From 8d18969d787440a102e043b6434b95ccdcb0ddb9 Mon Sep 17 00:00:00 2001 From: Michal Pospisil Date: Wed, 22 May 2024 15:09:02 +0200 Subject: [PATCH] pcs-0.11.7-3 - Rebased to the latest sources (see CHANGELOG.md) Resolves: RHEL-2977, RHEL-16231, RHEL-21051, RHEL-25854, RHEL-27492, RHEL-28749, RHEL-34781, RHEL-36514 - Updated pcs-web-ui to 0.1.19 Resolves: RHEL-7726, RHEL-21895, RHEL-21896, RHEL-21897 - Updated bundled rubygems: backports, childprocess, nio4r, puma, rack, rack-protection, sinatra - Bundled new rubygems: base64, rack-session, rackup, webrick - Started bundling webrick again as a dependency of rackup - we no longer use it but rackup requires webrick --- .gitignore | 15 +++++ ...t-cluster-setup-with-udp-u-transport.patch | 10 +-- pcs.spec | 63 ++++++++++++++----- sources | 26 ++++---- 4 files changed, 82 insertions(+), 32 deletions(-) diff --git a/.gitignore b/.gitignore index 853fe0d..eda12ba 100644 --- a/.gitignore +++ b/.gitignore @@ -219,3 +219,18 @@ /tornado-6.3.3.tar.gz /pcs-0.11.7.tar.gz /rack-2.2.8.1.gem +/backports-3.25.0.gem +/base64-0.2.0.gem +/childprocess-5.0.0.gem +/nio4r-2.7.3.gem +/puma-6.4.2.gem +/rack-3.0.11.gem +/rack-protection-4.0.0.gem +/rack-session-2.0.0.gem +/rackup-2.1.0.gem +/sinatra-4.0.0.gem +/webrick-1.8.1.gem +/tornado-6.4.0.tar.gz +/pcs-2f4ebe9dfb2d9854e6ae05834e6062d245dae88d.tar.gz +/pcs-web-ui-0.1.19.tar.gz +/pcs-web-ui-node-modules-0.1.19.tar.xz diff --git a/do-not-support-cluster-setup-with-udp-u-transport.patch b/do-not-support-cluster-setup-with-udp-u-transport.patch index 168a20f..6f16e3d 100644 --- a/do-not-support-cluster-setup-with-udp-u-transport.patch +++ b/do-not-support-cluster-setup-with-udp-u-transport.patch @@ -1,4 +1,4 @@ -From cf1e0cc06a94804a4a98a12ee06d09e5786bad1b Mon Sep 17 00:00:00 2001 +From 8ce98fb865ff3904df86bca34b6687f5789462f0 Mon Sep 17 00:00:00 2001 From: Ivan Devat Date: Tue, 20 Nov 2018 15:03:56 +0100 Subject: [PATCH] do not support cluster setup with udp(u) transport in RHEL9 @@ -9,7 +9,7 @@ Subject: [PATCH] do not support cluster setup with udp(u) transport in RHEL9 2 files changed, 3 insertions(+) diff --git a/pcs/pcs.8.in b/pcs/pcs.8.in -index 55f4b4a9..8cc9360d 100644 +index 63c40b78..f69a75b8 100644 --- a/pcs/pcs.8.in +++ b/pcs/pcs.8.in @@ -479,6 +479,8 @@ By default, encryption is enabled with cipher=aes256 and hash=sha256. To disable @@ -22,10 +22,10 @@ index 55f4b4a9..8cc9360d 100644 .br Transport options are: ip_version, netmtu diff --git a/pcs/usage.py b/pcs/usage.py -index cc6c5803..a7d4b24b 100644 +index a4af30d4..7c7fc7ea 100644 --- a/pcs/usage.py +++ b/pcs/usage.py -@@ -1482,6 +1482,7 @@ Commands: +@@ -1490,6 +1490,7 @@ Commands: hash=sha256. To disable encryption, set cipher=none and hash=none. Transports udp and udpu: @@ -34,5 +34,5 @@ index cc6c5803..a7d4b24b 100644 