Security update for fossil SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2021:1052-1 Final 1 1 2021-07-17T18:05:52Z current 2021-07-17T18:05:52Z 2021-07-17T18:05:52Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for fossil This update for fossil fixes the following issues: fossil 2.16: * Add the fossil patch command * Improve the fossil ui command to work on check-out directories and remote machines * web UI improvements * Add fossil bisect run command for improved automation of bisects * Improve fossil merge handling of renames * wiki now defaults to markdown * email alerts can now be set to expire to prevent sending mail to abandoned accounts forever fossil 2.15.2: * Fix the client-side TLS so that it verifies that the server hostname matches its certificate (boo#1187988) fossil 2.15.1: * fix access to tables starting 'fx_' in ticket report fossil 2.15: * Relax default Content Security policy to allow images to be loaded from any URL * Updates to skins and their configuration options * Built-in skin can now be selected via the skin= request parameter and the /skins page. * /cookies page can now now delete individual cookies * Various extensions to diff displaz and operations * Add the --list option to the tarball, zip, and sqlar commands. * New TH1 commands: 'builtin_request_js', 'capexpr', 'foreach', 'lappend', and 'string match' * The leaves command now shows the branch point of each leaf. * The fossil add command refuses to add files whose names are reserved by Windows (ex: 'aux') unless the --allow-reserved option is included. fossil 2.14 * add fossil chat * enhanced fossil clone * performance optimization * enhanced documents * Pikchr improvements * Schema Update Notice #1: This release drops a trigger from the database schema * Schema Update Notice #2: This release changes how the descriptions of wiki edits are stored in the EVENT table, for improved display on timelines fossil 2.13: * wiki improvements: interwiki links, markup features * support for rendering pikchr markup scriptions * line number modes support interactive selection of range of lines to hyperlink to * Enhance finfo page to track a file across renames - minimum/bundled version of sqlite increased to 3.34.0 The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2021-1052 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IXKYDSDXE52IUN2KFAJ4I2LXBSMJW72Y/ E-Mail link for openSUSE-SU-2021:1052-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1187988 SUSE Bug 1187988 SUSE Package Hub 15 SP1 fossil-2.16-bp151.4.9.1 fossil-2.16-bp151.4.9.1 as a component of SUSE Package Hub 15 SP1