New upstream version 1.1.2.

Remove patches which are upstream.
Contains fix for NBD Protocol Downgrade Attack (CVE-2019-14842).
This commit is contained in:
Richard W.M. Jones 2019-09-17 16:42:32 +01:00
parent 52e6bd7cc3
commit 46c80ed0b2
3 changed files with 9 additions and 37 deletions

View File

@ -1,30 +0,0 @@
From d6cbd130101add28431bd6e67aa2ea0430a9234e Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Wed, 11 Sep 2019 22:25:57 +0100
Subject: [PATCH] nbdsh: Fix behaviour of globals.
https://stackoverflow.com/a/11754346
---
python/nbdsh.py | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/python/nbdsh.py b/python/nbdsh.py
index bb0db64..553e632 100644
--- a/python/nbdsh.py
+++ b/python/nbdsh.py
@@ -57,8 +57,10 @@ help (nbd) # Display documentation
if not args.command:
code.interact (banner = banner, local = locals(), exitmsg = '')
else:
+ # https://stackoverflow.com/a/11754346
+ d = dict (locals(), **globals())
for c in args.command:
if c != '-':
- exec (c)
+ exec (c, d, d)
else:
- exec (sys.stdin.read ())
+ exec (sys.stdin.read (), d, d)
--
2.23.0

View File

@ -8,8 +8,8 @@
%global source_directory 1.1-development %global source_directory 1.1-development
Name: libnbd Name: libnbd
Version: 1.1.1 Version: 1.1.2
Release: 2%{?dist} Release: 1%{?dist}
Summary: NBD client library in userspace Summary: NBD client library in userspace
License: LGPLv2+ License: LGPLv2+
@ -22,9 +22,6 @@ Source1: http://libguestfs.org/download/libnbd/%{source_directory}/%{name
# https://pgp.key-server.io/pks/lookup?search=rjones%40redhat.com&fingerprint=on&op=vindex # https://pgp.key-server.io/pks/lookup?search=rjones%40redhat.com&fingerprint=on&op=vindex
Source2: libguestfs.keyring Source2: libguestfs.keyring
# Upstream patch to fix nbdsh.
Patch0001: 0001-nbdsh-Fix-behaviour-of-globals.patch
%if 0%{patches_touch_autotools} %if 0%{patches_touch_autotools}
BuildRequires: autoconf, automake, libtool BuildRequires: autoconf, automake, libtool
%endif %endif
@ -222,6 +219,11 @@ make %{?_smp_mflags} check || {
%changelog %changelog
* Tue Sep 17 2019 Richard W.M. Jones <rjones@redhat.com> - 1.1.2-1
- New upstream version 1.1.2.
- Remove patches which are upstream.
- Contains fix for NBD Protocol Downgrade Attack (CVE-2019-14842).
* Thu Sep 12 2019 Richard W.M. Jones <rjones@redhat.com> - 1.1.1-2 * Thu Sep 12 2019 Richard W.M. Jones <rjones@redhat.com> - 1.1.1-2
- Add upstream patch to fix nbdsh (for nbdkit tests). - Add upstream patch to fix nbdsh (for nbdkit tests).

View File

@ -1,2 +1,2 @@
SHA512 (libnbd-1.1.1.tar.gz) = 2ce73c838df635f454a453decc5ff1e466aec7af1f4d940ec5b5c383cb0df11995abf83a734c11da5280af30d6130f045d783dfe32e9925740d760a38d316e23 SHA512 (libnbd-1.1.2.tar.gz) = 500bcd85f71b4ed6b20aaf04fc532b399eb9a2a67680b4ae21559c47fa6ed695caa8543a810fadc668654b8cd9b40852c49cfd9d96b794669dafcdfc8cc7685a
SHA512 (libnbd-1.1.1.tar.gz.sig) = f8aa291d9c9e5fdbbb5cdd3c9151e1594942f37db87399d1f37515c072f72f3c395867d1f909e0198f47e3a51e94d2d6c3e4b377741666d8909f20b32653f198 SHA512 (libnbd-1.1.2.tar.gz.sig) = 9aab00482d132845f14bb430e2eb7f3b63dc0b631cb9bd308f8d4fb5e86c281074de2ff0ba62a5a5f21caa1e890a42b3e8ad4cfd18b91220af58cddb2f83a27b