" id="1122675">VUL-0: CVE-2019-3681: osc: stores downloaded (supposed) RPM in network-controlled filesystem paths</issue>
  <issue tracker="bnc" id="1140697">[TRACKERBUG] update osc to version 0.165.2</issue>
  <issue tracker="bnc" id="1089025">[diff] osc diff -r rev1:rev2 is not always working as expected</issue>
  <issue tracker="bnc" id="1126058">osc buildinfo -p fails with TypeError</issue>
  <issue tracker="bnc" id="1129889">osc: crash listing logs with invalid UTF-8</issue>
  <issue tracker="bnc" id="1097996">osc requires python-base instead of python</issue>
  <issue tracker="bnc" id="1125243">submit python3 ready osc</issue>
  <issue tracker="bnc" id="1142518">VUL-0: CVE-2019-3685: osc: inadequate TLS certificate validation for HTTPS connections</issue>
  <issue tracker="bnc" id="1129757">osc: search does not sort output after python3 port</issue>
  <issue tracker="cve" id="2019-3685"/>
  <issue tracker="cve" id="2019-3681"/>
  <issue tracker="jsc" id="OBS-203"/>
  <packager>dmach</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for osc</summary>
  <description>This update for osc fixes the following issues:

  osc was updated to version 0.182.0 (bsc#1154972, bsc#1144211, bsc#1142662, bsc#1140697, bsc#1138165):

  - Added MFA support (jsc#OBS-203).
  - CVE-2019-3681: Fixed vulnerability where osc stored downloaded RPMs in network controlled paths (bsc#1122675).
  - CVE-2019-3685: Fixed broken TLS certificate handling (bsc#1142518). 

  Bugfixes:
  - Removed use of chardet to guess encoding. Utf-8 or latin-1 is now assumed, which will speed up decoding (bsc#1173926).
  - Added helper method _html_escape to enable python3.8 and python2.* compatibility (bsc#1166537).
  - Added MR creation to honor orev (bsc#1160446).
  - Fixed local build outside of the working copy of a package (bsc#1136584).
  - Don't enforce password reuse (bsc#1156501).
  - osc vc --file=foo bar.changes now writes the content from foo into bar.changes instead of creating a new file (bsc#1155953).
  - Fixed decoding on osc lbl (bsc#1137477).
  - Simplified and fixed osc meta -e (bsc#1138977).
  - osc lbl now works with non utf8 encoding (bsc#1129889).
  - Added full python3 compatibility (bsc#1125243, bsc#1131512, bsc#1129757).
  - Fixed slowdown of rbl with readline(bufsize) function (bsc#1127932).
  - Fixed osc build -p dir TypeError (bsc#1126055).
  - Fixed osc buildinfo -p TypeError (bsc#1126058).
  - Added new options --unexpand and --meta to diff command (bsc#1089025).
  - Fixed Requires to python-base which does not contain ssl.py (bsc#1097996).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places