Hello community, here is the log from the commit of package salt for openSUSE:Leap:15.2 checked in at 2020-05-12 11:32:03 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/salt (Old) and /work/SRC/openSUSE:Leap:15.2/.salt.new.2738 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "salt" Tue May 12 11:32:03 2020 rev:71 rq:801868 version:3000 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/salt/salt.changes 2020-04-14 14:20:45.429264460 +0200 +++ /work/SRC/openSUSE:Leap:15.2/.salt.new.2738/salt.changes 2020-05-12 11:32:14.423724202 +0200 @@ -1,0 +2,12 @@ +Thu May 7 09:22:53 UTC 2020 - Pablo Suárez Hernández <[email protected]> + +- Fix CVE-2020-11651 and CVE-2020-11652 (bsc#1170595) +- Do not require vendored backports-abc (bsc#1170288) +- Fix partition.mkpart to work without fstype (bsc#1169800) + +- Added: + * fixed-bug-lvm-has-no-parttion-type.-the-scipt-later-.patch + * remove-vendored-backports-abc-from-requirements.patch + * fix-cve-2020-11651-and-fix-cve-2020-11652.patch + +------------------------------------------------------------------- New: ---- fix-cve-2020-11651-and-fix-cve-2020-11652.patch fixed-bug-lvm-has-no-parttion-type.-the-scipt-later-.patch remove-vendored-backports-abc-from-requirements.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ salt.spec ++++++ --- /var/tmp/diff_new_pack.QpLvYu/_old 2020-05-12 11:32:16.079727681 +0200 +++ /var/tmp/diff_new_pack.QpLvYu/_new 2020-05-12 11:32:16.083727690 +0200 @@ -298,6 +298,12 @@ Patch107: sanitize-grains-loaded-from-roster_grains.json.patch # PATCH-FIX_OPENSUSE: https://github.com/openSUSE/salt/pull/228 Patch108: adds-explicit-type-cast-for-port.patch +# PATCH-FIX_UPSTREAM: https://github.com/saltstack/salt/pull/53882 +Patch109: fixed-bug-lvm-has-no-parttion-type.-the-scipt-later-.patch +# PATCH-FIX_OPENSUSE: https://github.com/openSUSE/salt/commit/4f80e969e31247a4755d98d25f29b5d8b1b916c3 +Patch110: remove-vendored-backports-abc-from-requirements.patch +# PATCH-FIX_UPSTREAM: https://github.com/saltstack/salt/pull/56987 +Patch111: fix-cve-2020-11651-and-fix-cve-2020-11652.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: logrotate @@ -913,6 +919,9 @@ %patch106 -p1 %patch107 -p1 %patch108 -p1 +%patch109 -p1 +%patch110 -p1 +%patch111 -p1 %build %if 0%{?build_py2} ++++++ _lastrevision ++++++ --- /var/tmp/diff_new_pack.QpLvYu/_old 2020-05-12 11:32:16.155727841 +0200 +++ /var/tmp/diff_new_pack.QpLvYu/_new 2020-05-12 11:32:16.155727841 +0200 @@ -1 +1 @@ -c96fc684a059121ecc7baf013768b1b611777d73 \ No newline at end of file +4d5b2334177a9bbd52d4f5a5d383656acda30b11 \ No newline at end of file ++++++ fix-cve-2020-11651-and-fix-cve-2020-11652.patch ++++++ ++++ 766 lines (skipped) ++++++ fixed-bug-lvm-has-no-parttion-type.-the-scipt-later-.patch ++++++ >From 40a033cecf44d319039337eb4e4d2f14febe400b Mon Sep 17 00:00:00 2001 From: tyl0re <[email protected]> Date: Wed, 17 Jul 2019 10:13:09 +0200 Subject: [PATCH] Fixed Bug LVM has no Parttion Type. the Scipt Later it is checked if fs_type: cmd = ('parted', '-m', '-s', '--', device, 'mkpart', part_type, fs_type, start, end) else: cmd = ('parted', '-m', '-s', '--', device, 'mkpart', part_type, start, end) But never reached. The Check was in earlier Versions with parted.py 443 if fs_type and fs_type not in set(['ext2', 'fat32', 'fat16', 'linux-swap', 'reiserfs', 444 'hfs', 'hfs+', 'hfsx', 'NTFS', 'ufs', 'xfs', 'zfs']): So the check on not defined fs_type is missing --- salt/modules/parted_partition.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/modules/parted_partition.py b/salt/modules/parted_partition.py index 9441fec49fd1833da590b3f65637e8e92b287d1c..7d08a7b315c990e7a87c9c77fd6550a6174b7160 100644 --- a/salt/modules/parted_partition.py +++ b/salt/modules/parted_partition.py @@ -515,7 +515,7 @@ def mkpartfs(device, part_type, fs_type, start, end): 'Invalid part_type passed to partition.mkpartfs' ) - if not _is_fstype(fs_type): + if fs_type and not _is_fstype(fs_type): raise CommandExecutionError( 'Invalid fs_type passed to partition.mkpartfs' ) -- 2.23.0 ++++++ remove-vendored-backports-abc-from-requirements.patch ++++++ >From 4f80e969e31247a4755d98d25f29b5d8b1b916c3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pablo=20Su=C3=A1rez=20Hern=C3=A1ndez?= <[email protected]> Date: Mon, 27 Apr 2020 16:37:38 +0100 Subject: [PATCH] Remove vendored 'backports-abc' from requirements --- requirements/base.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/requirements/base.txt b/requirements/base.txt index 922aec4c754178fd5c317ed636a0ebe487fcb25d..8adf76a2a045f4fca8695c584fedcfc913f54db2 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -4,7 +4,6 @@ PyYAML MarkupSafe requests>=1.0.0 # Requirements for Tornado 4.5.3 (vendored as salt.ext.tornado) -backports-abc==0.5; python_version < '3.0' singledispatch==3.4.0.3; python_version < '3.4' # Required by Tornado to handle threads stuff. futures>=2.0; python_version < '3.0' -- 2.23.0
