Overview

Request 1097110 accepted

- Update to 1.85.2
- Bugfixes
- Fix regression where using TLS for HTTP replication between
workers did not work. Introduced in v1.85.0. (#15746)

- Update to 1.85.1
Note: this release only fixes a bug that stopped some deployments
from upgrading to v1.85.0. There is no need to upgrade to v1.85.1
if successfully running v1.85.0.
- Bugfixes
- Fix bug in schema delta that broke upgrades for some
deployments. Introduced in v1.85.0. (#15738, #15739)

- make use that the pythons define and use_python do not diverge by
moving them closer to each other.

- Update to 1.85.0
- Security
- GHSA-26c5-ppr8-f33p / CVE-2023-32682 — Low Severity It may be
possible for a deactivated user to login when using uncommon
configurations. (boo#1212055)
- GHSA-98px-6486-j7qc / CVE-2023-32683 — Low Severity A
discovered oEmbed or image URL can bypass the
url_preview_url_blacklist setting potentially allowing server
side request forgery or bypassing network policies. Impact is
limited to IP addresses allowed by the
url_preview_ip_range_blacklist setting (by default this only
allows public IPs). (boo#1212054)
- Features
- Improve performance of backfill requests by performing


Dominique Leuenberger's avatar

unresolvable: nothing provides (python310-frozendict >= 2.3.4 with python310-frozendict < 2.3.5)

Request History
Dirk Mueller's avatar

dirkmueller created request

- Update to 1.85.2
- Bugfixes
- Fix regression where using TLS for HTTP replication between
workers did not work. Introduced in v1.85.0. (#15746)

- Update to 1.85.1
Note: this release only fixes a bug that stopped some deployments
from upgrading to v1.85.0. There is no need to upgrade to v1.85.1
if successfully running v1.85.0.
- Bugfixes
- Fix bug in schema delta that broke upgrades for some
deployments. Introduced in v1.85.0. (#15738, #15739)

- make use that the pythons define and use_python do not diverge by
moving them closer to each other.

- Update to 1.85.0
- Security
- GHSA-26c5-ppr8-f33p / CVE-2023-32682 — Low Severity It may be
possible for a deactivated user to login when using uncommon
configurations. (boo#1212055)
- GHSA-98px-6486-j7qc / CVE-2023-32683 — Low Severity A
discovered oEmbed or image URL can bypass the
url_preview_url_blacklist setting potentially allowing server
side request forgery or bypassing network policies. Impact is
limited to IP addresses allowed by the
url_preview_ip_range_blacklist setting (by default this only
allows public IPs). (boo#1212054)
- Features
- Improve performance of backfill requests by performing


Saul Goodman's avatar

licensedigger accepted review

ok


Factory Auto's avatar

factory-auto added opensuse-review-team as a reviewer

Please review sources


Factory Auto's avatar

factory-auto accepted review

Check script succeeded


Ana Guerrero's avatar

anag+factory declined review

sr#1095265 of a different type should be revoked first


Ana Guerrero's avatar

anag+factory declined request

sr#1095265 of a different type should be revoked first


Dirk Mueller's avatar

dirkmueller reopened request

declined the delete request


Fabian Vogt's avatar

favogt_factory added openSUSE:Factory:Staging:adi:14 as a reviewer

Being evaluated by staging project "openSUSE:Factory:Staging:adi:14"


Fabian Vogt's avatar

favogt_factory accepted review

Picked "openSUSE:Factory:Staging:adi:14"


Marcus Rueckert's avatar

darix accepted review

Accepted review for by_group opensuse-review-team request 1097110 from user favogt_factory


Dominique Leuenberger's avatar

dimstar_suse accepted review

Staging Project openSUSE:Factory:Staging:adi:14 got accepted.


Dominique Leuenberger's avatar

dimstar_suse approved review

Staging Project openSUSE:Factory:Staging:adi:14 got accepted.


Dominique Leuenberger's avatar

dimstar_suse accepted request

Staging Project openSUSE:Factory:Staging:adi:14 got accepted.

openSUSE Build Service is sponsored by