Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP2:Update
gradle.36305
gradle.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File gradle.changes of Package gradle.36305
------------------------------------------------------------------- Wed Oct 30 12:49:48 UTC 2024 - Gus Kenion <gus.kenion@suse.com> - Security update - Added patch: * gradle-CVE-2023-35947.patch + Fix CVE-2023-35947 (bsc#1212931), TarSlip vulnerability + Gradle no longer handles Tar archives which contain path traversal elements in a Tar entry name. ------------------------------------------------------------------- Fri Aug 30 13:06:42 UTC 2024 - Gus Kenion <gus.kenion@suse.com> - Security update - Added patch: * gradle-CVE-2023-35946.patch + Fix CVE-2023-35946 [bsc#1212930], dependency cache writes files into an unintended location + Backport PathTraversalChecker.java from upstream version 8.2.0 and newer. Refactor for compatibility. ------------------------------------------------------------------- Wed Jun 12 04:57:57 UTC 2024 - Fridrich Strba <fstrba@suse.com> - Added patch: * gradle-jakarta-inject.patch + fix build with jakarta-inject, a new google-guice dependency ------------------------------------------------------------------- Wed Apr 10 07:06:44 UTC 2024 - Fridrich Strba <fstrba@suse.com> - Added patch: * gradle-plexus-xml.patch + fix build with the plexus-xml split from plexus-utils ------------------------------------------------------------------- Tue Mar 26 09:07:13 UTC 2024 - Fridrich Strba <fstrba@suse.com> - security update - Added patch: * gradle-CVE-2019-15052.patch + fix CVE-2019-15052 [bsc#1145903], authentication credentials are sent to all subsequent hosts that the request redirects to ------------------------------------------------------------------- Fri Mar 8 08:34:58 UTC 2024 - Fridrich Strba <fstrba@suse.com> - Add missing dependency of aopalliance - Modified patches: * 0005-Port-to-Maven-3.3.9-and-Eclipse-Aether.patch + add transitive dependency on aopalliance:aopalliance:1.0@jar * 0013-Add-missing-transitive-dependencies.patch + add dependency on 'biz.aQute.bnd:biz.aQute.bnd.util:3.4.0@jar' to fix build with newer aqute-bnd ------------------------------------------------------------------- Fri Mar 8 08:33:28 UTC 2024 - Fridrich Strba <fstrba@suse.com> - Fix build breakage on SLE-15-SP2 after upgrades of different dependencies ------------------------------------------------------------------- Wed Nov 1 12:49:55 UTC 2023 - Fridrich Strba <fstrba@suse.com> - Added patch: * sourcetarget.patch + Build ALL modules with source/target levels 8 ------------------------------------------------------------------- Thu Apr 27 14:34:25 UTC 2023 - pgajdos@suse.com - security update - added patch: * gradle-CVE-2021-32751.patch + fix CVE-2021-32751 [bsc#1188569], 'application' plugin and the 'gradlew' script are both vulnerable to arbitrary code execution ------------------------------------------------------------------- Tue Apr 11 07:08:13 UTC 2023 - Valentin Lefebvre <valentin.lefebvre@suse.com> - Added patch: * use-nio-files-createTempFile-rather-than-File-createTempFile.patch + bsc#1184807 (CVE-2021-29428), bsc#1184799 (CVE-2021-29429) ------------------------------------------------------------------- Mon May 23 12:27:42 UTC 2022 - Fridrich Strba <fstrba@suse.com> - Added patch: * gradle-java17.patch + Allow actually build gradle using Java 16+ ------------------------------------------------------------------- Fri May 20 04:46:11 UTC 2022 - Fridrich Strba <fstrba@suse.com> - Modify the launcher so that gradle can work with Java 17 - Do not force building with java <= 15, since we now can run gradle-bootstrap with Java 17 too ------------------------------------------------------------------- Mon May 16 12:37:31 UTC 2022 - Fridrich Strba <fstrba@suse.com> - Build against jansi 2.x - Remove the jansi-native and hawtjni-runtime dependencies, since jansi 2.x does not depend on them - Modified patch: * 0013-Add-missing-transitive-dependencies.patch + jansi does not have transitive dependencies any more - Added patch: * gradle-jansi.patch + port to use jansi 2.x ------------------------------------------------------------------- Wed Mar 23 16:30:46 UTC 2022 - Fridrich Strba <fstrba@suse.com> - Force building with java <= 11 ------------------------------------------------------------------- Mon Mar 14 05:27:44 UTC 2022 - Fridrich Strba <fstrba@suse.com> - Fix build with maven-resolver 1.7.x - Modified patch: * 0005-Port-to-Maven-3.3.9-and-Eclipse-Aether.patch + package the new artifact maven-resolver-named-locks ------------------------------------------------------------------- Tue Mar 8 06:21:15 UTC 2022 - Fridrich Strba <fstrba@suse.com> - Remove from build dependencies some artifacts that are not needed ------------------------------------------------------------------- Tue Oct 19 07:02:43 UTC 2021 - Fridrich Strba <fstrba@suse.com> - Modified patch: * 0013-Add-missing-transitive-dependencies.patch + Add osgi-compendium to the dependencies, since newer qute-bnd uses it ------------------------------------------------------------------- Wed Jul 28 07:31:50 UTC 2021 - Fridrich Strba <fstrba@suse.com> - Remove build requires that are not strictly needed ------------------------------------------------------------------- Wed May 12 08:13:34 UTC 2021 - Fridrich Strba <fstrba@suse.com> - Do not build against the legacy guava20 package any more - Added patch: * port-to-guava-30.patch + Port gradle 4.4.1 to guava 30.1.1 + Set source level to 1.8, since guava 30 uses default functions in interfaces, which is Java 8+ feature ------------------------------------------------------------------- Tue Dec 17 11:49:50 UTC 2019 - Fridrich Strba <fstrba@suse.com> - Avoid all-released-versions.json as source, since we are not building integration tests. ------------------------------------------------------------------- Mon Dec 9 12:38:32 UTC 2019 - Fridrich Strba <fstrba@suse.com> - Modified patch: * gradle-4.4.1-asm7.patch + Rediff and use ASM7 api instead of ASM6, since we are using objectweb-asm 7.2 - Added patches: * cast-estimated-runtime-to-long.patch + estimatedRuntime must be cast to long otherwise gradle build fails with "Cannot assign value of type java.math.BigDecimal to variable of type long". * java11-compatibility.patch + Fixes the compatibility with Java 11. This is backport of upstream changes in 4.8 * java8-compatibility.patch + Keep compatibility with Java 8 by avoiding to use Java 9+ APIs * remove-timestamps.patch + Avoid timestamps and thus irreproducible builds ------------------------------------------------------------------- Mon Nov 25 11:14:34 UTC 2019 - Fridrich Strba <fstrba@suse.com> - Added patch: * gradle-4.4.1-asm7.patch + fix build with objectweb-asm 7.2 ------------------------------------------------------------------- Wed Nov 20 21:31:11 UTC 2019 - Fridrich Strba <fstrba@suse.com> - Gradle looks for slf4j-api.jar, so we provide a link there ------------------------------------------------------------------- Sun Nov 17 20:04:50 UTC 2019 - Fridrich Strba <fstrba@suse.com> - Package a full gradle instead of the open apis only - Upgrade to version 4.4.1 - Added patches: * 0001-Gradle-local-mode.patch + Use gradle local mode by default * 0002-Remove-Class-Path-from-manifest.patch + Remove classpath from manifest * 0003-Implement-XMvn-repository-factory-method.patch + Implement factory methods for xmvn repository * 0004-Use-unversioned-dependency-JAR-names.patch + Use unversioned jar files for dependencies * 0005-Port-to-Maven-3.3.9-and-Eclipse-Aether.patch + Port to maven 3.3.9 and maven-resolver * 0006-Disable-code-quality-checks.patch + Disable code quality checks useless for rpm build * 0007-Port-to-Kryo-3.0.patch + Fix build with kryo 3.0 * 0008-Port-to-Ivy-2.4.0.patch + Fix build with apache-ivy 2.4.0 * 0009-Port-to-Polyglot-0.1.8.patch + Allow building with tesla-polyglot >= 0.1.8 * 0010-Port-from-Simple-4-to-Jetty-9.patch + build using org.eclipse.jetty:jetty-server instead of org.simpleframework:simple * 0011-Disable-benchmarks.patch + Do not run benchmarks useless during rpm build * 0012-Disable-patching-of-external-modules.patch + Disable patching of external modules during the build * 0013-Add-missing-transitive-dependencies.patch + Add transitive dependencies for aqute-bndlib, jansi and zinc * 0014-Disable-ideNative-module.patch + Do not build ideNative module * 0015-Disable-docs-build.patch + Do not build docs needing asciidoctorj that we don't have * 0016-Port-to-guava-20.0.patch + Fix build with guava 20.0 * 0017-Set-core-api-source-level-to-8.patch + Build core-api submodule with source/target 8 ------------------------------------------------------------------- Tue Sep 17 11:37:40 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> - Add LICENSE file to the correct tag ------------------------------------------------------------------- Tue Sep 17 11:31:39 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> - Security fix: [bsc#1150998, CVE-2019-16370] * The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm. PGP signing plugin might allow an attacker to replace an artifact with a different one. - Add gradle-CVE-2019-16370.patch ------------------------------------------------------------------- Thu Sep 14 05:34:54 UTC 2017 - fstrba@suse.com - Specify java source and target level 1.6 in order to allow building with jdk9 ------------------------------------------------------------------- Thu Dec 15 05:10:11 UTC 2016 - margherio.adam@gmail.com - Updated to 3.2.1 ------------------------------------------------------------------- Mon Dec 28 13:56:20 UTC 2015 - mailaender@opensuse.org - Update to 2.10 ------------------------------------------------------------------- Tue Apr 14 19:21:36 UTC 2015 - afaerber@suse.de - Update to 2.3 ------------------------------------------------------------------- Tue Jul 8 08:48:15 UTC 2014 - tchvatal@suse.com - Cleanup the sle11 build bit more. ------------------------------------------------------------------- Fri Jun 27 14:22:37 UTC 2014 - tchvatal@suse.com - Build on sle11 ------------------------------------------------------------------- Fri Jun 27 12:24:36 UTC 2014 - tchvatal@suse.com - Cleanup the package to be up par at least a bit ------------------------------------------------------------------- Fri Nov 27 00:00:00 UTC 2009 - lkundrak@v3.sk - Initial packaging
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor