Update to 2.0.10

2018-11-26 11:48:53 -06:00 · 2018-11-26 11:48:53 -06:00 · ee2512c93d
commit ee2512c93d
parent dcb381c233
3 changed files with 10 additions and 2 deletions
--- a/.gitignore
+++ b/.gitignore
@ -26,3 +26,4 @@
 /keepalived-1.4.5.tar.gz
 /keepalived-2.0.5.tar.gz
 /keepalived-2.0.6.tar.gz
+/keepalived-2.0.10.tar.gz
--- a/keepalived.spec
+++ b/keepalived.spec
@ -8,7 +8,7 @@

 Name: keepalived
 Summary: High Availability monitor built upon LVS, VRRP and service pollers
-Version: 2.0.6
+Version: 2.0.10
 Release: 1%{?dist}
 License: GPLv2+
 URL: http://www.keepalived.org/
@ -96,6 +96,13 @@ mkdir -p %{buildroot}%{_libexecdir}/keepalived
 %{_mandir}/man8/keepalived.8*

 %changelog
+* Mon Nov 26 2018 Ryan O'Hara <rohara@redhat.com> - 2.0.10-1
+- Update to 2.0.10
+- Fix improper pathname validation (#1651864, CVE-2018-19044)
+- Fix insecure permissions when creating temporary files (#1651868, CVE-2018-19045)
+- Fix insecure use of temporary files (#1651870, CVE-2018-19046)
+- Fix buffer overflow when parsing HTTP status codes (#1651873, CVE-2018-19047)
+
 * Wed Jul 25 2018 Ryan O'Hara <rohara@redhat.com> - 2.0.6-1
 - Update to 2.0.6 (#1576138)

--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (keepalived-2.0.6.tar.gz) = 9e340825b443c02ba1afe27d9ad97afc34722d80a27fc9a5f934157ec04ff15cef0a82b68c8917712415dc7ef079e27af88ac29a372ef42c87fcc9f9b8ab751e
+SHA512 (keepalived-2.0.10.tar.gz) = e76562e5d9d9dc945f0c9702f5f3c6be6acd8c66a59aea1f8287810a2eeb4c65b6cb7e1cd84c1e478978f7db94dba7f8a918ca4847f90a6554b20d757addd2db