From a74ecc2c10a976642372954f4f64a74478225361 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Wed, 16 Dec 2020 16:35:29 +0000 Subject: [PATCH] import hyperv-daemons-0-0.30.20180415git.el8 --- ...nge-http-to-https-in-hv_kvp_daemon.c.patch | 59 +++++++++++++++++++ SPECS/hyperv-daemons.spec | 10 +++- 2 files changed, 68 insertions(+), 1 deletion(-) create mode 100644 SOURCES/hvd-tools-hv-change-http-to-https-in-hv_kvp_daemon.c.patch diff --git a/SOURCES/hvd-tools-hv-change-http-to-https-in-hv_kvp_daemon.c.patch b/SOURCES/hvd-tools-hv-change-http-to-https-in-hv_kvp_daemon.c.patch new file mode 100644 index 0000000..f03e9c1 --- /dev/null +++ b/SOURCES/hvd-tools-hv-change-http-to-https-in-hv_kvp_daemon.c.patch @@ -0,0 +1,59 @@ +From e956573e4fd5e489fd68a7d46f0aa715ee19084e Mon Sep 17 00:00:00 2001 +From: Mohammed Gamal +Date: Wed, 25 Nov 2020 15:23:29 +0100 +Subject: [PATCH] tools: hv: change http to https in hv_kvp_daemon.c + +RH-Author: Mohammed Gamal Morsy (mmorsy) +RH-MergeRequest: 1: RHEL 8.4.0 updates +RH-Commit: [1/1] b7202f11 (mmorsy/hyperv-daemons) +RH-Bugzilla: 1886104 + +The patch has no functional change. Only changes the URL pointed to +in one of the comments + +commit fa52a4b2d0ab416508538bb47a95167d4c94caac +Author: Alexander A. Klimov +Date: Sun Jul 5 23:44:57 2020 +0200 + + tools: hv: change http to https in hv_kvp_daemon.c + + Rationale: + Reduces attack surface on kernel devs opening the links for MITM + as HTTPS traffic is much harder to manipulate. + + Deterministic algorithm: + For each file: + If not .svg: + For each line: + If doesn't contain `\bxmlns\b`: + For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`: + If both the HTTP and HTTPS versions + return 200 OK and serve the same content: + Replace HTTP with HTTPS. + + Signed-off-by: Alexander A. Klimov + Link: https://lore.kernel.org/r/20200705214457.28433-1-grandmaster@al2klimov.de + [ wei: change subject line to be more specific ] + Signed-off-by: Wei Liu + +Signed-off-by: Mohammed Gamal +--- + hv_kvp_daemon.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hv_kvp_daemon.c b/hv_kvp_daemon.c +index ee9c1bb..1e6fd6c 100644 +--- a/hv_kvp_daemon.c ++++ b/hv_kvp_daemon.c +@@ -437,7 +437,7 @@ void kvp_get_os_info(void) + + /* + * Parse the /etc/os-release file if present: +- * http://www.freedesktop.org/software/systemd/man/os-release.html ++ * https://www.freedesktop.org/software/systemd/man/os-release.html + */ + file = fopen("/etc/os-release", "r"); + if (file != NULL) { +-- +2.18.4 + diff --git a/SPECS/hyperv-daemons.spec b/SPECS/hyperv-daemons.spec index ee3450f..6168f46 100644 --- a/SPECS/hyperv-daemons.spec +++ b/SPECS/hyperv-daemons.spec @@ -13,7 +13,7 @@ Name: hyperv-daemons Version: 0 -Release: 0.29%{?snapver}%{?dist} +Release: 0.30%{?snapver}%{?dist} Summary: Hyper-V daemons suite Group: System Environment/Daemons @@ -56,6 +56,8 @@ Patch2: hpvd-Set-IgnoreOnIsolate-1-in-systemd-units.patch Patch3: hvd-Update-C-files-and-scripts-to-kernel-version-5.7-rc1.patch # For bz#1816750 - [Hyper-V][RHEL8.3] Update Hyper-V tools Patch4: hvd-Add-vmbus_testing-tool-build-files.patch +# For bz#1886104 - [Hyper-V][RHEL8.4] Update Hyper-V-Daemons +Patch5: hvd-tools-hv-change-http-to-https-in-hv_kvp_daemon.c.patch # Hyper-V is available only on x86 architectures # The base empty (a.k.a. virtual) package can not be noarch @@ -165,6 +167,7 @@ cp -pvL %{SOURCE4} hv_set_ifconfig.sh %patch2 -p1 %patch3 -p1 %patch4 -p1 +%patch5 -p1 %build # HYPERV KVP DAEMON @@ -282,6 +285,11 @@ fi %{_sbindir}/vmbus_testing %changelog +* Thu Dec 03 2020 Miroslav Rezanina - 0-0.30.20180415git.el8 +- hvd-tools-hv-change-http-to-https-in-hv_kvp_daemon.c.patch [bz#1886104] +- Resolves: bz#1886104 + ([Hyper-V][RHEL8.4] Update Hyper-V-Daemons) + * Wed Apr 15 2020 Miroslav Rezanina - 0-0.29.20180415git.el8 - hvd-Update-C-files-and-scripts-to-kernel-version-5.7-rc1.patch [bz#1816750] - hvd-Add-vmbus_testing-tool-build-files.patch [bz#1816750]