packages/ovirt-engine
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:57766bad50239c05816175e184d4e02d1c3dca56
Branches Tags
packages:main
..
compare: packages:17b8bb29722e6cc0fcb5d333a962f829778eec59
Branches Tags
packages:main

No commits in common. "57766bad50239c05816175e184d4e02d1c3dca56" and "17b8bb29722e6cc0fcb5d333a962f829778eec59" have entirely different histories.
57766bad50 ... 17b8bb2972

6 changed files with 1 additions and 507 deletions
Show Stats Expand all files Collapse all files

228
0009-fix-engine-setup-problem.patch
View File

@ -1,228 +0,0 @@
From ed6bf930fc3177f920908e2421adf980710ec57f Mon Sep 17 00:00:00 2001
From: Super User <root@localhost.localdomain>
Date: Wed, 8 Mar 2023 11:36:07 +0800
Subject: [PATCH] fix engine-setup problem
---
packaging/bin/engine-backup.sh.in | 3 ++-
packaging/setup/bin/ovirt-engine-upgrade-check.in | 6 ++----
.../setup/ovirt_engine_setup/engine_common/postgres.py | 6 ++----
.../ovirt-engine-common/base/core/offlinepackager.py | 6 ++----
.../ovirt-engine-common/core/offlinepackager.py | 6 ++----
.../ovirt-engine-common/dialog/titles.py | 6 ++----
.../ovirt-engine-common/distro-rpm/packages.py | 6 ++----
.../ovirt-engine-common/distro-rpm/versionlock_config.py | 7 ++++---
.../plugins/ovirt-engine-setup/ovirt-engine/system/nfs.py | 6 ++----
9 files changed, 20 insertions(+), 32 deletions(-)
diff --git a/packaging/bin/engine-backup.sh.in b/packaging/bin/engine-backup.sh.in
index fd3151b..25120e8 100755
--- a/packaging/bin/engine-backup.sh.in
+++ b/packaging/bin/engine-backup.sh.in
@@ -994,7 +994,8 @@ dobackup() {
}
getOSVersion() {
- python@PY_VERSION@ -c 'import platform; d = platform.linux_distribution(full_distribution_name=0); print("%s%s" % (d[0], d[1].split(".")[0]))'
+# python@PY_VERSION@ -c 'import platform; d = platform.linux_distribution(full_distribution_name=0); print("%s%s" % (d[0], d[1].split(".")[0]))'
+ python@PY_VERSION@ -c 'import distro; print("%s%s" % (distro.id(), distrio.version().split(".")[0]))'
}
createtar() {
diff --git a/packaging/setup/bin/ovirt-engine-upgrade-check.in b/packaging/setup/bin/ovirt-engine-upgrade-check.in
index f357f01..2bae272 100755
--- a/packaging/setup/bin/ovirt-engine-upgrade-check.in
+++ b/packaging/setup/bin/ovirt-engine-upgrade-check.in
@@ -15,7 +15,7 @@ import platform
import optparse
import gettext
import glob
-
+import distro
from otopi import common
from otopi import constants as otopicons
@@ -118,9 +118,7 @@ def main():
setup_packages = get_setup_packages()
try:
- if platform.linux_distribution(
- full_distribution_name=0
- )[0] not in ('redhat', 'fedora', 'centos'):
+ if distro.id() not in ('redhat', 'fedora', 'centos','openeuler'):
raise RuntimeError(_('Unsupported distribution'))
exit = 1
diff --git a/packaging/setup/ovirt_engine_setup/engine_common/postgres.py b/packaging/setup/ovirt_engine_setup/engine_common/postgres.py
index 51c9c4b..bd8ba4b 100644
--- a/packaging/setup/ovirt_engine_setup/engine_common/postgres.py
+++ b/packaging/setup/ovirt_engine_setup/engine_common/postgres.py
@@ -15,7 +15,7 @@ import random
import re
import shutil
import time
-
+import distro
from otopi import base
from otopi import constants as otopicons
from otopi import filetransaction
@@ -449,9 +449,7 @@ class Provisioning(base.Base):
self.command.detect('psql')
def supported(self):
- return platform.linux_distribution(
- full_distribution_name=0
- )[0] in ('redhat', 'fedora', 'centos')
+ return distro.id() in ('redhat', 'fedora', 'centos','openeuler')
def validate(self):
if not self.services.exists(
diff --git a/packaging/setup/plugins/ovirt-engine-common/base/core/offlinepackager.py b/packaging/setup/plugins/ovirt-engine-common/base/core/offlinepackager.py
index 7108668..629930a 100644
--- a/packaging/setup/plugins/ovirt-engine-common/base/core/offlinepackager.py
+++ b/packaging/setup/plugins/ovirt-engine-common/base/core/offlinepackager.py
@@ -12,7 +12,7 @@
import gettext
import platform
-
+import distro
from otopi import constants as otopicons
from otopi import packager
from otopi import plugin
@@ -52,9 +52,7 @@ class Plugin(plugin.PluginBase, packager.PackagerBase):
def __init__(self, context):
super(Plugin, self).__init__(context=context)
- self._distribution = platform.linux_distribution(
- full_distribution_name=0
- )[0]
+ self._distribution = distro.id()
@plugin.event(
stage=plugin.Stages.STAGE_INIT,