support traffic encryption nor compression. Transport options are: -- -2.43.0 +2.45.1 diff --git a/pcs.spec b/pcs.spec index f8db3a3..90be998 100644 --- a/pcs.spec +++ b/pcs.spec @@ -1,14 +1,14 @@ Name: pcs Version: 0.11.7 -Release: 2%{?dist} +Release: 3%{?dist} # https://docs.fedoraproject.org/en-US/packaging-guidelines/LicensingGuidelines/ # https://fedoraproject.org/wiki/Licensing:Main?rd=Licensing#Good_Licenses # GPL-2.0-only: pcs # Apache-2.0: tornado # MIT: backports, childprocess, dacite, ethon, mustermann, rack, -# rack-protection, rack-test, sinatra, tilt +# rack-protection, rack-session, rack-test, rackup, sinatra, tilt # MIT and (BSD-2-Clause or GPL-2.0-or-later): nio4r -# BSD-2-Clause or Ruby: ruby2_keywords +# BSD-2-Clause or Ruby: base64, ruby2_keywords, webrick # BSD-3-Clause: puma # BSD-3-Clause and MIT: ffi License: GPL-2.0-only AND Apache-2.0 AND MIT AND BSD-3-Clause AND (BSD-2-Clause OR Ruby) AND (BSD-2-Clause OR GPL-2.0-or-later) @@ -19,33 +19,37 @@ Summary: Pacemaker/Corosync Configuration System ExclusiveArch: i686 x86_64 s390x ppc64le aarch64 # When specifying a commit, use its long hash -%global version_or_commit %{version} -# %%global version_or_commit aaa16e0de986890e6ca3038f907bbad331e41a87 +# %%global version_or_commit %%{version} +%global version_or_commit 2f4ebe9dfb2d9854e6ae05834e6062d245dae88d %global pcs_source_name %{name}-%{version_or_commit} # ui_commit can be determined by hash, tag or branch -%global ui_commit 0.1.18 -%global ui_modules_version 0.1.18 +%global ui_commit 0.1.19 +%global ui_modules_version 0.1.19 %global ui_src_name pcs-web-ui-%{ui_commit} %global pcs_snmp_pkg_name pcs-snmp %global pyagentx_version 0.4.pcs.2 -%global tornado_version 6.3.3 +%global tornado_version 6.4.0 %global dacite_version 1.8.1 -%global version_rubygem_backports 3.24.1 -%global version_rubygem_childprocess 4.1.0 +%global version_rubygem_backports 3.25.0 +%global version_rubygem_base64 0.2.0 +%global version_rubygem_childprocess 5.0.0 %global version_rubygem_ethon 0.16.0 %global version_rubygem_ffi 1.16.3 %global version_rubygem_mustermann 3.0.0 -%global version_rubygem_nio4r 2.5.9 -%global version_rubygem_puma 6.4.0 -%global version_rubygem_rack 2.2.8.1 -%global version_rubygem_rack_protection 3.1.0 +%global version_rubygem_nio4r 2.7.3 +%global version_rubygem_puma 6.4.2 +%global version_rubygem_rack 3.0.11 +%global version_rubygem_rack_protection 4.0.0 +%global version_rubygem_rack_session 2.0.0 %global version_rubygem_rack_test 2.1.0 +%global version_rubygem_rackup 2.1.0 %global version_rubygem_ruby2_keywords 0.0.5 -%global version_rubygem_sinatra 3.1.0 +%global version_rubygem_sinatra 4.0.0 %global version_rubygem_tilt 2.3.0 +%global version_rubygem_webrick 1.8.1 %global required_pacemaker_version 2.1.0 @@ -94,6 +98,10 @@ Source90: https://rubygems.org/downloads/rack-test-%{version_rubygem_rack_test}. Source91: https://rubygems.org/downloads/sinatra-%{version_rubygem_sinatra}.gem Source92: https://rubygems.org/downloads/tilt-%{version_rubygem_tilt}.gem Source93: https://rubygems.org/downloads/ruby2_keywords-%{version_rubygem_ruby2_keywords}.gem +Source94: https://rubygems.org/downloads/base64-%{version_rubygem_base64}.gem +Source95: https://rubygems.org/downloads/rack-session-%{version_rubygem_rack_session}.gem +Source96: https://rubygems.org/downloads/rackup-%{version_rubygem_rackup}.gem +Source97: https://rubygems.org/downloads/webrick-%{version_rubygem_webrick}.gem Source100: https://github.com/ClusterLabs/pcs-web-ui/archive/%{ui_commit}/%{ui_src_name}.tar.gz Source101: https://github.com/ClusterLabs/pcs-web-ui/releases/download/%{ui_commit}/pcs-web-ui-node-modules-%{ui_modules_version}.tar.xz @@ -201,6 +209,7 @@ Requires: nss-tools Provides: bundled(tornado) = %{tornado_version} Provides: bundled(dacite) = %{dacite_version} Provides: bundled(backports) = %{version_rubygem_backports} +Provides: bundled(base64) = %{version_rubygem_base64} Provides: bundled(childprocess) = %{version_rubygem_childprocess} Provides: bundled(ethon) = %{version_rubygem_ethon} Provides: bundled(ffi) = %{version_rubygem_ffi} @@ -209,10 +218,13 @@ Provides: bundled(nio4r) = %{version_rubygem_nio4r} Provides: bundled(puma) = %{version_rubygem_puma} Provides: bundled(rack) = %{version_rubygem_rack} Provides: bundled(rack_protection) = %{version_rubygem_rack_protection} +Provides: bundled(rack_session) = %{version_rubygem_rack_session} Provides: bundled(rack_test) = %{version_rubygem_rack_test} +Provides: bundled(rackup) = %{version_rubygem_rackup} Provides: bundled(ruby2_keywords) = %{version_rubygem_ruby2_keywords} Provides: bundled(sinatra) = %{version_rubygem_sinatra} Provides: bundled(tilt) = %{version_rubygem_tilt} +Provides: bundled(webrick) = %{version_rubygem_webrick} %description pcs is a corosync and pacemaker configuration tool. It permits users to @@ -318,6 +330,10 @@ cp -f %SOURCE90 %{rubygem_cache_dir} cp -f %SOURCE91 %{rubygem_cache_dir} cp -f %SOURCE92 %{rubygem_cache_dir} cp -f %SOURCE93 %{rubygem_cache_dir} +cp -f %SOURCE94 %{rubygem_cache_dir} +cp -f %SOURCE95 %{rubygem_cache_dir} +cp -f %SOURCE96 %{rubygem_cache_dir} +cp -f %SOURCE97 %{rubygem_cache_dir} # 2) prepare python bundles @@ -357,8 +373,8 @@ mkdir -p ${RPM_BUILD_ROOT}%{_libdir}/%{pcsd_public_dir}/ui/static/media ln -fs /etc/favicon.png ${RPM_BUILD_ROOT}%{_libdir}/%{pcsd_public_dir}/ui/static/media/favicon.png # prepare license files -# some rubygems do not have a license file (thin) mv %{rubygem_bundle_dir}/gems/backports-%{version_rubygem_backports}/LICENSE.txt backports_LICENSE.txt +mv %{rubygem_bundle_dir}/gems/base64-%{version_rubygem_base64}/LICENSE.txt