https://git.altlinux.org/tasks/424354/logs/events.2.1.log
https://packages.altlinux.org/tasks/424354

subtask  name     aarch64  i586  x86_64
   #200  openbao     5:18  2:34    2:34

2026-Jul-06 15:09:09 :: task #424354 for sisyphus resumed by tulskijms:
#100 removed
#200 build 2.5.5-alt1 from /people/tulskijms/packages/openbao.git fetched at 
2026-Jul-06 15:08:57
2026-Jul-06 15:09:11 :: [i586] #200 openbao.git 2.5.5-alt1: build start
2026-Jul-06 15:09:11 :: [aarch64] #200 openbao.git 2.5.5-alt1: build start
2026-Jul-06 15:09:11 :: [x86_64] #200 openbao.git 2.5.5-alt1: build start
2026-Jul-06 15:11:45 :: [x86_64] #200 openbao.git 2.5.5-alt1: build OK
2026-Jul-06 15:11:45 :: [i586] #200 openbao.git 2.5.5-alt1: build OK
2026-Jul-06 15:14:29 :: [aarch64] #200 openbao.git 2.5.5-alt1: build OK
2026-Jul-06 15:14:41 :: 200: build check OK
2026-Jul-06 15:14:42 :: build check OK
2026-Jul-06 15:14:50 :: #200: openbao.git 2.5.5-alt1: version check OK
2026-Jul-06 15:14:51 :: build version check OK
2026-Jul-06 15:15:16 :: noarch check OK
2026-Jul-06 15:15:18 :: plan: src +1 -1 =22398, aarch64 +2 -2 =39684, i586 +2 
-2 =37226, x86_64 +2 -2 =40752
#200 openbao 2.5.4-alt1 -> 2.5.5-alt1
 Mon Jul 06 2026 Maxim Tulskiy <tulskijms@altlinux> 2.5.5-alt1
 - Updated to new version 2.5.5.
 - Fixes:
   + CVE-2026-55770: prevent LDAP injection via bind DN to group resolution 
(auth/ldap, secrets/ldap)
   + CVE-2026-55776: fix server crash from unlock of unlocked mutex for RSA 
keys created with derived=true (secrets/transit)
   + CVE-2026-55774: fix unauthorized cross-namespace lease revocation via 
leaked lease identifiers (core/leases)
   + CVE-2026-55775: fix namespace path canonicalization of "root" enabling 
unauthorized operations on the parent namespace (core/namespaces)
 - Require golang >= 1.26.4 to close Go stdlib CVEs found in the build 
toolchain.
 - Bumped vendored go-ntlmssp to 0.1.1 to fix CVE-2026-32952.
 - Bumped vendored jackc/pgx/v5 to 5.9.2 to fix CVE-2026-41889.
2026-Jul-06 15:15:18 :: openbao: fixes vulnerabilities: CVE-2026-55770 
CVE-2026-55776 CVE-2026-55774 CVE-2026-55775
2026-Jul-06 15:15:18 :: openbao: mentions vulnerabilities: CVE-2026-32952 
CVE-2026-41889
2026-Jul-06 15:16:09 :: patched apt indices
2026-Jul-06 15:16:19 :: created next repo
2026-Jul-06 15:16:32 :: duplicate provides check OK
2026-Jul-06 15:17:15 :: dependencies check OK
2026-Jul-06 15:17:56 :: [x86_64 i586 aarch64] ELF symbols check OK
2026-Jul-06 15:18:07 :: [i586] #200 openbao: install check OK
2026-Jul-06 15:18:08 :: [x86_64] #200 openbao: install check OK
2026-Jul-06 15:18:15 :: [i586] #200 openbao-debuginfo: install check OK
2026-Jul-06 15:18:16 :: [x86_64] #200 openbao-debuginfo: install check OK
2026-Jul-06 15:18:19 :: [aarch64] #200 openbao: install check OK
2026-Jul-06 15:18:36 :: [aarch64] #200 openbao-debuginfo: install check OK
2026-Jul-06 15:18:54 :: [x86_64-i586] generated apt indices
2026-Jul-06 15:18:54 :: [x86_64-i586] created next repo
2026-Jul-06 15:19:06 :: [x86_64-i586] dependencies check OK
2026-Jul-06 15:19:07 :: gears inheritance check OK
2026-Jul-06 15:19:07 :: srpm inheritance check OK
girar-check-perms: access to openbao DENIED for tulskijms: does not belong to 
maintainers list yet
check-subtask-perms: #200: openbao: Operation not permitted
2026-Jul-06 15:19:08 :: acl check FAILED
2026-Jul-06 15:19:20 :: created contents_index files
2026-Jul-06 15:19:29 :: created hash files: aarch64 i586 src x86_64
2026-Jul-06 15:19:33 :: task #424354 for sisyphus EPERM
_______________________________________________
Sisyphus-incominger mailing list
[email protected]
https://lists.altlinux.org/mailman/listinfo/sisyphus-incominger

Reply via email to