Skip to content

v1.5.26 Release

Compare
Choose a tag to compare
@github-actions github-actions released this 02 Apr 17:34
v1.5.26

v1.5.26 - 2024-04-02

  • debian: update how "source" packages are handled

    Previously, the Updater parsed metadata from the repository to try to record only "binary" packages. This was inaccurate and, with the new dpkg handling, now unneeded. The new approach should be more accurate.
  • dpkg: improve Source handling

    The dpkg handling machinery now correctly records source packages and versions. Previously, version differences between a source package and the resulting binary package(s) were incorrect if the versions were not identical.
  • libindex: add O_TMPFILE fallback logic

    After discovering that some common deployment methods are incompatible with using the `O_TMPFILE` `open(2)` flag, a fallback path has been added. The changes also move the default location of where temporary files are downloaded to, to better align with the layout recommended by systemd.

    Please see the documentation for specifics.

  • osv: parse database_specific severity when no CVSS severity is defined

    Occasionally there are OSV advisories that don't include any severity information in the `.severity` object but they do contain a severity in the `.database_specific` object. This change attempts to parse that severity if we don't get a severity from the native `.severity` object.