Request 883785: Submit csync2 - openSUSE Build Service

This request supersedes: request 883676 (Show diff)

Overview

Request 883785 accepted

- Update to 2.0+git.1600444747.83b3644:
* VUL-1: CVE-2019-15522: csync2: daemon fails to enforce TLS
(bsc#1147137)
* VUL-1: CVE-2019-15523: csync2: incorrect TLS handshake error handling
(bsc#1147139
* use standard %lld instead of non-standard %Ld format specifier
* try to avoid (temporary) -rw------- root:root files on receiving side
* fix diff mode truncation to first 512 byte
* disable xinetd template by default as preparation for systemd socket unit
* add systemd csync2.socket and csync2@.service templates
* escape peername in SQL statements
- VUL-1: csync2: bad TLS key generation on installation (bsc#1145032)
Adapt suggested changes in %post section.
Do not hide output on standard error during generating the keys.
- Remove patches contained by update:
* 0003-Set-AC_PROG_CPP-in-configure.ac.patch
* 0002-Patch-sonames.patch
* 0001-Add-COPYING-as-docfile.patch

Created by varkoly about 3 years ago
In state accepted
Supersedes 883676

Submit csync2

Comments for request 883785 0

Login required, please login in order to comment

Request History

varkoly created request about 3 years ago

- Update to 2.0+git.1600444747.83b3644:
* VUL-1: CVE-2019-15522: csync2: daemon fails to enforce TLS
(bsc#1147137)
* VUL-1: CVE-2019-15523: csync2: incorrect TLS handshake error handling
(bsc#1147139
* use standard %lld instead of non-standard %Ld format specifier
* try to avoid (temporary) -rw------- root:root files on receiving side
* fix diff mode truncation to first 512 byte
* disable xinetd template by default as preparation for systemd socket unit
* add systemd csync2.socket and csync2@.service templates
* escape peername in SQL statements
- VUL-1: csync2: bad TLS key generation on installation (bsc#1145032)
Adapt suggested changes in %post section.
Do not hide output on standard error during generating the keys.
- Remove patches contained by update:
* 0003-Set-AC_PROG_CPP-in-configure.ac.patch
* 0002-Patch-sonames.patch
* 0001-Add-COPYING-as-docfile.patch

factory-auto added opensuse-review-team as a reviewer about 3 years ago

Please review sources

factory-auto accepted review about 3 years ago

Check script succeeded

licensedigger accepted review about 3 years ago

ok

dimstar_suse added as a reviewer about 3 years ago

Being evaluated by staging project "openSUSE:Factory:Staging:adi:46"

dimstar_suse accepted review about 3 years ago

Picked "openSUSE:Factory:Staging:adi:46"

namtrac accepted review about 3 years ago

RBrownSUSE accepted review about 3 years ago

Staging Project openSUSE:Factory:Staging:adi:46 got accepted.

RBrownSUSE approved review about 3 years ago

Staging Project openSUSE:Factory:Staging:adi:46 got accepted.

RBrownSUSE accepted request about 3 years ago

Staging Project openSUSE:Factory:Staging:adi:46 got accepted.

openSUSE Build Service is sponsored by