import EuroLinux fence-agents-4.2.1-121.el8_9.4
This commit is contained in:
parent
782c400bf2
commit
7c5ab86882
@ -20,7 +20,7 @@ f6efa66f6106b069b5c0e0cf8cc677e4e96c91ca SOURCES/oauthlib-3.1.1.tar.gz
|
||||
bccbc1bf76a9db46998eb8e1ffa2f2a2baf9237a SOURCES/packaging-21.2-py3-none-any.whl
|
||||
e0fa19f8fda46a1fa2253477499b116b33f67175 SOURCES/pyasn1-0.4.8.tar.gz
|
||||
43b89feb6864fe359aae89120627165219de313b SOURCES/pyasn1-modules-0.2.8.tar.gz
|
||||
326a73f58a62ebee00c11a12cfdd838b196e0e8e SOURCES/pycryptodome-3.6.4.tar.gz
|
||||
c55d177e9484d974c95078d4ae945f89ba2c7251 SOURCES/pycryptodome-3.20.0.tar.gz
|
||||
c8307f47e3b75a2d02af72982a2dfefa3f56e407 SOURCES/pyparsing-2.4.7-py2.py3-none-any.whl
|
||||
c2ba10c775b7a52a4b57cac4d4110a0c0f812a82 SOURCES/python-dateutil-2.8.2.tar.gz
|
||||
1dc2fa004aa6517f1620e55d8a7b8e68a9cf2a47 SOURCES/python-string-utils-1.0.0.tar.gz
|
||||
@ -33,5 +33,5 @@ d5354718cb8c9330d3abc27445467ce8a5ed9d70 SOURCES/setuptools-58.3.0.tar.gz
|
||||
a4f02fddae697614e356cadfddb6241cc7737f38 SOURCES/setuptools_scm-6.3.2.tar.gz
|
||||
06fa0bb50f2a4e2917fd14c21e9d2d5508ce0163 SOURCES/six-1.16.0.tar.gz
|
||||
b42b7960047441db7dc021cc20e14279bd836f8d SOURCES/tomli-1.0.1.tar.gz
|
||||
eb35c3fd8b0867ae988a15917d6b80e8bdf60222 SOURCES/urllib3-1.26.7.tar.gz
|
||||
84e2852d8da1655373f7ce5e7d5d3e256b62b4e4 SOURCES/urllib3-1.26.18.tar.gz
|
||||
540f083782c584989c1a0f69ffd69ba7aae07db6 SOURCES/websocket-client-1.2.1.tar.gz
|
||||
|
4
.gitignore
vendored
4
.gitignore
vendored
@ -20,7 +20,7 @@ SOURCES/openshift-0.12.1.tar.gz
|
||||
SOURCES/packaging-21.2-py3-none-any.whl
|
||||
SOURCES/pyasn1-0.4.8.tar.gz
|
||||
SOURCES/pyasn1-modules-0.2.8.tar.gz
|
||||
SOURCES/pycryptodome-3.6.4.tar.gz
|
||||
SOURCES/pycryptodome-3.20.0.tar.gz
|
||||
SOURCES/pyparsing-2.4.7-py2.py3-none-any.whl
|
||||
SOURCES/python-dateutil-2.8.2.tar.gz
|
||||
SOURCES/python-string-utils-1.0.0.tar.gz
|
||||
@ -33,5 +33,5 @@ SOURCES/setuptools-58.3.0.tar.gz
|
||||
SOURCES/setuptools_scm-6.3.2.tar.gz
|
||||
SOURCES/six-1.16.0.tar.gz
|
||||
SOURCES/tomli-1.0.1.tar.gz
|
||||
SOURCES/urllib3-1.26.7.tar.gz
|
||||
SOURCES/urllib3-1.26.18.tar.gz
|
||||
SOURCES/websocket-client-1.2.1.tar.gz
|
||||
|
@ -1,26 +0,0 @@
|
||||
From 644124ecd0b6e417c527191f866daa05a5a2056d Mon Sep 17 00:00:00 2001
|
||||
From: Quentin Pradet <quentin.pradet@gmail.com>
|
||||
Date: Mon, 2 Oct 2023 19:46:16 +0400
|
||||
Subject: [PATCH] Merge pull request from GHSA-v845-jxx5-vc9f
|
||||
|
||||
---
|
||||
CHANGES.rst | 5 ++++
|
||||
docs/user-guide.rst | 3 +++
|
||||
src/urllib3/util/retry.py | 2 +-
|
||||
test/test_retry.py | 4 +--
|
||||
test/with_dummyserver/test_poolmanager.py | 30 ++++++++++++++++++-----
|
||||
5 files changed, 35 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/src/urllib3/util/retry.py b/src/urllib3/util/retry.py
|
||||
index ea48afe3ca..7572bfd26a 100644
|
||||
--- a/kubevirt/urllib3/util/retry.py
|
||||
+++ b/kubevirt/urllib3/util/retry.py
|
||||
@@ -187,7 +187,7 @@ class Retry:
|
||||
RETRY_AFTER_STATUS_CODES = frozenset([413, 429, 503])
|
||||
|
||||
#: Default headers to be used for ``remove_headers_on_redirect``
|
||||
- DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(["Authorization"])
|
||||
+ DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(["Cookie", "Authorization"])
|
||||
|
||||
#: Maximum backoff time.
