SUSE 5147 Published by

A fossil security update has been released for SUSE Linux Enterprise 15 SP3.



openSUSE-SU-2021:1050-1: moderate: Security update for fossil


openSUSE Security Update: Security update for fossil
______________________________________________________________________________

Announcement ID: openSUSE-SU-2021:1050-1
Rating: moderate
References: #1187988
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________

An update that contains security fixes can now be installed.

Description:

This update for fossil fixes the following issues:

fossil 2.16:

* Add the fossil patch command
* Improve the fossil ui command to work on check-out directories and
remote machines
* web UI improvements
* Add fossil bisect run command for improved automation of bisects
* Improve fossil merge handling of renames
* wiki now defaults to markdown
* email alerts can now be set to expire to prevent sending mail to
abandoned accounts forever

fossil 2.15.2:

* Fix the client-side TLS so that it verifies that the server hostname
matches its certificate (boo#1187988)

fossil 2.15.1:

* fix access to tables starting "fx_" in ticket report

fossil 2.15:

* Relax default Content Security policy to allow images to be loaded
from any URL
* Updates to skins and their configuration options
* Built-in skin can now be selected via the skin= request parameter and
the /skins page.
* /cookies page can now now delete individual cookies
* Various extensions to diff displaz and operations
* Add the --list option to the tarball, zip, and sqlar commands.
* New TH1 commands: "builtin_request_js", "capexpr", "foreach",
"lappend", and "string match"
* The leaves command now shows the branch point of each leaf.
* The fossil add command refuses to add files whose names are reserved
by Windows (ex: "aux") unless the --allow-reserved
option is included.

fossil 2.14

* add fossil chat
* enhanced fossil clone
* performance optimization
* enhanced documents
* Pikchr improvements
* Schema Update Notice #1: This release drops a trigger from the
database schema
* Schema Update Notice #2: This release changes how the descriptions
of wiki edits are stored in the EVENT table, for improved display
on timelines

fossil 2.13:

* wiki improvements: interwiki links, markup features
* support for rendering pikchr markup scriptions
* line number modes support interactive selection of range of lines to
hyperlink to
* Enhance finfo page to track a file across renames
- minimum/bundled version of sqlite increased to 3.34.0

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP3:

zypper in -t patch openSUSE-2021-1050=1


Package List:

- openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64):

fossil-2.16-bp153.2.3.1

References:

  https://bugzilla.suse.com/1187988