10 Commits

Author SHA1 Message Date
Joe Slater
7d7fe3dc61 sudo: fix CVE-2021-3156
Advance to sudo-1.8.23-10.el7_9.1.src.rpm.

Closes-Bug: 1916946
Change-Id: Ibb90439c77d6f5b1badcadb37080ff9e330787d5
Signed-off-by: Joe Slater <joe.slater@windriver.com>
2021-03-01 13:20:16 -05:00
Li Zhou
d053c67554 sudo: fix CVE-2019-18634
Upgrade to sudo-1.8.23-10 for fixing CVE.

Story: 2008532
Task: 41689
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Change-Id: I863e66ee887de40d75db7951f4ba408ad022c131
2021-01-26 07:21:41 +00:00
Dongqi Chen
af359d4938 Add auto-versioning to starlingx/integ packages
This update makes use of the PKG_GITREVCOUNT variable
to auto-version the packages in this repo.

Story: 2007750
Task: 39951
Change-Id: I854419c922b9db4edbbf6f1e987a982ec2ec7b59
Signed-off-by: Dongqi Chen <chen.dq@neusoft.com>
2020-06-24 09:48:28 +08:00
Robin Lu
f30cb74fef Update sudo srpm patch for CVE bug
To fix below CVE, we will use sudo-1.8.23-4.el7_7.1.src.rpm
And we have to update some patches according to new srpm.
https://lists.centos.org/pipermail/centos-announce/2019-October/023499.html

CVE bug: CVE-2019-14287: sudo: can bypass certain policy blacklists

Closes-Bug: 1852825
Depends-On: https://review.opendev.org/#/c/695637/
Change-Id: Ifc0a3423464fafce06cd504d9b427fc3433fb756
Signed-off-by: Robin Lu <bin1.lu@intel.com>
2019-11-25 09:43:16 +08:00
Martin, Chen
12c9484b47 rebase sudo patch to CentOS 7.6 version
Remove sudoer2ldif install command for this bin file
be removed in sudo-1.8.23-3.el7.src.rpm release

Test:
Pass build and multi-node deploy test

Depends-On: https://review.openstack.org/627207

Story: 2004522
Task: 28415

Change-Id: Ibf991ea6dcd77dc71f963f53cdb7f7d90d5a2c79
Signed-off-by: Martin, Chen <haochuan.z.chen@intel.com>
2019-01-02 19:31:45 +08:00
slin14
f11edb283f de-fuzz the fuzzy caused by commit 0858052be
Also remove the commit info added by my previous commit.

Story: 2003917
Task: 27473

Change-Id: I708adb7e160db1ac8074f53c3298150df0c2332f
Signed-off-by: slin14 <shuicheng.lin@intel.com>
2018-10-14 01:39:40 +08:00
Sun Austin
0858052be9 remove -j patch from sudo
This is removing 0003-Further-parallelize-sudo-build.patch and rename
0004-remove-make-check.patch to 0003-remove-make-check.patch

Change-Id: Ia1d5364000d05a7a559c047347c1c506674642a4
Story: 2003803
Tash: 26544
Signed-off-by: Sun Austin <austin.sun@intel.com>
2018-10-09 10:05:55 +08:00
slin14
5a7ede1099 de-fuzz sudo patches
When do Centos 7.5 upgraded, some patches didn't resolve and cause
the fuzzy in the line numbers of the patches. And it may cause
.orig file is created when do patch. And this .orig file will lead
to rpm packaging failure due to the unexpected and unpackaged .orig
file.

Please visit below link to get more detail info:
https://bugs.launchpad.net/starlingx/+bug/1794611

Solution:
  Safest solution is to de-fuzz our patches.

Story: 2003389
Task: 26755

Change-Id: I2de8b090ce2c03ec4bc64504f700e4846ada4cd7
Signed-off-by: slin14 <shuicheng.lin@intel.com>
2018-09-28 08:07:29 +08:00
slin14
8406a10d58 rebase sudo patch to CentOS7.5
the CVE patch is not used, so delete it.

Story: 2003389
Task: 24492

Change-Id: I67b5612992c6cf3c2d67d067b484e98450188ff8
Signed-off-by: slin14 <shuicheng.lin@intel.com>
2018-08-22 15:12:25 +08:00
Scott Little
bab9bb6b69 Internal restructuring of stx-integ
Create new directories:
   ceph
   config
   config-files
   filesystem
   kernel
   kernel/kernel-modules
   ldap
   logging
   strorage-drivers
   tools
   utilities
   virt

Retire directories:
   connectivity
   core
   devtools
   support
   extended

Delete two packages:
   tgt
   irqbalance

Relocated packages:
   base/
      dhcp
      initscripts
      libevent
      lighttpd
      linuxptp
      memcached
      net-snmp
      novnc
      ntp
      openssh
      pam
      procps
      sanlock
      shadow
      sudo
      systemd
      util-linux
      vim
      watchdog

   ceph/
      python-cephclient

   config/
      facter
      puppet-4.8.2
      puppet-modules

   filesystem/
      e2fsprogs
      nfs-utils
      nfscheck

   kernel/
      kernel-std
      kernel-rt

   kernel/kernel-modules/
      mlnx-ofa_kernel

   ldap/
      nss-pam-ldapd
      openldap

   logging/
      syslog-ng
      logrotate

   networking/
      lldpd
      iproute
      mellanox
      python-ryu
      mlx4-config

   python/
      python-2.7.5
      python-django
      python-gunicorn
      python-setuptools
      python-smartpm
      python-voluptuous

   security/
      shim-signed
      shim-unsigned
      tboot

   strorage-drivers/
      python-3parclient
      python-lefthandclient

   virt/
      cloud-init
      libvirt
      libvirt-python
      qemu

   tools/
      storage-topology
      vm-topology

   utilities/
      tis-extensions
      namespace-utils
      nova-utils
      update-motd

Change-Id: I37ade764d873c701b35eac5881eb40412ba64a86
Story: 2002801
Task: 22687
Signed-off-by: Scott Little <scott.little@windriver.com>
2018-08-01 10:06:31 -04:00