|
||||
BACKOFF_MAX = 120
|
@ -1,26 +0,0 @@
|
||||
From 644124ecd0b6e417c527191f866daa05a5a2056d Mon Sep 17 00:00:00 2001
|
||||
From: Quentin Pradet <quentin.pradet@gmail.com>
|
||||
Date: Mon, 2 Oct 2023 19:46:16 +0400
|
||||
Subject: [PATCH] Merge pull request from GHSA-v845-jxx5-vc9f
|
||||
|
||||
---
|
||||
CHANGES.rst | 5 ++++
|
||||
docs/user-guide.rst | 3 +++
|
||||
src/urllib3/util/retry.py | 2 +-
|
||||
test/test_retry.py | 4 +--
|
||||
test/with_dummyserver/test_poolmanager.py | 30 ++++++++++++++++++-----
|
||||
5 files changed, 35 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/src/urllib3/util/retry.py b/src/urllib3/util/retry.py
|
||||
index ea48afe3ca..7572bfd26a 100644
|
||||
--- a/aws/urllib3/util/retry.py
|
||||
+++ b/aws/urllib3/util/retry.py
|
||||
@@ -187,7 +187,7 @@ class Retry:
|
||||
RETRY_AFTER_STATUS_CODES = frozenset([413, 429, 503])
|
||||
|
||||
#: Default headers to be used for ``remove_headers_on_redirect``
|
||||
- DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(["Authorization"])
|
||||
+ DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(["Cookie", "Authorization"])
|
||||
|
||||
#: Maximum backoff time.
|
||||
BACKOFF_MAX = 120
|
@ -0,0 +1,63 @@
|
||||
From 7dd3680e6eea0d77fde024763657aa4d884ddb23 Mon Sep 17 00:00:00 2001
|
||||
From: Calum Hutton <calum.hutton@snyk.io>
|
||||
Date: Thu, 26 Oct 2023 12:08:53 +0100
|
||||
Subject: [PATCH] xmlattr filter disallows keys with spaces
|
||||
|
||||
---
|
||||
CHANGES.rst | 1 +
|
||||
src/jinja2/filters.py | 28 +++++++++++++++++++++-------
|
||||
tests/test_filters.py | 6 ++++++
|
||||
3 files changed, 28 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/src/jinja2/filters.py b/src/jinja2/filters.py
|
||||
index ed07c4c0e..c7ecc9bb6 100644
|
||||
--- a/kubevirt/jinja2/filters.py
|
||||
+++ b/kubevirt/jinja2/filters.py
|
||||
@@ -248,13 +248,17 @@ def do_items(value: t.Union[t.Mapping[K, V], Undefined]) -> t.Iterator[t.Tuple[K
|
||||
yield from value.items()
|
||||
|
||||
|
||||
+_space_re = re.compile(r"\s", flags=re.ASCII)
|
||||
+
|
||||
+
|
||||
@pass_eval_context
|
||||
def do_xmlattr(
|
||||
eval_ctx: "EvalContext", d: t.Mapping[str, t.Any], autospace: bool = True
|
||||
) -> str:
|
||||
"""Create an SGML/XML attribute string based on the items in a dict.
|
||||
- All values that are neither `none` nor `undefined` are automatically
|
||||
- escaped:
|
||||
+
|
||||
+ If any key contains a space, this fails with a ``ValueError``. Values that
|
||||
+ are neither ``none`` nor ``undefined`` are automatically escaped.
|
||||
|
||||
.. sourcecode:: html+jinja
|
||||
|
||||
@@ -273,12 +277,22 @@ def do_xmlattr(
|
||||
|
||||
As you can see it automatically prepends a space in front of the item
|
||||
if the filter returned something unless the second parameter is false.
|
||||
+
|
||||
+ .. versionchanged:: 3.1.3
|
||||
+ Keys with spaces are not allowed.