diff --git a/packaging/setup/plugins/ovirt-engine-provisiondb/ovirt-engine-common/core/offlinepackager.py b/packaging/setup/plugins/ovirt-engine-provisiondb/ovirt-engine-common/core/offlinepackager.py
index 911357c..fbdfc98 100644
--- a/packaging/setup/plugins/ovirt-engine-provisiondb/ovirt-engine-common/core/offlinepackager.py
+++ b/packaging/setup/plugins/ovirt-engine-provisiondb/ovirt-engine-common/core/offlinepackager.py
@@ -14,7 +14,7 @@
import gettext
import platform
-
+import distro
from otopi import constants as otopicons
from otopi import packager
from otopi import plugin
@@ -54,9 +54,7 @@ class Plugin(plugin.PluginBase, packager.PackagerBase):
def __init__(self, context):
super(Plugin, self).__init__(context=context)
- self._distribution = platform.linux_distribution(
- full_distribution_name=0
- )[0]
+ self._distribution = distro.id()
@plugin.event(
stage=plugin.Stages.STAGE_INIT,
diff --git a/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine-common/dialog/titles.py b/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine-common/dialog/titles.py
index 5f8d02f..9cc2958 100644
--- a/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine-common/dialog/titles.py
+++ b/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine-common/dialog/titles.py
@@ -12,7 +12,7 @@
import gettext
import platform
-
+import distro
from otopi import plugin
from otopi import util
@@ -35,9 +35,7 @@ class Plugin(plugin.PluginBase):
def __init__(self, context):
super(Plugin, self).__init__(context=context)
- self._distribution = platform.linux_distribution(
- full_distribution_name=0
- )[0]
+ self._distribution = distro.id()
@plugin.event(
stage=plugin.Stages.STAGE_CUSTOMIZATION,
diff --git a/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine-common/distro-rpm/packages.py b/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine-common/distro-rpm/packages.py
index 2987052..e7a29ef 100644
--- a/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine-common/distro-rpm/packages.py
+++ b/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine-common/distro-rpm/packages.py
@@ -15,7 +15,7 @@ import datetime
import gettext
import os
import platform
-
+import distro
from otopi import constants as otopicons
from otopi import plugin
from otopi import transaction
@@ -266,9 +266,7 @@ class Plugin(plugin.PluginBase):
super(Plugin, self).__init__(context=context)
self._shouldResultVersionLock = False
self._enabled = False
- self._distribution = platform.linux_distribution(
- full_distribution_name=0
- )[0]
+ self._distribution = distro.id()
@plugin.event(
stage=plugin.Stages.STAGE_INIT,
diff --git a/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine-common/distro-rpm/versionlock_config.py b/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine-common/distro-rpm/versionlock_config.py
index 7e9fd9b..47b1f09 100644
--- a/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine-common/distro-rpm/versionlock_config.py
+++ b/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine-common/distro-rpm/versionlock_config.py
@@ -12,7 +12,7 @@
import os
import platform
-
+import distro
from otopi import constants as otopicons
from otopi import filetransaction
from otopi import plugin
@@ -40,9 +40,10 @@ class Plugin(plugin.PluginBase):
os.path.exists(YUM_VERSIONLOCK_CONF) and
not self.environment[osetupcons.CoreEnv.DEVELOPER_MODE] and
not self.environment[osetupcons.CoreEnv.OFFLINE_PACKAGER] and
- platform.linux_distribution(full_distribution_name=0)[0] in (
+ distro.id() in (
'redhat',
- 'centos'
+ 'centos',
+ 'openeuler'
)
)
)
diff --git a/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/system/nfs.py b/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/system/nfs.py
index a09934d..e43a771 100644
--- a/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/system/nfs.py
+++ b/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/system/nfs.py
@@ -15,7 +15,7 @@ NFS and RPCbind services configuration plugin.
import gettext
import os
import platform
-
+import distro
from otopi import constants as otopicons
from otopi import filetransaction
from otopi import plugin
@@ -47,9 +47,7 @@ class Plugin(plugin.PluginBase):
def __init__(self, context):
super(Plugin, self).__init__(context=context)
- self._distribution = platform.linux_distribution(
- full_distribution_name=0
- )[0]
+ self._distribution = distro.id()
@plugin.event(
stage=plugin.Stages.STAGE_INIT,
--
2.39.1

43
0010-fix-host-installation-failure.patch
View File

@ -1,43 +0,0 @@
From 388c9a082697d1c736ad74d983671a85699c133d Mon Sep 17 00:00:00 2001
From: wangdi <wangdi@kylinos.cn>
Date: Tue, 14 Mar 2023 10:12:57 +0800
Subject: [PATCH] fix host installation failure
---
.../project/roles/ovirt-host-deploy-facts/tasks/host-os.yml | 2 +-
.../plugins/ovirt-engine-setup/ovirt-engine/apache/runner.py | 3 ++-
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/packaging/ansible-runner-service-project/project/roles/ovirt-host-deploy-facts/tasks/host-os.yml b/packaging/ansible-runner-service-project/project/roles/ovirt-host-deploy-facts/tasks/host-os.yml
index ef92743..f45415a 100644
--- a/packaging/ansible-runner-service-project/project/roles/ovirt-host-deploy-facts/tasks/host-os.yml
+++ b/packaging/ansible-runner-service-project/project/roles/ovirt-host-deploy-facts/tasks/host-os.yml
@@ -10,7 +10,7 @@
- name: Check if system is OpenEuler
set_fact:
- ansible_python_interpreter: "{{ 'usr/bin/python3' }}"
+ ansible_python_interpreter: "{{ '/usr/bin/python3' }}"
when:
ansible_distribution == 'openEuler'
diff --git a/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/apache/runner.py b/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/apache/runner.py
index 8a8be55..2b3c3a1 100644
--- a/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/apache/runner.py
+++ b/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/apache/runner.py
@@ -82,10 +82,11 @@ class Plugin(plugin.PluginBase):
),
content=textwrap.dedent('''
Listen {port}
+ WSGIRestrictEmbedded On
<VirtualHost _default_:{port}>
WSGIDaemonProcess runner user={user} group={group} threads=4
WSGIProcessGroup runner
- WSGIScriptAlias / {runner_wsgi_file}
+ WSGIScriptAlias / {runner_wsgi_file} process-group=runner application-group=%{{GLOBAL}}
</VirtualHost>
''').format(
runner_wsgi_file=runner_wsgi_file,
--
2.39.1

