-
Notifications
You must be signed in to change notification settings - Fork 561
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1561 from microsoft/joslobo/off-cycle-cve-fixes
Off Cycle CVE fixes for redis and ansible.
- Loading branch information
Showing
8 changed files
with
48 additions
and
83 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,5 +1,5 @@ | ||
| { | ||
| "Signatures": { | ||
| "ansible-2.9.18.tar.gz": "55fee77729eab2dce854c94a7b6998f0fcb7b9a053bdaa7eb4057f01a0d5d93c" | ||
| "ansible-2.9.23.tar.gz": "b7ca0fac00dd09e11bf69eb40da1405881b466ad2adb88e7aee3e2387e66f9ad" | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,21 +1,26 @@ | ||
| %{!?python2_sitelib: %global python2_sitelib %(python2 -c "from distutils.sysconfig import get_python_lib;print(get_python_lib())")} | ||
| %{!?python3_sitelib: %define python3_sitelib %(python3 -c "from distutils.sysconfig import get_python_lib;print(get_python_lib())")} | ||
|
|
||
| Summary: Configuration-management, application deployment, cloud provisioning system | ||
| Name: ansible | ||
| Version: 2.9.18 | ||
| Version: 2.9.23 | ||
| Release: 1%{?dist} | ||
| License: GPLv3+ | ||
| Vendor: Microsoft Corporation | ||
| Distribution: Mariner | ||
| Group: Development/Libraries | ||
| URL: https://www.ansible.com | ||
| Source0: https://releases.ansible.com/ansible/%{name}-%{version}.tar.gz | ||
| BuildRequires: python-setuptools | ||
| BuildRequires: python2 | ||
| BuildRequires: python2-libs | ||
| Requires: python2 | ||
| # Required for %check | ||
| Requires: python2-devel | ||
| Requires: python2-libs | ||
| BuildRequires: python3-setuptools | ||
| BuildRequires: python3 | ||
| BuildRequires: python3-libs | ||
| %if %{with_check} | ||
| BuildRequires: python3-devel | ||
| BuildRequires: python3-pip | ||
| %endif | ||
|
|
||
| Requires: python3 | ||
| Requires: python3-libs | ||
|
|
||
| BuildArch: noarch | ||
|
|
||
| %description | ||
|
|
@@ -25,22 +30,26 @@ Ansible is a radically simple IT automation system. It handles configuration-man | |
| %setup -q | ||
|
|
||
| %build | ||
| python2 setup.py build | ||
| python3 setup.py build | ||
|
|
||
| %install | ||
| python2 setup.py install -O1 --skip-build \ | ||
| --root %{buildroot} | ||
| python3 setup.py install -O1 --root %{buildroot} | ||
|
|
||
| %check | ||
| python2 setup.py test | ||
| pip3 install tox | ||
| cd build/lib/ansible_test/_data && tox | ||
|
|
||
| %files | ||
| %defattr(-, root, root) | ||
| %license licenses | ||
| %{_bindir}/* | ||
| %{python2_sitelib}/* | ||
| %{python3_sitelib}/* | ||
|
|
||
| %changelog | ||
| * Fri Oct 15 2021 Bala <[email protected]> - 2.9.23-1 | ||
| - Upgrade to version 2.9.23, which resolves CVE-2021-3583, CVE-2020-14330 and CVE-2021-20228 | ||
| - Switching to building with Python 3 to fix tests. | ||
|
|
||
| * Tue Jun 15 2021 Nicolas Ontiveros <[email protected]> - 2.9.18-1 | ||
| - Upgrade to version 2.9.18, which resolves CVE-2021-20191 and CVE-2021-20178 | ||
|
|
||
|
|
||
This file was deleted.
Oops, something went wrong.
