rpms/pacemaker
5
0
Fork 0
Code Issues Pull Requests Releases Activity

2.0.1-2 - Apply fixes for security issues

Browse Source 
. CVE-2019-3885 (use-after-free with potential information disclosure)
. CVE-2018-16877 (insufficient local IPC client-server authentication)
. CVE-2018-16878 (insufficient verification inflicted preference of
                  uncontrolled processes)

Signed-off-by: Jan Pokorný <jpokorny@redhat.com>
This commit is contained in:
Jan Pokorný 2019-04-09 19:56:30 +02:00
parent 4f0b9c09fd
commit ccade529e9
No known key found for this signature in database
GPG Key ID: 61BBB23A9E8F8DE2
1 changed files with 15 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
pacemaker.spec
View File

@ -14,7 +14,7 @@
## can be incremented to build packages reliably considered "newer" ## can be incremented to build packages reliably considered "newer"
## than previously built packages with the same pcmkversion) ## than previously built packages with the same pcmkversion)
%global pcmkversion 2.0.1 %global pcmkversion 2.0.1
%global specversion 1 %global specversion 2
## Upstream commit (or git tag, such as "Pacemaker-" plus the ## Upstream commit (or git tag, such as "Pacemaker-" plus the
## {pcmkversion} macro for an official release) to use for this package ## {pcmkversion} macro for an official release) to use for this package
@ -144,6 +144,9 @@ Source0: https://github.com/%{github_owner}/%{name}/archive/%{commit}/%{na
Source1: https://github.com/%{github_owner}/%{nagios_name}/archive/%{nagios_hash}/%{nagios_name}-%{nagios_hash}.tar.gz Source1: https://github.com/%{github_owner}/%{nagios_name}/archive/%{nagios_hash}/%{nagios_name}-%{nagios_hash}.tar.gz
# --- # ---
# patches go here # patches go here
Patch0: High-libservices-fix-use-after-free-wrt.-alert-handl.patch
Patch1: High-pacemakerd-vs.-IPC-procfs-confused-deputy-authentic.patch
Patch2: Med-controld-fix-possible-NULL-pointer-dereference.patch
Requires: resource-agents Requires: resource-agents
Requires: %{name}-libs%{?_isa} = %{version}-%{release} Requires: %{name}-libs%{?_isa} = %{version}-%{release}
@ -188,7 +191,7 @@ BuildRequires: asciidoc inkscape publican
%endif %endif
# git-style patch application # git-style patch application
#BuildRequires: git BuildRequires: git
Provides: pcmk-cluster-manager = %{version}-%{release} Provides: pcmk-cluster-manager = %{version}-%{release}
Provides: pcmk-cluster-manager%{?_isa} = %{version}-%{release} Provides: pcmk-cluster-manager%{?_isa} = %{version}-%{release}
@ -346,9 +349,9 @@ monitor resources.
%prep %prep
%setup -q -a 1 -n %{name}-%{commit} %setup -q -a 1 -n %{name}-%{commit}
#global __scm git_am %global __scm git_am
#__scm_setup_git %__scm_setup_git
#autopatch -p1 %autopatch -p1
%build %build
@ -704,6 +707,13 @@ exit 0
%license %{nagios_name}-%{nagios_hash}/COPYING %license %{nagios_name}-%{nagios_hash}/COPYING
%changelog %changelog
* Wed Apr 17 2019 Jan Pokorný <jpokorny+rpm-pacemaker@redhat.com> - 2.0.1-2
- Apply fixes for security issues:
. CVE-2019-3885 (use-after-free with potential information disclosure)
. CVE-2018-16877 (insufficient local IPC client-server authentication)
. CVE-2018-16878 (insufficient verification inflicted preference of
uncontrolled processes)
* Tue Mar 05 2019 Jan Pokorný <jpokorny+rpm-pacemaker@redhat.com> - 2.0.1-1 * Tue Mar 05 2019 Jan Pokorný <jpokorny+rpm-pacemaker@redhat.com> - 2.0.1-1
- Update for new upstream tarball: Pacemaker-2.0.1, - Update for new upstream tarball: Pacemaker-2.0.1,
for full details, see included ChangeLog file or for full details, see included ChangeLog file or