41
0011-get-vdsm-id-from-dmidecode-system-uuid-on-aarch64.patch
View File

@ -1,41 +0,0 @@
From a8dd9ed10a3f272c4ba8c5f619c66eaf243e7112 Mon Sep 17 00:00:00 2001
From: wangdi <wangdi@kylinos.cn>
Date: Tue, 14 Mar 2023 17:11:34 +0800
Subject: [PATCH] get vdsm id from dmidecode system-uuid on aarch64
---
.../project/roles/ovirt-host-deploy-vdsm/tasks/vdsmid.yml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/packaging/ansible-runner-service-project/project/roles/ovirt-host-deploy-vdsm/tasks/vdsmid.yml b/packaging/ansible-runner-service-project/project/roles/ovirt-host-deploy-vdsm/tasks/vdsmid.yml
index 87c7d87..c3612b9 100644
--- a/packaging/ansible-runner-service-project/project/roles/ovirt-host-deploy-vdsm/tasks/vdsmid.yml
+++ b/packaging/ansible-runner-service-project/project/roles/ovirt-host-deploy-vdsm/tasks/vdsmid.yml
@@ -23,13 +23,13 @@
name: dmidecode
state: present
- - name: Detect vdsm id for x86_64 or i686
+ - name: Detect vdsm id for x86_64 or i686 or aarch64
shell: dmidecode -s system-uuid
register: vdsm_id_res
tags:
- skip_ansible_lint # E305
- - name: Set vdsm id for x86_64 or i686
+ - name: Set vdsm id for x86_64 or i686 or aarch64
set_fact:
vdsm_id: "{{ vdsm_id_res.stdout }}"
when:
@@ -39,7 +39,7 @@
when:
- not vdsm_id_stat.stat.exists
- not vdsm_id
- - (ansible_facts.architecture == 'x86_64' or ansible_facts.architecture == 'i686')
+ - (ansible_facts.architecture == 'x86_64' or ansible_facts.architecture == 'i686' or ansible_facts.architecture == 'aarch64')
- block:
- name: Verify ppc system id path exists
--
2.39.1

98
CVE-2020-35497.patch
View File

@ -1,98 +0,0 @@
From d663972f8a144b283591e46693f0aa27a9f2e859 Mon Sep 17 00:00:00 2001
From: Eli Mesika <emesika@redhat.com>
Date: Wed, 23 Dec 2020 13:15:39 +0200
Subject: [PATCH] core: prevent non-admin users see other users data
This patch fixes a security hole that enables regular users to access
other user data including administrators.
The problem was in the DAO that accesses the users data according to the
user permission, the wrong logic was to get all the user data if any
permission is found for the given user.
This patch modifies the relevant queries in the BLL level to return only
the information that the user allowed to see
CVE-2020-35497
Change-Id: I5130799027ab79f03b4e25c5f2f2ca4150887719
Bug-Id: https://bugzilla.redhat.com/show_bug.cgi?id=1899938
Signed-off-by: Eli Mesika <emesika@redhat.com>
(cherry picked from commit 40160e6f678d632937a22a8e23370086024f9994)
---
.../engine/core/bll/aaa/GetAllDbUsersQuery.java | 17 +++++++++++++++--
.../core/bll/aaa/GetDbUserByUserIdQuery.java | 14 +++++++++++++-
2 files changed, 28 insertions(+), 3 deletions(-)
diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetAllDbUsersQuery.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetAllDbUsersQuery.java
index e799dbd8f76..4d964b110a9 100644
--- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetAllDbUsersQuery.java
+++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetAllDbUsersQuery.java
@@ -1,12 +1,17 @@
package org.ovirt.engine.core.bll.aaa;
-import javax.inject.Inject;
+import java.util.ArrayList;
+
+import javax.inject.Inject;
import org.ovirt.engine.core.bll.QueriesCommandBase;
import org.ovirt.engine.core.bll.context.EngineContext;
+import org.ovirt.engine.core.common.businessentities.aaa.DbUser;
import org.ovirt.engine.core.common.queries.QueryParametersBase;
import org.ovirt.engine.core.dao.DbUserDao;
+
+
public class GetAllDbUsersQuery<P extends QueryParametersBase>
extends QueriesCommandBase<P> {
@Inject
@@ -18,6 +23,14 @@ public class GetAllDbUsersQuery<P extends QueryParametersBase>
@Override
protected void executeQueryCommand() {
- getQueryReturnValue().setReturnValue(dbUserDao.getAll(getUserID(), getParameters().isFiltered()));
+ DbUser currentUser = getUser();
+ // A non-admin trying to get other user data will get its own data
+ if (!currentUser.isAdmin()) {
+ ArrayList<DbUser> users = new ArrayList<>();
+ users.add(currentUser);
+ getQueryReturnValue().setReturnValue(users);
+ } else {
+ getQueryReturnValue().setReturnValue(dbUserDao.getAll(getUserID(), getParameters().isFiltered()));
+ }
}
}
diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetDbUserByUserIdQuery.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetDbUserByUserIdQuery.java
index 52f88740da6..df491489a80 100644
--- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetDbUserByUserIdQuery.java
+++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetDbUserByUserIdQuery.java
@@ -4,6 +4,7 @@ import javax.inject.Inject;
import org.ovirt.engine.core.bll.QueriesCommandBase;
import org.ovirt.engine.core.bll.context.EngineContext;
+import org.ovirt.engine.core.common.businessentities.aaa.DbUser;
import org.ovirt.engine.core.common.queries.IdQueryParameters;
import org.ovirt.engine.core.dao.DbUserDao;
@@ -19,6 +20,17 @@ public class GetDbUserByUserIdQuery<P extends IdQueryParameters>
@Override
protected void executeQueryCommand() {
- getQueryReturnValue().setReturnValue(dbUserDao.get(getParameters().getId(), getParameters().isFiltered()));
+ DbUser currentUser = getUser();
+ if (!currentUser.isAdmin()) {
+ // unauthorized access
+ if (!currentUser.getId().equals(getParameters().getId())) {
+ getQueryReturnValue().setReturnValue(null);
+ } else {
+ // A non-admin user can get only its own data
+ getQueryReturnValue().setReturnValue(dbUserDao.get(currentUser.getId(), false));
+ }
+ } else {
+ getQueryReturnValue().setReturnValue(dbUserDao.get(getParameters().getId(), getParameters().isFiltered()));
+ }
}
}
--
2.27.0

71
CVE-2024-0822.patch
View File

@ -1,71 +0,0 @@
From 7c60429f6c7a7c132725a789c8901aa5f29cad46 Mon Sep 17 00:00:00 2001
From: Martin Perina <mperina@redhat.com>
Date: Tue, 5 Mar 2024 10:10:37 +0800
Subject: [PATCH] CVE-2024-0822
commit 08daf9d2f17024d603a241cca85d00adf153a2f2 upstream
Disable execution of CreateUserSession from GWT code
CreateUserSesssion should be executed only as a part of login flow, so
explicitly disable execution from GWT code.
Signed-off-by: Martin Perina <mperina@redhat.com>
---
.../server/gwt/GenericApiGWTServiceImpl.java | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/server/gwt/GenericApiGWTServiceImpl.java b/frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/server/gwt/GenericApiGWTServiceImpl.java
index 476a018..00a886d 100644
--- a/frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/server/gwt/GenericApiGWTServiceImpl.java
+++ b/frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/server/gwt/GenericApiGWTServiceImpl.java
@@ -2,6 +2,7 @@ package org.ovirt.engine.ui.frontend.server.gwt;
import java.io.IOException;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.List;
import java.util.UUID;
import java.util.regex.Pattern;
@@ -17,6 +18,7 @@ import org.ovirt.engine.core.common.action.ActionParametersBase;
import org.ovirt.engine.core.common.action.ActionReturnValue;
import org.ovirt.engine.core.common.action.ActionType;
import org.ovirt.engine.core.common.constants.SessionConstants;
+import org.ovirt.engine.core.common.errors.EngineFault;
import org.ovirt.engine.core.common.interfaces.BackendLocal;
import org.ovirt.engine.core.common.queries.QueryParametersBase;
import org.ovirt.engine.core.common.queries.QueryReturnValue;
@@ -149,6 +151,14 @@ public class GenericApiGWTServiceImpl extends OvirtXsrfProtectedServiceServlet i
ArrayList<ActionParametersBase> multipleParams, boolean isRunOnlyIfAllValidationPass, boolean isWaitForResult) {
log.debug("Server: RunMultipleAction invoked! [amount of actions: {}]", multipleParams.size()); //$NON-NLS-1$
+ // CreateUserSession should never be invoked from GWT code
+ if (actionType == ActionType.CreateUserSession) {
+ ActionReturnValue error = new ActionReturnValue();
+ error.setSucceeded(false);
+ error.setFault(new EngineFault(new RuntimeException("Command cannot be executed from client"))); //$NON-NLS-1$
+ return Arrays.asList(error);
+ }
+
String correlationId = CorrelationIdTracker.getCorrelationId();
for (ActionParametersBase params : multipleParams) {
params.setSessionId(getEngineSessionId());
@@ -168,6 +178,15 @@ public class GenericApiGWTServiceImpl extends OvirtXsrfProtectedServiceServlet i
ActionParametersBase params) {
log.debug("Server: RunAction invoked!"); //$NON-NLS-1$
debugAction(actionType, params);
+
+ // CreateUserSession should never be invoked from GWT code
+ if (actionType == ActionType.CreateUserSession) {
+ ActionReturnValue error = new ActionReturnValue();
+ error.setSucceeded(false);
+ error.setFault(new EngineFault(new RuntimeException("Command cannot be executed from client"))); //$NON-NLS-1$
+ return error;
+ }
+
params.setSessionId(getEngineSessionId());
if (params.getCorrelationId() == null) {
params.setCorrelationId(CorrelationIdTracker.getCorrelationId());
--
2.27.0