|
||||
"""
|
||||
- rv = " ".join(
|
||||
- f'{escape(key)}="{escape(value)}"'
|
||||
- for key, value in d.items()
|
||||
- if value is not None and not isinstance(value, Undefined)
|
||||
- )
|
||||
+ items = []
|
||||
+
|
||||
+ for key, value in d.items():
|
||||
+ if value is None or isinstance(value, Undefined):
|
||||
+ continue
|
||||
+
|
||||
+ if _space_re.search(key) is not None:
|
||||
+ raise ValueError(f"Spaces are not allowed in attributes: '{key}'")
|
||||
+
|
||||
+ items.append(f'{escape(key)}="{escape(value)}"')
|
||||
+
|
||||
+ rv = " ".join(items)
|
||||
|
||||
if autospace and rv:
|
||||
rv = " " + rv
|
@ -11,7 +11,7 @@
|
||||
# alibaba
|
||||
# python-pycryptodome bundle
|
||||
%global pycryptodome pycryptodome
|
||||
%global pycryptodome_version 3.6.4
|
||||
%global pycryptodome_version 3.20.0
|
||||
%global pycryptodome_dir %{bundled_lib_dir}/aliyun/%{pycryptodome}
|
||||
# python-aliyun-sdk-core bundle
|
||||
%global aliyunsdkcore aliyun-python-sdk-core
|
||||
@ -59,10 +59,10 @@
|
||||
%global pyyaml_version 6.0
|
||||
%global six six
|
||||
%global six_version 1.16.0
|
||||
%global urllib3 urllib3
|
||||
%global urllib3_version 1.26.7
|
||||
%global websocketclient websocket-client
|
||||
%global websocketclient_version 1.2.1
|
||||
%global urllib3 urllib3
|
||||
%global urllib3_version 1.26.18
|
||||
%global websocketclient websocket-client
|
||||
%global websocketclient_version 1.2.1
|
||||
%global jinja2 Jinja2
|
||||
%global jinja2_version 3.0.2
|
||||
%global markupsafe MarkupSafe
|
||||
@ -87,7 +87,7 @@
|
||||
Name: fence-agents
|
||||
Summary: Set of unified programs capable of host isolation ("fencing")
|
||||
Version: 4.2.1
|
||||
Release: 121%{?alphatag:.%{alphatag}}%{?dist}.2
|
||||
Release: 121%{?alphatag:.%{alphatag}}%{?dist}.4
|
||||
License: GPLv2+ and LGPLv2+
|
||||
Group: System Environment/Base
|
||||
URL: https://github.com/ClusterLabs/fence-agents
|
||||
@ -278,10 +278,9 @@ Patch134: bz2155453-fence_ibm_powervs-performance-improvements.patch
|
||||
### HA support libs/utils ###
|
||||
# all archs
|
||||
Patch1000: bz2218234-1-kubevirt-fix-bundled-dateutil-CVE-2007-4559.patch
|
||||
Patch1001: RHEL-11988-1-kubevirt-fix-bundled-urllib3-CVE-2023-43804.patch
|
||||
Patch1001: RHEL-22179-kubevirt-fix-bundled-jinja2-CVE-2024-22195.patch
|
||||
# cloud (x86_64 only)
|
||||
Patch2000: bz2218234-2-aws-fix-bundled-dateutil-CVE-2007-4559.patch
|
||||
Patch2001: RHEL-11988-2-aws-fix-bundled-urllib3-CVE-2023-43804.patch
|
||||
|
||||
%if 0%{?fedora} || 0%{?rhel} > 7
|
||||
%global supportedagents amt_ws apc apc_snmp bladecenter brocade cisco_mds cisco_ucs compute drac5 eaton_snmp emerson eps evacuate hds_cb hpblade ibmblade ibm_powervs ibm_vpc ifmib ilo ilo_moonshot ilo_mp ilo_ssh intelmodular ipdu ipmilan kdump kubevirt lpar mpath redfish rhevm rsa rsb sbd scsi vmware_rest vmware_soap wti
|
||||
@ -607,11 +606,10 @@ rm -rf %{buildroot}/usr/lib/fence-agents/%{bundled_lib_dir}/kubevirt/rsa*
|
||||
# regular patch doesnt work in build-section
|
||||
pushd %{buildroot}/usr/lib/fence-agents/%{bundled_lib_dir}
|
||||
/usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=0 < %{PATCH1000}
|
||||
/usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=0 < %{PATCH1001}
|
||||
/usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=1 < %{PATCH1001}
|
||||
|
||||
%ifarch x86_64
|
||||
/usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=0 < %{PATCH2000}
|
||||
/usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=0 < %{PATCH2001}
|
||||
%endif
|
||||
popd
|
||||
|
||||
@ -1502,13 +1500,21 @@ Fence agent for IBM z/VM over IP.
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Thu Oct 12 2023 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.2.1-121.2
|
||||
- bundled urllib3: fix CVE-2023-43804
|
||||
Resolves: RHEL-11988
|
||||
* Mon Jan 22 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.2.1-121.4
|
||||
- bundled urllib3: fix CVE-2023-45803
|
||||
Resolves: RHEL-21719
|
||||
- bundled pycryptodome: fix CVE-2023-52323
|
||||
Resolves: RHEL-21727
|
||||
- bundled jinja2: fix CVE-2024-22195
|
||||
Resolves: RHEL-22179
|
||||
|
||||
* Tue Sep 26 2023 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.2.1-122
|
||||
* Fri Oct 13 2023 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.2.1-121.2
|
||||
- bundled urllib3: fix CVE-2023-43804
|
||||
Resolves: RHEL-12434
|
||||
|
||||
* Wed Sep 27 2023 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.2.1-121.1
|
||||
- bundled certifi: fix CVE-2023-37920
|
||||
Resolves: RHEL-6972
|
||||
Resolves: RHEL-9452
|
||||
|
||||
* Thu Aug 3 2023 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.2.1-121
|
||||
- bundled dateutil: fix tarfile CVE-2007-4559
|
||||
|
Loading…
Reference in New Issue
Block a user