base64_LICENSE.txt mv %{rubygem_bundle_dir}/gems/childprocess-%{version_rubygem_childprocess}/LICENSE childprocess_LICENSE mv %{rubygem_bundle_dir}/gems/ethon-%{version_rubygem_ethon}/LICENSE ethon_LICENSE mv %{rubygem_bundle_dir}/gems/ffi-%{version_rubygem_ffi}/COPYING ffi_COPYING @@ -370,10 +386,13 @@ mv %{rubygem_bundle_dir}/gems/nio4r-%{version_rubygem_nio4r}/ext/libev/LICENSE n mv %{rubygem_bundle_dir}/gems/puma-%{version_rubygem_puma}/LICENSE puma_LICENSE mv %{rubygem_bundle_dir}/gems/rack-%{version_rubygem_rack}/MIT-LICENSE rack_MIT-LICENSE mv %{rubygem_bundle_dir}/gems/rack-protection-%{version_rubygem_rack_protection}/License rack-protection_License +mv %{rubygem_bundle_dir}/gems/rack-session-%{version_rubygem_rack_session}/license.md rack-session_license.md mv %{rubygem_bundle_dir}/gems/rack-test-%{version_rubygem_rack_test}/MIT-LICENSE.txt rack-test_MIT-LICENSE.txt +mv %{rubygem_bundle_dir}/gems/rackup-%{version_rubygem_rackup}/license.md rackup_license.md mv %{rubygem_bundle_dir}/gems/ruby2_keywords-%{version_rubygem_ruby2_keywords}/LICENSE ruby2_keywords_LICENSE mv %{rubygem_bundle_dir}/gems/sinatra-%{version_rubygem_sinatra}/LICENSE sinatra_LICENSE mv %{rubygem_bundle_dir}/gems/tilt-%{version_rubygem_tilt}/COPYING tilt_COPYING +mv %{rubygem_bundle_dir}/gems/webrick-%{version_rubygem_webrick}/LICENSE.txt webrick_LICENSE.txt cp %{pcs_bundled_dir}/src/pyagentx-*/LICENSE.txt pyagentx_LICENSE.txt cp %{pcs_bundled_dir}/src/pyagentx-*/CONTRIBUTORS.txt pyagentx_CONTRIBUTORS.txt @@ -481,6 +500,7 @@ run_all_tests %license COPYING # rubygem licenses %license backports_LICENSE.txt +%license base64_LICENSE.txt %license childprocess_LICENSE %license ethon_LICENSE %license ffi_COPYING @@ -492,10 +512,13 @@ run_all_tests %license puma_LICENSE %license rack_MIT-LICENSE %license rack-protection_License +%license rack-session_license.md %license rack-test_MIT-LICENSE.txt +%license rackup_license.md %license ruby2_keywords_LICENSE %license sinatra_LICENSE %license tilt_COPYING +%license webrick_LICENSE.txt %{python3_sitelib}/* %{_sbindir}/pcs %{_sbindir}/pcsd @@ -536,6 +559,14 @@ run_all_tests %license pyagentx_LICENSE.txt %changelog +* Tue May 21 2024 Michal Pospisil - 0.11.7-3 +- Rebased to the latest sources (see CHANGELOG.md) + Resolves: RHEL-2977, RHEL-16231, RHEL-21051, RHEL-25854, RHEL-27492, RHEL-28749, RHEL-34781, RHEL-36514 +- Updated pcs-web-ui to 0.1.19 + Resolves: RHEL-7726, RHEL-21895, RHEL-21896, RHEL-21897 +- Updated bundled rubygems: backports, childprocess, nio4r, puma, rack, rack-protection, sinatra +- Bundled new rubygems: base64, rack-session, rackup, webrick + * Tue Mar 19 2024 Michal Pospisil - 0.11.7-2 - Fixed CVE-2024-25126, CVE-2024-26141, CVE-2024-26146 in bundled dependency rack Resolves: RHEL-26446, RHEL-26448, RHEL-26450 diff --git a/sources b/sources index e3a38ef..85b653a 100644 --- a/sources +++ b/sources @@ -1,19 +1,23 @@ SHA512 (pyagentx-0.4.pcs.2.tar.gz) = d4194fec9a3e5fefe3793d49b7fec1feafef294c7e613a06046c2993daeefc5cb39d7c5b2b402ff83e49b2d976953f862264288c758c0be09d997b5323cc558a SHA512 (ruby2_keywords-0.0.5.gem) = f6b9078b111e68c0017e0025ecdccb976c7a32f35c1a8adf9fd879db0c91f89eb9bd799f9527a846e28056f2a5fbf0f3610cda9538570288c493613c35c83a6f -SHA512 (childprocess-4.1.0.gem) = e635c3acfa5ad85891c3879f240c7e96d47d7d5ec3f472f4ce6661552b0fb7bd72c5e3b9fb73f4f9312b749fbe554b4be388e56a31a3c63c39743d055d774def SHA512 (mustermann-3.0.0.gem) = c33d41281fe2ac80c0af0c5c31dbab2068c73b9da19a4b82b387bbe551019fc115675634d932a8e56b070c3a06a85d830c982a103e6c5193aff8647f599be6e3 SHA512 (ethon-0.16.0.gem) = 3b31affcee0d5a5be05b5497d4a8d13515f8393f54579a3a9c8de49f78d3f065bb92659434b023f0a8bf8e0cccfbc94b617695b93c4d3f744cccd1eff2e68905 SHA512 (dacite-1.8.1.tar.gz) = 4b40c0bdcf5490bcc77de9e7f04b7267642bcfd41e4168607a5457f38abe3ad4b3041d8a23cb43af76de14eabee45f900ad5ddf7af8f70a2be4850bccc2d3af1 -SHA512 (nio4r-2.5.9.gem) = d1c52896f186d19eb089a94d74ccadb427e64c204af149aa83a5a4dda3f0edd1bd2bae94afd21fcd58e3c2b9e2c17278a18717c0905de80e45540d13eeefd9e5 -SHA512 (backports-3.24.1.gem) = b2eeb76ebf8ddfc7e349e125c6b9cffcabe3d184533579dbf2abb5f663ce85f4a6f8b01b67be4030c98f4782c63511046a1a1efa4d573a9aeb700dcbb9f9f566 SHA512 (rack-test-2.1.0.gem) = e349ce61c3d787e0a772980db697e92212d4d9592ce33f55516d1f85fba55cbe666496c76392679b057786d6dab603d74b83e7bb773ab54940343e36dbf05d6f SHA512 (ffi-1.16.3.gem) = b3d823a03055412a85ae3dbc10c3b50615614f0b66830e144ca47610b1f93f588ff693a95d364b4f686968b79bba91f9f9fa60b932479c6bf9ceb10e15575b98 -SHA512 (puma-6.4.0.gem) = 3f481bd2bd34ed0d66d86f61d7522a48b4d8bfd36b807a1c47bb3b640bc6050a72f4f710fd4fad16260b560f98050e34faad044a54cb759c7ffe8371c3548c18 -SHA512 (rack-protection-3.1.0.gem) = 18a5ffe614a906ca876926bff3e4d1657f0b6963005ee32de80d0ab987b9465f603b30d69f07fd8d8a1ebf4fa85eb89bfd0b607d72387b360d13bea113a63ef7 -SHA512 (sinatra-3.1.0.gem) = e2b1f72f6ac57ce56006b6c39c72bec8135a448b2b235d6fd061fe3d02bd32b6bd8521c8083975e2ec758b8ba9634d6bc2e90b0f5ffae954437ffb26f808b50b SHA512 (tilt-2.3.0.gem) = 78a3de34e3d096e40cb245807bad07cc3ebfa192986addbd228c25153166808b379f3ce086ff68fa5959997946187fe8923e84100653b2b109007390969875b3 -SHA512 (tornado-6.3.3.tar.gz) = d4813de111139da2f5bd390bdd8d456797a48ba2ebe730946aabd66d9269ce4425d9b70ce62aa443ea5590d667b9056766841d99dcb0f383b2c9acd409474c8d -SHA512 (pcs-web-ui-node-modules-0.1.18.tar.xz) = 237ff976d67a7bf881e45334261af1da32c6330fbf9e7436dcf33e63c9373f85f36db52622676f77e27bb6a853c046223cfe0cca25de68bd004c6535aa077fd7 -SHA512 (pcs-web-ui-0.1.18.tar.gz) = edbe88d113e967b2d3f345e74e8c4409b013fb8474fe70a8813a1aba5ea8b4deb61a3bb8c4cd4b4d1a9dc9e67216e518ee5bf832a25188e95173317533d7bf69 -SHA512 (pcs-0.11.7.tar.gz) = cbe81acb14680948cfe642930012c896e617d976b33ebbb5c202f85d02ec1c0e22f901e73766628926caef2d5568fc6c36d7f9cf4091714f207911b7d4d1c1ef -SHA512 (rack-2.2.8.1.gem) = 98a92950a4ca81c51313bca88cdb2a299aa570c3818e8372014b521ef0f6d2347594d456a7ad30eaa972b0bae864d3eb324263870cdcb8f2ffdc5ba08594aada +SHA512 (backports-3.25.0.gem) = 47a2ffb83030cb317e85a4f72a1c4a76a90324b8928ac73e1aa3404a22136661e9ce718bfdd937fbe07b9e05a338fcbd717bb505fb1dd91cfee570bbff9e3f72 +SHA512 (base64-0.2.0.gem) = ee5cdc30e73e625c15cb674cdd16a839ad44ffb0a27d1363f94491b48d95da37a2976c34f6f616b722a35750a067eb2245c4746d7d36f8e9a9ecee68ff5540fb +SHA512 (childprocess-5.0.0.gem) = 9ec340c86f4fd978b7a9925bcf90811ff3443f014469e4ff121e2c4758a4068823029ab413d1a57eb9de4a864435505b1edfa60a611709f2a5f99aaf08da422d +SHA512 (nio4r-2.7.3.gem) = 88c8f74fd5e7d4b3f037d04d7538940f2b3def76e0f86103bf9c585b9d97bad6ef8381d5b4c1eea7c06d20c0659d4d89d1a781a48a2754e32f81cfff810f443a +SHA512 (puma-6.4.2.gem) = 32bde41a8dbeaf998dc1cc11390ca393e96f12c8d253c023e04304cc1d631bf24a153e2d4183b6a20ae73a9b1daed9acec7f3c8fbb40090a42ca3f5f08f24aeb +SHA512 (rack-3.0.11.gem) = 77ea51d2a1584f58396cb864f9895ec47f36febaaf9bb806ebdb52d105ace8cac1a93144ac9769efbe1fff66f5bac555c7b949f62627cb80984d2ea31704d995 +SHA512 (rack-protection-4.0.0.gem) = 5eb33e4829e5e0d320a14d169fd007111641e388f2b6e5f8de98d45dfd1e6705cdb4e1ce29524ebb6fb5afe14079b8e5370c9c389cb2befca4ca508da73165b3 +SHA512 (rack-session-2.0.0.gem) = 827cd1acf20eb814adda7663f61755febd2e6acec6ee085dbc393b614a621f845dffa8f759e434055dbf029be370afeb921c8759c9e9e1fee17119830d9b2899 +SHA512 (rackup-2.1.0.gem) = f2b66902b04ddce5ca9389822118244c591b5c83766a55aee88550717c8e736b1eff967927b2c6c611205dde25bf5a862edfc587fda9cb88f31cc902171f85b1 +SHA512 (sinatra-4.0.0.gem) = 1eb8c6e8966461d3fa463b5c87e8bc3cd58243fc997a104671e252b866bb653dfc16d7b9f677e016ae91cb30998d72f8778eb2b2254ce27cf304944a6bfa8c05 +SHA512 (webrick-1.8.1.gem) = 3bf45e3a52190dccaa6e883923448b745a420eff2a1533eacdd2aed0e4c67f5c6d813c85606f8fc12952c004e4984fd97ebc3c361a42b49cebe5b84c8fc6e99d +SHA512 (tornado-6.4.0.tar.gz) = dc584acc14d93c7109e4744b690641ae318ee9ad2c42a4c3560c315fa8654de3a64574c7187f5afdbde2906b7cccf5725f45462e710effb6f025e5ec1a3810d4 +SHA512 (pcs-2f4ebe9dfb2d9854e6ae05834e6062d245dae88d.tar.gz) = 07af5d5bf7795c1172408238caf04003d4fd25ba1f40e3810b31d8b378af3124e627c6d87a01e317f19e53566f521c3b2e9e1b50401f9dd8204ccbb71e9b1031 +SHA512 (pcs-web-ui-0.1.19.tar.gz) = 3aa407f2e90f236324949d33f6ee4701c1d4898deeed2fa0d3367f9a1a0d0687e44b966c106ff772e450c51be36abd3f17656432b5da4d0c9f1a80e6f80866c6 +SHA512 (pcs-web-ui-node-modules-0.1.19.tar.xz) = 206658b964a3b1a6c7c4b171d6686ef9097ee7c36720088cdc220c50e44d09d58fb4d1aac8e2eb7bb44267f581b666d38b3148352f2f235b477e8a7ab7ee8551