packages/logrotate
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!17 fix CVE-2022-1348 and upgrade to 3.20.1

Browse Source 
From: @duyiwei7w 
Reviewed-by: @overweight 
Signed-off-by: @overweight
This commit is contained in:
openeuler-ci-bot 2022-06-21 07:02:09 +00:00 committed by Gitee
commit 4ae79e42bd
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
4 changed files with 37 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
0001-logrotate-3.20.1-lock-state-msg.patch Normal file
View File

@ -0,0 +1,31 @@
From e509c7db71cefd150e9c4360b8abd3b378b129b2 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Fri, 27 May 2022 09:56:07 +0200
Subject: [PATCH] lockState: do not print `error:` when exit code is unaffected
Closes: https://github.com/logrotate/logrotate/pull/448
Upstream-commit: 31cf1099ab8514dfcae5a980bc77352edd5292f8
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
logrotate.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/logrotate.c b/logrotate.c
index 2350672..6188a35 100644
--- a/logrotate.c
+++ b/logrotate.c
@@ -3050,8 +3050,8 @@ static int lockState(const char *stateFilename, int skip_state_lock)
}
if (sb.st_mode & S_IROTH) {
- message(MESS_ERROR, "state file %s is world-readable and thus can"
- " be locked from other unprivileged users."
+ message(MESS_NORMAL, "warning: state file %s is world-readable"
+ " and thus can be locked from other unprivileged users."
" Skipping lock acquisition...\n",
stateFilename);
close(lockFd);
--
2.35.3

BIN
logrotate-3.18.1.tar.xz
View File

Binary file not shown.

BIN
logrotate-3.20.1.tar.xz Normal file
View File

Binary file not shown.

7
logrotate.spec
View File

@ -1,12 +1,14 @@
%global _configure ../configure %global _configure ../configure
Name: logrotate Name: logrotate
Version: 3.18.1 Version: 3.20.1
Release: 1 Release: 1
Summary: simplify the administration of log files Summary: simplify the administration of log files
License: GPLv2+ License: GPLv2+
Url: https://github.com/logrotate/logrotate Url: https://github.com/logrotate/logrotate
Source0: https://github.com/logrotate/logrotate/releases/download/%{version}/logrotate-%{version}.tar.xz Source0: https://github.com/logrotate/logrotate/releases/download/%{version}/logrotate-%{version}.tar.xz
# lockState: do not print `error:` when exit code is unaffected
Patch0: 0001-logrotate-3.20.1-lock-state-msg.patch
BuildRequires: acl gcc automake libacl-devel libselinux-devel popt-devel BuildRequires: acl gcc automake libacl-devel libselinux-devel popt-devel
Requires: coreutils Requires: coreutils
@ -73,6 +75,9 @@ fi
%{_mandir}/man5/logrotate.conf.5* %{_mandir}/man5/logrotate.conf.5*
%changelog %changelog
* Fri Jun 10 2022 duyiwei <duyiwei@kylinos.cn> - 3.20.1-1
- upgrade version to 3.20.1 and fix CVE-2022-1348
* Sat Nov 20 2021 xiechengliang <xiechengliang1@huawei.com> - 3.18.1-1 * Sat Nov 20 2021 xiechengliang <xiechengliang1@huawei.com> - 3.18.1-1
- update upstream to 3.18.1 - update upstream to 3.18.1