Update etcd to 3.3.25 for CVE fixes (#95)

* Update to version 3.3.25

* Update cgmanifest

* Fix merge conflict

Co-authored-by: Joe Schmitt <joschmit@microsoft.com>
This commit is contained in:
Joe Schmitt 2020-09-10 18:11:47 -07:00 коммит произвёл Jon Slobodzian
Родитель 75cea6d23f
Коммит db8b067d03
3 изменённых файлов: 22 добавлений и 7 удалений

Просмотреть файл

@ -1,6 +1,6 @@
{ {
"Signatures": { "Signatures": {
"etcd-3.3.11.tar.gz": "5cb6d9000d74860a193047363dcfd302d07f2bc44e3c537e3b4914c00fa1a46e", "etcd-3.3.25.tar.gz": "5d0f09fab4105effa96f37302cfe95e843efe2e5663319c1c2dbcd1a7818d382",
"etcd.service": "4550a4967ba35670051cbfd9b4edf1fc57c0f1d7a07e51f88351ac44c76d8066" "etcd.service": "4550a4967ba35670051cbfd9b4edf1fc57c0f1d7a07e51f88351ac44c76d8066"
} }
} }

Просмотреть файл

@ -1,7 +1,7 @@
Summary: A highly-available key value store for shared configuration Summary: A highly-available key value store for shared configuration
Name: etcd Name: etcd
Version: 3.3.11 Version: 3.3.25
Release: 2%{?dist} Release: 1%{?dist}
License: ASL 2.0 License: ASL 2.0
URL: https://github.com/etcd-io/etcd/ URL: https://github.com/etcd-io/etcd/
Group: System Environment/Security Group: System Environment/Security
@ -11,7 +11,8 @@ Distribution: Mariner
Source0: %{name}-%{version}.tar.gz Source0: %{name}-%{version}.tar.gz
Source1: etcd.service Source1: etcd.service
BuildRequires: golang >= 1.7 BuildRequires: golang >= 1.13
BuildRequires: git
%description %description
A highly-available key value store for shared configuration and service discovery. A highly-available key value store for shared configuration and service discovery.
@ -20,6 +21,18 @@ A highly-available key value store for shared configuration and service discover
%setup -q %setup -q
%build %build
# Turn off auto moduling. golang 1.13 does not automatically consider the vendor folder (it does as of 1.14).
# To successfully build, manually hydrate the go package cache (GOPATH) with the included vendor folder and
# etcd's source code before invoking the build script.
export GO111MODULE=off
%define OUR_GOPATH %{_topdir}/.gopath
mkdir -p "%{OUR_GOPATH}/vendor" "%{OUR_GOPATH}/etcd_src/src/github.com/coreos"
export GOPATH=%{OUR_GOPATH}/vendor:%{OUR_GOPATH}/etcd_src
ln -s "%{_builddir}/%{name}-%{version}/vendor" "%{OUR_GOPATH}/vendor/src"
ln -s "%{_builddir}/%{name}-%{version}" "%{OUR_GOPATH}/etcd_src/src/github.com/coreos/etcd"
./build ./build
%install %install
@ -61,7 +74,9 @@ rm -rf %{buildroot}/*
%config(noreplace) %{_sysconfdir}/etcd/etcd-default-conf.yml %config(noreplace) %{_sysconfdir}/etcd/etcd-default-conf.yml
%changelog %changelog
* Sat May 09 00:21:28 PST 2020 Nick Samson <nisamson@microsoft.com> - 3.3.11-2 * Thu Sep 03 2020 Joe Schmitt <joschmit@microsoft.com> 3.3.25-1
- Update to version 3.3.25 which fixes CVE-2020-15106, CVE-2020-15112, CVE-2020-15114, and CVE-2020-15115.
* Sat May 09 2020 Nick Samson <nisamson@microsoft.com> 3.3.11-2
- Added %%license line automatically - Added %%license line automatically
* Thu May 07 2020 Nicolas Ontiveros <niontive@microsoft.com> 3.3.11-1 * Thu May 07 2020 Nicolas Ontiveros <niontive@microsoft.com> 3.3.11-1
- Upgrade to version 3.3.11, which fixes CVE-2018-16886. - Upgrade to version 3.3.11, which fixes CVE-2018-16886.

Просмотреть файл

@ -935,8 +935,8 @@
"type": "other", "type": "other",
"other": { "other": {
"name": "etcd", "name": "etcd",
"version": "3.3.11", "version": "3.3.25",
"downloadUrl": "https://github.com/etcd-io/etcd/archive/v3.3.11.tar.gz" "downloadUrl": "https://github.com/etcd-io/etcd/archive/v3.3.25.tar.gz"
} }
} }
}, },