From 598a441ca73bc2f28ceac11bec1b57c1d6d7dfdd Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr Date: Mon, 11 Oct 2021 15:31:16 +0200 Subject: [PATCH] update to upstream version 7.5.11 Resolves: rhbz#1993215 Resolves: rhbz#2012165 Resolves: CVE-2021-39226 --- 002-manpages.patch | 4 ++-- README.md | 1 - grafana.spec | 10 +++++++++- sources | 6 +++--- 4 files changed, 14 insertions(+), 7 deletions(-) diff --git a/002-manpages.patch b/002-manpages.patch index e87d709..36ca294 100644 --- a/002-manpages.patch +++ b/002-manpages.patch @@ -4,7 +4,7 @@ index 0000000000..7ac2af882c --- /dev/null +++ b/docs/man/man1/grafana-cli.1 @@ -0,0 +1,60 @@ -+.TH GRAFANA "1" "September 2021" "Grafana cli version 7.5.10" "User Commands" ++.TH GRAFANA "1" "October 2021" "Grafana cli version 7.5.11" "User Commands" +.SH NAME +grafana-cli \- command line administration for the Grafana metrics dashboard and graph editor +.SH DESCRIPTION @@ -70,7 +70,7 @@ index 0000000000..c616268b31 --- /dev/null +++ b/docs/man/man1/grafana-server.1 @@ -0,0 +1,72 @@ -+.TH VERSION "1" "September 2021" "Version 7.5.10" "User Commands" ++.TH VERSION "1" "October 2021" "Version 7.5.11" "User Commands" +.SH NAME +grafana-server \- back-end server for the Grafana metrics dashboard and graph editor +.SH DESCRIPTION diff --git a/README.md b/README.md index 5ce9598..2feb530 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,6 @@ The grafana package * update the manpages patch in `002-manpages.patch` and other patches if required * run local build: `rpkg local` * run rpm linter: `rpkg lint -r grafana.rpmlintrc` -* run local builds with different OS versions: `./run_container_build.sh fedora-version` * run a scratch build: `fedpkg scratch-build --srpm` * upload new source tarballs: `fedpkg new-sources *.tar.gz *.tar.xz` * commit new `sources` file diff --git a/grafana.spec b/grafana.spec index 35f359b..987ac54 100644 --- a/grafana.spec +++ b/grafana.spec @@ -29,7 +29,7 @@ end} %endif Name: grafana -Version: 7.5.10 +Version: 7.5.11 Release: 1%{?dist} Summary: Metrics dashboard and graph editor License: ASL 2.0 @@ -619,6 +619,10 @@ export GOPATH=%{_builddir} # let's set the time zone to a time zone without daylight saving time export TZ=GMT +# GO111MODULE=on automatically skips vendored macaron sources in pkg/macaron +# GO111MODULE=off doesn't skip them, and fails with an error due to the canoncial import path +rm -r pkg/macaron + %gotest ./pkg/... %if %{enable_fips_mode} @@ -716,6 +720,10 @@ GOLANG_FIPS=1 go test -v ./pkg/util -run TestEncryption %changelog +* Mon Oct 11 2021 Andreas Gerstmayr 7.5.11-1 +- update to 7.5.11 tagged upstream community sources, see CHANGELOG +- resolve CVE-2021-39226 + * Thu Sep 30 2021 Andreas Gerstmayr 7.5.10-1 - update to 7.5.10 tagged upstream community sources, see CHANGELOG diff --git a/sources b/sources index bbd71f0..2206676 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (grafana-7.5.10.tar.gz) = 6216f8deb0cd13ecda9fa95b1dc2b1fcd70de8b401e55579d79e923be412d3a64abaecbacc5a66c9667053dc31c7325f238a4b0a7058c8781a48bd276f491514 -SHA512 (grafana-webpack-7.5.10-1.tar.gz) = 9080f00ff06299a4a056902da3833b53a72b1b662769b575b0d620b882a1ffba183d26ba067442b57673b6f3737b72e1c71ac8535b2e0242590aae004c65e41f -SHA512 (grafana-vendor-7.5.10-1.tar.xz) = f7d10af0cd72430268b18d439081aa132cf3d1095b8be8558a678fb5c6736991700d6f0ed7d5db177e97cd8870b763bef1356f5017899899597119743b849265 +SHA512 (grafana-7.5.11.tar.gz) = 355af8d8cff77b2222d18559add8d2a16b086f6354d92b188d2f26fc0b7ffa04b877e568ddcfbc61b8786bdfdc59263009b727ef00b56438ef3fa9bbe6d80583 +SHA512 (grafana-webpack-7.5.11-1.tar.gz) = da927873d5797849783b02126e3f30384fd02ded604c3e50667a27ba1d1c9f9fb6a646ec48f1ac141ffd261c4132b303ffb970d84418332dae60f375258268f6 +SHA512 (grafana-vendor-7.5.11-1.tar.xz) = 37437f704ee51323d058072a63c3e8700268bf97dd58577a6f6c64b9c8f7ee35b120aa46ba8aea3854a088eddd6a59c24cee0232ecfa52de5b8c8cba5041a96e