openSUSE Security Update: Security update for fossil
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2021:1052-1
Rating:             moderate
References:         #1187988 
Affected Products:
                    openSUSE Backports SLE-15-SP1
______________________________________________________________________________

   An update that contains security fixes can now be installed.

Description:

   This update for fossil fixes the following issues:

   fossil 2.16:

     * Add the fossil patch command
     * Improve the fossil ui command to work on check-out directories and
       remote machines
     * web UI improvements
     * Add fossil bisect run command for improved automation of bisects
     * Improve fossil merge handling of renames
     * wiki now defaults to markdown
     * email alerts can now be set to expire to prevent sending mail to
       abandoned accounts forever

   fossil 2.15.2:

     * Fix the client-side TLS so that it verifies that the server hostname
       matches its certificate (boo#1187988)

   fossil 2.15.1:

     * fix access to tables starting "fx_" in ticket report

   fossil 2.15:

     * Relax default Content Security policy to allow images to be loaded
       from any URL
     * Updates to skins and their configuration options
     * Built-in skin can now be selected via the skin= request parameter and
       the /skins page.
     * /cookies page can now now  delete individual cookies
     * Various extensions to diff displaz and operations
     * Add the --list option to the tarball, zip, and sqlar commands.
     * New TH1 commands: "builtin_request_js", "capexpr", "foreach",
       "lappend", and "string match"
     * The leaves command now shows the branch point of each leaf.
     * The fossil add command refuses to add files whose names are reserved
       by Windows (ex: "aux") unless the --allow-reserved
       option is included.

   fossil 2.14

     * add fossil chat
     * enhanced fossil clone
     * performance optimization
     * enhanced documents
     * Pikchr improvements
     * Schema Update Notice #1: This release drops a trigger from the
       database schema
     * Schema Update Notice #2: This release changes how the descriptions
     of wiki edits are stored in the EVENT table, for improved display
     on timelines

   fossil 2.13:

     * wiki improvements: interwiki links, markup features
     * support for rendering pikchr markup scriptions
     * line number modes support interactive selection of range of lines to
       hyperlink to
     * Enhance finfo page to track a file across renames
   - minimum/bundled version of sqlite increased to 3.34.0


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Backports SLE-15-SP1:

      zypper in -t patch openSUSE-2021-1052=1



Package List:

   - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64):

      fossil-2.16-bp151.4.9.1


References:

   https://bugzilla.suse.com/1187988