starlingx
/
integ
Code Issues Proposed changes

Update for systemd patches (CVE-2018-15688) 

This commit is a complement for the change in the stx-tools repo
(link: https://review.openstack.org/#/c/651340/), the upgrade is
required to fix the CVE-2018-15688.

The fix was done in Jan 2019 by the community and requires the
update of systemd packages.

System-config needs to be updated in order to be aligned with the
new version of systemd-219-62.el7_6.5.

systemd-config.spec:
	Update 'BuildRequires' value for the new systemd version.

update-package-versioning-for-TIS-format.patch:
	Update 'Release' value for the new version of systemd.

0703-fix-build-error-for-CentOS7.6.patch:
	Update process_http_upload function in order to support the
	new type of value '-ENOBUFS' and changes in the index file.

srpm_path:
	Update the 'mirror' value with the new systemd version.

Change-Id: I8f69532833c216f7a369f1b0596dc6607b0f2a7c
Closes-Bug: #1820756
Depends-On: I3fd97d9dabe2350a7af887a0c7de26ec95f7a7d9
Signed-off-by: Mawrer Ramirez <mawrer.a.ramirez.martinez@intel.com>
This commit is contained in:
Mawrer Ramirez 2019-04-09 07:23:46 -05:00
parent 32fb0a4e9c
commit b05bad2e19
4 changed files with 20 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
base/systemd-config/centos/systemd-config.spec
View File

@ -14,7 +14,7 @@ URL: unknown
Source: %name-%version.tar.gz
BuildArch: noarch
BuildRequires: systemd = 219-62.el7
BuildRequires: systemd = 219-62.el7_6.5
Requires: systemd
%define debug_package %{nil}

4
base/systemd/centos/meta_patches/update-package-versioning-for-TIS-format.patch
View File

@ -15,8 +15,8 @@ index 6bdbb74..3b2aa7f 100644
Name: systemd
Url: http://www.freedesktop.org/wiki/Software/systemd
Version: 219
-Release: 62%{?dist}
+Release: 62.el7%{?_tis_dist}.%{tis_patch_ver}
-Release: 62%{?dist}.5
+Release: 62.el7_6.5%{?_tis_dist}.%{tis_patch_ver}
# For a breakdown of the licensing, see README
License: LGPLv2+ and MIT and GPLv2+
Summary: A System and Service Manager

25
base/systemd/centos/patches/0703-fix-build-error-for-CentOS7.6.patch
View File

@ -1,6 +1,6 @@
From 424bb6c3f56f6c445b7bd3d06150ab2993f1b611 Mon Sep 17 00:00:00 2001
From bcfe2b0e50fed2a445f4e0dd43f33aee45d9ac5f Mon Sep 17 00:00:00 2001
From: Shuicheng Lin <shuicheng.lin@intel.com>
Date: Tue, 8 Jan 2019 20:59:43 +0800
Date: Tue, 2 Apr 2019 16:43:03 +0000
Subject: [PATCH] Fix compile failure due to deprecated value
Issue occur after upgrade build tool chain. Fix it per tool chain's
@ -14,6 +14,7 @@ use MHD_HTTP_NOT_ACCEPTABLE [-Werror]
"
Signed-off-by: Shuicheng Lin <shuicheng.lin@intel.com>
Signed-off-by: Mawrer Ramirez <mawrer.a.ramirez.martinez@intel.com>
---
src/journal-remote/journal-gatewayd.c | 4 ++--
src/journal-remote/journal-remote.c | 4 ++--
@ -42,19 +43,26 @@ index d1f0ce3..8364044 100644
diff --git a/src/journal-remote/journal-remote.c b/src/journal-remote/journal-remote.c
index a455fb6..1d7df07 100644
index e65daf6..9780ecb 100644
--- a/src/journal-remote/journal-remote.c
+++ b/src/journal-remote/journal-remote.c
@@ -526,7 +526,7 @@ static int process_http_upload(
@@ -526,13 +526,13 @@ static int process_http_upload(
log_warning("Failed to process data for connection %p", connection);
if (r == -E2BIG)
if (r == -ENOBUFS)
return mhd_respondf(connection,
- MHD_HTTP_REQUEST_ENTITY_TOO_LARGE,
+ MHD_HTTP_PAYLOAD_TOO_LARGE,
"Entry is too large, maximum is %u bytes.\n",
DATA_SIZE_MAX);
else
@@ -579,7 +579,7 @@ static int request_handler(
else if (r == -E2BIG)
return mhd_respondf(connection,
- MHD_HTTP_REQUEST_ENTITY_TOO_LARGE,
+ MHD_HTTP_PAYLOAD_TOO_LARGE,
"Entry with more fields than the maximum of %u\n",
ENTRY_FIELD_COUNT_MAX);
@@ -586,7 +586,7 @@ static int request_handler(
*connection_cls);
if (!streq(method, "POST"))
@ -64,5 +72,4 @@ index a455fb6..1d7df07 100644
if (!streq(url, "/upload"))
--
2.7.4
1.8.3.1

2
base/systemd/centos/srpm_path
View File

@ -1 +1 @@
mirror:Source/systemd-219-62.el7.src.rpm
mirror:Source/systemd-219-62.el7_6.5.src.rpm