diff --git a/.libmaxminddb.metadata b/.libmaxminddb.metadata new file mode 100644 index 0000000..089292c --- /dev/null +++ b/.libmaxminddb.metadata @@ -0,0 +1 @@ +9e00fef11ceb8df1dc56ce3276bf2193c5baa5c8 libmaxminddb-1.5.2.tar.gz diff --git a/ci.fmf b/ci.fmf index 2176f3d..c5aa0e0 100644 --- a/ci.fmf +++ b/ci.fmf @@ -1,13 +1 @@ -/test: - summary: - CI plan, picks Tier1 tests, runs in beakerlib. - description: - This special plan has to be named ci.fmf to run in CI. - It selects test which have 'tier 1' in their main.fmf file - discover: - - name: tier1 - how: fmf - filter: 'tier: 1' - url: "https://src.fedoraproject.org/tests/libmaxminddb.git" - execute: - how: beakerlib +resultsdb-testcase: separate diff --git a/gating.yaml b/gating.yaml index 7cd5018..de5c323 100644 --- a/gating.yaml +++ b/gating.yaml @@ -1,7 +1,27 @@ --- !Policy product_versions: - - rhel-9 + - fedora-* +decision_context: bodhi_update_push_testing +subject_type: koji_build +rules: + - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/public.functional} + +#Rawhide +--- !Policy +product_versions: + - fedora-* +decision_context: bodhi_update_push_stable +subject_type: koji_build +rules: + - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/public.functional} + +#gating rhel +--- !Policy +product_versions: + - rhel-* decision_context: osci_compose_gate rules: - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional} - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tedude.validation} + - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-internal.functional} + - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/public.functional} diff --git a/libmaxminddb-0000-sast-findings.patch b/libmaxminddb-0000-sast-findings.patch new file mode 100644 index 0000000..88117d3 --- /dev/null +++ b/libmaxminddb-0000-sast-findings.patch @@ -0,0 +1,16 @@ +diff --git a/t/libtap/tap.c b/t/libtap/tap.c +index 152e39e..8b4c325 100644 +--- a/t/libtap/tap.c ++++ b/t/libtap/tap.c +@@ -214,8 +214,10 @@ diag (const char *fmt, ...) { + char *mesg, *line; + int i; + va_start(args, fmt); +- if (!fmt) ++ if (!fmt) { ++ va_end(args); + return 0; ++ } + mesg = vstrdupf(fmt, args); + line = mesg; + for (i = 0; *line; i++) { diff --git a/libmaxminddb.spec b/libmaxminddb.spec index 1596af8..8dab5d0 100644 --- a/libmaxminddb.spec +++ b/libmaxminddb.spec @@ -1,7 +1,7 @@ Name: libmaxminddb Summary: C library for the MaxMind DB file format Version: 1.5.2 -Release: 3%{?dist} +Release: 4%{?dist} URL: https://maxmind.github.io/libmaxminddb Source: https://github.com/maxmind/libmaxminddb/releases/download/%{version}/%{name}-%{version}.tar.gz @@ -16,6 +16,7 @@ BuildRequires: libtool BuildRequires: perl-interpreter BuildRequires: perl(FindBin) BuildRequires: make +BuildRequires: git-core %description The package contains libmaxminddb library. @@ -29,7 +30,7 @@ The package contains development header files for the libmaxminddb library and the mmdblookup utility which allows IP address lookup in a MaxMind DB file. %prep -%autosetup +%autosetup -S git sed -i -e '/AM_CFLAGS=/d' common.mk sed -i -e '/CFLAGS=/d' configure.ac @@ -77,6 +78,9 @@ EOF %{_mandir}/man3/*.3* %changelog +* Mon Apr 29 2024 Michal Ruprich - 1.5.2-4 +- Resolves: RHEL-30424 - Addressing findings from static application security testing + * Mon Aug 09 2021 Mohan Boddu - 1.5.2-3 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz#1991688 diff --git a/plans/public.fmf b/plans/public.fmf new file mode 100644 index 0000000..bcc7b21 --- /dev/null +++ b/plans/public.fmf @@ -0,0 +1,6 @@ +summary: Test plan with all Fedora tests +discover: + how: fmf + url: https://src.fedoraproject.org/tests/libmaxminddb.git +execute: + how: tmt diff --git a/plans/tier1-internal.fmf b/plans/tier1-internal.fmf new file mode 100644 index 0000000..b4a763a --- /dev/null +++ b/plans/tier1-internal.fmf @@ -0,0 +1,12 @@ +summary: CI plan, picks internal Tier1 tests, runs in beakerlib. +discover: + - name: rhel + how: fmf + filter: 'tier: 1' + url: git://pkgs.devel.redhat.com/tests/libmaxminddb +execute: + how: tmt +adjust: + enabled: false + when: distro == centos-stream, fedora + because: They don't have access to internal repos.