Empty file.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,5 +1,5 @@ | ||
| { | ||
| "Signatures": { | ||
| "redis-5.0.5.tar.gz": "2139009799d21d8ff94fc40b7f36ac46699b9e1254086299f8d3b223ca54a375" | ||
| "redis-5.0.14.tar.gz": "3ea5024766d983249e80d4aa9457c897a9f079957d0fb1f35682df233f997f32" | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,19 +1,15 @@ | ||
| Summary: advanced key-value store | ||
| Name: redis | ||
| Version: 5.0.5 | ||
| Release: 7%{?dist} | ||
| Version: 5.0.14 | ||
| Release: 1%{?dist} | ||
| License: BSD | ||
| URL: https://redis.io/ | ||
| Group: Applications/Databases | ||
| Vendor: Microsoft Corporation | ||
| Distribution: Mariner | ||
| Source0: https://download.redis.io/releases/%{name}-%{version}.tar.gz | ||
| Patch0: redis-conf.patch | ||
| Patch1: CVE-2020-14147.patch | ||
| Patch2: disable_active_defrag_big_keys.patch | ||
| # CVE-2021-21309 affects 32-bit executables only. Mariner always builds with -m64 and does not support 32-bit architectures. | ||
| Patch3: CVE-2021-21309.nopatch | ||
| Patch4: CVE-2021-3470.patch | ||
|
|
||
| BuildRequires: gcc | ||
| BuildRequires: systemd | ||
|
|
@@ -76,7 +72,6 @@ exit 0 | |
| /sbin/ldconfig | ||
| %systemd_postun_with_restart redis.service | ||
|
|
||
|
|
||
| %files | ||
| %defattr(-,root,root) | ||
| %license COPYING | ||
|
|
@@ -88,31 +83,47 @@ exit 0 | |
| %config(noreplace) %attr(0640, %{name}, %{name}) %{_sysconfdir}/redis.conf | ||
|
|
||
| %changelog | ||
| * Mon Oct 18 2021 Neha Agarwal <[email protected]> 5.0.14-1 | ||
| - Update version for CVE-2021-32626, CVE-2021-32627, CVE-2021-32628, CVE-2021-32675, CVE-2021-32687, CVE-2021-32762, CVE-2021-41099 | ||
|
|
||
| * Fri Apr 09 2021 Suresh Babu Chalamalasetty <[email protected]> 5.0.5-7 | ||
| - Add patch for CVE-2021-3470 | ||
|
|
||
| * Thu Mar 11 2021 Mateusz Malisz <[email protected]> 5.0.5-6 | ||
| - Add nopatch for CVE-2021-21309. | ||
|
|
||
| * Wed Mar 03 2021 Andrew Phelps <[email protected]> 5.0.5-5 | ||
| - Add patch to remove an unreliable test. License verified. | ||
|
|
||
| * Fri Oct 23 2020 Henry Li <[email protected]> 5.0.5-4 | ||
| - Add patch to resolve CVE-2020-14147 | ||
|
|
||
| * Sat May 09 2020 Nick Samson <[email protected]> 5.0.5-3 | ||
| - Added %%license line automatically | ||
|
|
||
| * Tue Sep 03 2019 Mateusz Malisz <[email protected]> 5.0.5-2 | ||
| - Initial CBL-Mariner import from Photon (license: Apache2). | ||
|
|
||
| * Mon Jul 22 2019 Shreyas B. <[email protected]> 5.0.5-1 | ||
| - Updated to version 5.0.5. | ||
|
|
||
| * Tue Sep 11 2018 Keerthana K <[email protected]> 4.0.11-1 | ||
| - Updated to version 4.0.11. | ||
|
|
||
| * Thu Dec 28 2017 Divya Thaluru <[email protected]> 3.2.8-5 | ||
| - Fixed the log file directory structure | ||
|
|
||
| * Mon Sep 18 2017 Alexey Makhalov <[email protected]> 3.2.8-4 | ||
| - Remove shadow from requires and use explicit tools for post actions | ||
|
|
||
| * Wed May 31 2017 Siju Maliakkal <[email protected]> 3.2.8-3 | ||
| - Fix DB persistence,log file,grace-ful shutdown issues | ||
|
|
||
| * Tue May 16 2017 Siju Maliakkal <[email protected]> 3.2.8-2 | ||
| - Added systemd service unit | ||
|
|
||
| * Wed Apr 5 2017 Siju Maliakkal <[email protected]> 3.2.8-1 | ||
| - Updating to latest version | ||
|
|
||
| * Mon Oct 3 2016 Dheeraj Shetty <[email protected]> 3.2.4-1 | ||
| - initial version | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters