Hello community, here is the log from the commit of package etcd for openSUSE:Leap:15.2 checked in at 2020-02-21 10:48:18 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/etcd (Old) and /work/SRC/openSUSE:Leap:15.2/.etcd.new.26092 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "etcd" Fri Feb 21 10:48:18 2020 rev:2 rq:774172 version:3.3.15 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/etcd/etcd.changes 2020-01-15 14:54:15.933550414 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.etcd.new.26092/etcd.changes 2020-02-21 10:48:51.402861046 +0100 @@ -1,0 +2,287 @@ +Thu Oct 10 09:50:11 UTC 2019 - [email protected] + +- Update to version 3.3.15: + * version: 3.3.15 + * vendor: regenerate + * go.mod: remove, change back to "glide" + * version: 3.3.14 + * Documentation/upgrades: special upgrade guides for >= 3.3.14 + * version: 3.3.14-rc.0 + * vendor: regenerate + * go.mod: regenerate + * gitignore: track vendor directory + * *: test with Go 1.12.9 + * version: 3.3.14-beta.0 + * tests/e2e: add missing curl + * e2e: move + * test: do not run "v2store" tests + * test: bump up timeout for e2e tests + * travis: fix functional tests + * functional: add back, travis + * auth: fix tests + * travis: do not run functional for now + * travis: skip windows build + * test: fix repo path + * tests/e2e: fix + * build: remove tools + * integration: fix tests + * integration: fix "HashKVRequest" + * functional: update + * travis.yml: fix, run e2e + * integration: update + * etcdserver: detect leader change on reads + * clientv3: rewrite based on 3.4 + * raft: fix compile error in "Panic" + * pkg/*: add + * etcdserver/api/v3rpc: support watch fragmentation + * tests: update + * *: regenerate proto + * etcdserver/etcdserverpb/rpc.proto: add watch progress/fragment + * vendor: regenerate, upgrade gRPC to 1.23.0 + * go.mod: migrate to Go module + * scripts: update release, genproto, dep + * Makefile/build: sync with 3.4 branch + * *: use new adt.IntervalTree interface + * pkg/adt: remove TODO + * pkg/adt: fix interval tree black-height property based on rbtree + * pkg/adt: document textbook implementation with pseudo-code + * pkg/adt: mask test failure, add TODO + * pkg/adt: add "IntervalTree.Delete" failure case + * pkg/adt: test node "11" deletion + * pkg/adt: README "IntervalTree.Delete" test case images + * pkg/adt: README initial commit + * pkg/adt: add "visitLevel", make "IntervalTree" interface, more tests + * pkg: clean up code format + * travis: update + * etcdserver: add "etcd_server_snapshot_apply_inflights_total" + * etcdserver/api: add "etcd_network_snapshot_send_inflights_total", "etcd_network_snapshot_receive_inflights_total" + * Raft HTTP: fix pause/resume race condition + * ctlv3: add missing newline in EndpointHealth + * ctlv3: support "write-out" for "endpoint health" command + * etcd: Replace ghodss/yaml with sigs.k8s.io/yaml + * version: bump up 3.3.13 + * clientv3: fix race condition in "Endpoints" methods + * etcdserver: improve heartbeat send failures logging + * Documentation metadata for 3.3 branch (#10692) + * vendor: add missing files + * vendor: Run scripts/updatedeps.sh to cleanup unused code + * client: Switch to case sensitive unmarshalling to be compatible with ugorji + * *: update bill-of-materials + * vendor: Add json-iterator and its dependencies + * scripts: Remove generated code and script + * client: Replace ugorji/codec with json-iterator/go + * mvcc: fix db_compaction_total_duration_milliseconds + * wal: Add test for Verify + * wal: add Verify function to perform corruption check on wal contents + * *: Change gRPC proxy to expose etcd server endpoint /metrics + * travis: fix tests by using proper code path + * etcdserver: Use panic instead of fatal on no space left error + * raft: cherry pick of #8334 to release-3.3 + * travis.yml: update Go 1.10.8 + * version: 3.3.12 + * etcdctl: fix strings.HasPrefix args order + * version: 3.3.11+git + +------------------------------------------------------------------- +Wed Jul 24 08:40:09 UTC 2019 - [email protected] + +- removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by + firewalld, see [1]. + + [1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html + +------------------------------------------------------------------- +Thu Jun 13 09:48:45 UTC 2019 - Guillaume GARDET <[email protected]> + +- Fix aarch64 start + +------------------------------------------------------------------- +Wed Jun 5 13:08:46 UTC 2019 - <[email protected]> + +- Added README.security and wording in the configuration file to + ensure users are aware that they need to configure etcd to require + authentication + +------------------------------------------------------------------- +Wed Jan 30 11:58:15 UTC 2019 - Panagiotis Georgiadis [email protected] + +- Update to version 3.3.11: + * version: 3.3.11 + * auth: fix cherry-pick + * auth: disable CommonName auth for gRPC-gateway + * grpcproxy: fix memory leak + * bsc#1121850 CVE-2018-16886 + +------------------------------------------------------------------- +Wed Dec 19 01:28:24 UTC 2018 - [email protected] + +- Updated to a supported version of Go (due to security reasons) + * bsc#1118897 CVE-2018-16873 + go#29230 cmd/go: remote command execution during "go get -u" + * bsc#1118898 CVE-2018-16874 + go#29231 cmd/go: directory traversal in "go get" via curly braces in import paths + * bsc#1118899 CVE-2018-16875 + go#29233 crypto/x509: CPU denial of service +------------------------------------------------------------------- +Wed Dec 12 12:43:23 UTC 2018 - [email protected] + +- Updated to a supported version of Go (due to security reasons) + +------------------------------------------------------------------- +Mon Nov 12 09:33:41 UTC 2018 - [email protected] + +- Update to version 3.3.10: + * version: 3.3.10 + * travis.yml: use Go 1.10.4 + * etcdserver: add "etcd_server_read_indexes_failed_total" + * rafthttp: probe all raft transports + * etcdserver: add "etcd_server_health_success/failures" + * clientv3: concurrency.Mutex.Lock() - preserve invariant + * etcdserver/api/rafthttp: add v3 snapshot send/receive metrics + * etcdserver/api/snap: add v3 snapshot fsync metrics + * tests/Dockerfile: update, fix GOPATH + * etcdctl: cherry pick of #10109 to release-3.3 + * etcdserver: remove duplicated imports + * etcdserver: add "etcd_server_id" + * etcdserver: clarify read index wait timeout warnings + * rafthttp: clarify "became inactive" warning + * Merge pull request #9861 from gyuho/race + * etcdserver: code clean up + * vendor: add go-grpc-middleware + * etcdserver: add grpc interceptor to log info on incoming requests to etcd server + * version: bump up to 3.3.9+git + * version: 3.3.9 + * etcdserver: add "etcd_server_go_version" metric + * clientv3: fix keepalive send interval when response queue is full + * added "now := time.Now()" + * remove "github.com/gogo/protobuf/plugin/stringer" + * etcdserver: rename to "heartbeat_send_failures_total" + * mvcc: add "etcd_mvcc_hash_(rev)_duration_seconds" + * mvcc/backend: fix defrag duration scale + * mvcc/backend: add "etcd_disk_backend_defrag_duration_seconds" + * mvcc/backend: document metrics ExponentialBuckets + * mvcc/backend: clean up mutex, logging + * etcdserver: add "etcd_server_slow_apply_total" + * etcdserver: add "etcd_server_heartbeat_failures_total" + * e2e: log errors TestV3CurlCipherSuitesMismatch for now + * Makefile: use Go 1.10.3 by default + * *: use Go 1.10.3 for testing + * mvcc: avoid unnecessary metrics update + * mvcc: add "etcd_mvcc_db_total_size_in_use_in_bytes" + * mvcc: add "etcd_mvcc_db_total_size_in_bytes" + * etcdserver: add "etcd_server_quota_backend_bytes" + * etcdserver: add "etcd_server_slow_read_indexes_total" + * etcdserver: clarify read index warnings + * tests: update test scripts + * version: 3.3.8+git + * version: 3.3.8 + * travis: use Go 1.9.7 + * gitignore: ignore "docs" and "vendor" + * clientv3: backoff on reestablishing watches when Unavailable errors are encountered + * tests/semaphore.test.bash: update + * Makefile: update + * etcdserver: Fix txn request 'took too long' warnings to use loggable request stringer + * etcdserver: Add response byte size and range response count to took too long warning + * etcdserver: Replace value contents with value_size in request took too long warning + * version: bump up to 3.3.7+git + * version: 3.3.7 + * e2e: test client-side cipher suites with curl + * etcdmain: add "--cipher-suites" flag + * embed: support custom cipher suites + * integration: test client-side TLS cipher suites + * pkg/transport: add "TLSInfo.CipherSuites" field + * pkg/tlsutil: add "GetCipherSuite" + * tests/e2e: test move-leader command with TLS + * ctlv3: support TLS endpoints for move-leader command + * scripts/release: Fix docker push for 3.1 releases, remove inaccurate warning at the end of release script + * version: bump up to 3.3.6+git ++++ 90 more lines (skipped) ++++ between /work/SRC/openSUSE:Leap:15.2/etcd/etcd.changes ++++ and /work/SRC/openSUSE:Leap:15.2/.etcd.new.26092/etcd.changes Old: ---- etcd-3.3.1.tar.xz etcd_client_firewall etcd_server_firewall New: ---- README.security etcd-3.3.15.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ etcd.spec ++++++ --- /var/tmp/diff_new_pack.Ntiq0Q/_old 2020-02-21 10:48:51.950862165 +0100 +++ /var/tmp/diff_new_pack.Ntiq0Q/_new 2020-02-21 10:48:51.950862165 +0100 @@ -22,7 +22,7 @@ %endif Name: etcd -Version: 3.3.1 +Version: 3.3.15 Release: 0 Summary: Highly-available key value store for configuration and service discovery License: Apache-2.0 @@ -31,14 +31,13 @@ Source: %{name}-%{version}.tar.xz Source1: %{name}.conf Source2: %{name}.service -Source3: etcd_client_firewall -Source4: etcd_server_firewall +Source5: README.security BuildRequires: golang-packaging BuildRequires: shadow BuildRequires: systemd-rpm-macros BuildRequires: xz -BuildRequires: golang(API) = 1.9 -BuildRequires: go >= 1.9.4 +BuildRequires: golang(API) = 1.12 +BuildRequires: go1.12 >= 1.12.9 ExcludeArch: %ix86 Requires(post): %fillup_prereq BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -67,11 +66,12 @@ %prep %setup -q +cp %{SOURCE5} . %build %{goprep} github.com/coreos/etcd -%{gobuild} cmd/etcd -%{gobuild} cmd/etcdctl +%{gobuild} . +%{gobuild} etcdctl %install %{goinstall} @@ -84,11 +84,13 @@ # Sysconfig install -D -p -m 0644 %{SOURCE1} %{buildroot}%{_fillupdir}/sysconfig.%{name} +%ifarch aarch64 +# arm64 is not yet officially supported +echo -e "\n#Enable arm64\nETCD_UNSUPPORTED_ARCH=arm64\n" >> %{buildroot}%{_fillupdir}/sysconfig.%{name} +%endif # Additional install -d -m 750 %{buildroot}%{_localstatedir}/lib/%{name} -install -D -m 644 %{SOURCE3} %{buildroot}/%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/etcd_client -install -D -m 644 %{SOURCE4} %{buildroot}/%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/etcd_server # Move mv %{buildroot}%{_bindir}/etcd %{buildroot}%{_sbindir}/%{name} @@ -110,7 +112,8 @@ %files %defattr(-,root,root) -%doc CONTRIBUTING.md README.md LICENSE DCO NOTICE +%doc CONTRIBUTING.md README.md DCO NOTICE README.security +%license LICENSE %{_sbindir}/%{name} # Service @@ -122,8 +125,6 @@ # Additional %dir %attr(0750,%{name},%{name}) %{_localstatedir}/lib/%{name} -%config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/etcd_server -%config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/etcd_client %files -n etcdctl %defattr(-,root,root) ++++++ README.security ++++++ By default etcd doesn't require authentication. If you configure etcd to be reachable over the network, have untrustworthy local users on the system where etc runs or store date in etcd that needs to be kept confidential please make sure to enable authentication. You can do that by configuring the settings under [security] in /etc/sysconfig/etcd. For additional guidance please red https://coreos.com/etcd/docs/latest/v2/security.html and https://coreos.com/etcd/docs/latest/op-guide/authentication.html to ensure that you enforce proper access control ++++++ _service ++++++ --- /var/tmp/diff_new_pack.Ntiq0Q/_old 2020-02-21 10:48:51.990862247 +0100 +++ /var/tmp/diff_new_pack.Ntiq0Q/_new 2020-02-21 10:48:51.990862247 +0100 @@ -4,8 +4,8 @@ <param name="url">https://github.com/coreos/etcd.git</param> <param name="exclude">.git</param> <param name="filename">etcd</param> - <param name="versionformat">3.3.1</param> - <param name="revision">v3.3.1</param> + <param name="versionformat">3.3.15</param> + <param name="revision">v3.3.15</param> <param name="changesgenerate">enable</param> </service> <service name="recompress" mode="disabled"> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.Ntiq0Q/_old 2020-02-21 10:48:52.006862280 +0100 +++ /var/tmp/diff_new_pack.Ntiq0Q/_new 2020-02-21 10:48:52.006862280 +0100 @@ -1,4 +1,4 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/coreos/etcd.git</param> - <param name="changesrevision">28f3f26c0e303392556035b694f75768d449d33d</param></service></servicedata> \ No newline at end of file + <param name="changesrevision">94745a4eed0425653b3b4275a208d38babceeaec</param></service></servicedata> \ No newline at end of file ++++++ etcd-3.3.1.tar.xz -> etcd-3.3.15.tar.xz ++++++ ++++ 888360 lines of diff (skipped) ++++++ etcd.conf ++++++ --- /var/tmp/diff_new_pack.Ntiq0Q/_old 2020-02-21 10:48:53.310864943 +0100 +++ /var/tmp/diff_new_pack.Ntiq0Q/_new 2020-02-21 10:48:53.310864943 +0100 @@ -5,6 +5,10 @@ #ETCD_SNAPSHOT_COUNT="10000" #ETCD_HEARTBEAT_INTERVAL="100" #ETCD_ELECTION_TIMEOUT="1000" +# Before changing this setting allowing etcd to be reachable over the network +# or if you have untrustworthy local users on the system where etc runs please +# make sure to enable authentication in the [security] section below. Please +# also read README.security for this package #ETCD_LISTEN_PEER_URLS="http://localhost:2380"; ETCD_LISTEN_CLIENT_URLS="http://localhost:2379"; #ETCD_MAX_SNAPSHOTS="5"