27
ovirt-engine.spec
View File

@ -176,7 +176,7 @@ getent passwd %1 >/dev/null || useradd -r -u %2 -g %3 -c %5 -s /sbin/nologin -d
Name: ovirt-engine
Version: 4.4.4.1
Release: 11
Release: 6
Summary: Management server for Open Virtualization
Group: %{ovirt_product_group}
License: Apache 2.0
@ -198,11 +198,6 @@ Patch5: 0005-fix-interface-report-an-error-when-emulatedMachine-is-null.
Patch6: 0007-add-config-item-for-openeuler.patch
Patch7: CVE-2020-10775.patch
Patch8: 0008-modify-sshd-core-version.patch
Patch9: 0009-fix-engine-setup-problem.patch
Patch10: 0010-fix-host-installation-failure.patch
Patch11: 0011-get-vdsm-id-from-dmidecode-system-uuid-on-aarch64.patch
Patch12: CVE-2024-0822.patch
Patch13: CVE-2020-35497.patch
BuildArch: noarch
BuildRequires: assertj-core >= 2.2.0
@ -652,11 +647,6 @@ Setup imageio service.
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
sed -i '87s/@Test/\/\/@Test/g' backend/manager/modules/vdsbroker/src/test/java/org/ovirt/engine/core/vdsbroker/builder/vminfo/LibvirtVmXmlBuilderTest.java
sed -i '88s/@MockedConfig/\/\/@MockedConfig/g' backend/manager/modules/vdsbroker/src/test/java/org/ovirt/engine/core/vdsbroker/builder/vminfo/LibvirtVmXmlBuilderTest.java
sed -i '121s/@Test/\/\/@Test/g' backend/manager/modules/bll/src/test/java/org/ovirt/engine/core/bll/AddClusterCommandTest.java
@ -1305,21 +1295,6 @@ fi
%{engine_data}/setup/bin/ovirt-engine-health
%changelog
* Fri Jun 07 2024 wangziliang <wangziliang@kylinos.cn> - 4.4.4.1-11
- Fix CVE-2020-35497
* Tue Mar 05 2024 yanjianqing <yanjianqing@kylinos.cn> - 4.4.4.1-10
- Fix CVE-2024-0822
* Tue Mar 14 2023 wangdi <wangdi@kylinos.cn> - 4.4.4.1-9
- Set vdsm id as system uuid from dmidecode on aarch64
* Tue Mar 14 2023 wangdi <wangdi@kylinos.cn> - 4.4.4.1-8
- Fix host installation failure
* Wed Mar 08 2023 yanjianqing <yanjianqing@kylinos.cn> - 4.4.4.1-7
- Fix engine-setup problem
* Fri Mar 03 2023 jiangxinyu <jiangxinyu@kylinos.cn> - 4.4.4.1-6
- Remove OVN/OVS support