1. photon
  2. Commit 6dc366a2ca4e056fb91ca98e49e381fc3f75ee1e
Browse code

libssh: Version upgrade to v0.10.5

This commit also fixes below CVE's:
CVE-2023-1667 and CVE-2023-2283

Change-Id: I8b3ecb4510ac51bde09860723748bb590cc080b8
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/c/photon/+/21766
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Harinadh Dommaraju <hdommaraju@vmware.com>

Nitesh authored on 2023/09/06 01:36:34
Showing 3 changed files
SPECS/cryptsetup/cryptsetup.spec
History View file @ 6dc366a
... ... 
@@ -1,30 +1,33 @@
1 1 
 Summary:        Utility to setup encrypted disks
2 2 
 Name:           cryptsetup
3 3 
 Version:        2.4.3
4 
-Release:        1%{?dist}
4 
+Release:        2%{?dist}
5 5 
 License:        GPLv2+ and LGPLv2+
6 6 
 Group:          System Environment/Base
7 7 
 Vendor:         VMware, Inc.
8 
-Distribution:   Photon
9 
-Source0:        %{name}-v%{version}.tar.gz
10 
-%define sha512  cryptsetup=c3d56a9d89253ad56e729a7faa334ca2b1650229e0527123f5fdb77e6801b920b9e2b5154db6247fadc08591c25c458666f5369e7a894f7ae635e1e31c09d2cf
11 8 
 URL:            https://gitlab.com/cryptsetup/cryptsetup
12 
-BuildRequires:  systemd-devel
13 
-BuildRequires:  openssl-devel
14 
-BuildRequires:  popt-devel
15 
-BuildRequires:  device-mapper-devel
16 
-BuildRequires:  gcc
17 
-BuildRequires:  make
18 
-BuildRequires:  json-c-devel
19 
-BuildRequires:  libpwquality-devel
20 
-BuildRequires:  libargon2-devel
21 
-BuildRequires:  libssh-devel
22 
-Requires:       cryptsetup-libs = %{version}-%{release}
23 
-Requires:       libpwquality
24 
-Requires:       util-linux-libs
25 
-Requires:       openssl
26 
-Requires:       device-mapper-libs
27 
-Requires:       device-mapper
9 
+Distribution:   Photon
10 
+
11 
+Source0: %{name}-v%{version}.tar.gz
12 
+%define sha512 %{name}=c3d56a9d89253ad56e729a7faa334ca2b1650229e0527123f5fdb77e6801b920b9e2b5154db6247fadc08591c25c458666f5369e7a894f7ae635e1e31c09d2cf
13 
+
14 
+BuildRequires: systemd-devel
15 
+BuildRequires: openssl-devel
16 
+BuildRequires: popt-devel
17 
+BuildRequires: device-mapper-devel
18 
+BuildRequires: gcc
19 
+BuildRequires: make
20 
+BuildRequires: json-c-devel
21 
+BuildRequires: libpwquality-devel
22 
+BuildRequires: libargon2-devel
23 
+BuildRequires: libssh-devel
24 
+
25 
+Requires: cryptsetup-libs = %{version}-%{release}
26 
+Requires: libpwquality
27 
+Requires: util-linux-libs
28 
+Requires: openssl
29 
+Requires: device-mapper-libs
30 
+Requires: device-mapper
28 31
29 32 
 %description
30 33 
 Cryptsetup is a utility used to conveniently set up disk encryption based
... ... 
@@ -147,13 +150,15 @@ rm -rf %{buildroot}%{_libdir}/*.la
147 147 
 %exclude %{_libdir}/%{name}/libcryptsetup-token-ssh.la
148 148
149 149 
 %changelog
150 
-*   Wed Apr 20 2022 Gerrit Photon <photon-checkins@vmware.com> 2.4.3-1
151 
--   Automatic Version Bump
152 
-*   Wed Jan 12 2022 Tapas Kundu <tkundu@vmware.com> 2.4.2-1
153 
--   Fix CVE-2021-4122
154 
--   Update to 2.4.2
155 
-*   Tue Nov 30 2021 Satya Naga Vasamsetty <svasamsetty@vmware.com> 2.3.5-2
156 
--   bump up version for openssl 3.0.0 compatibility
157 
--   Add device-mapper package dependency
158 
-*   Thu Apr 8 2021 Vamsi Krishna Brahmajosyula <vbrahmajosyula@vmware.com> 2.3.5-1
159 
--   Initial package.
150 
+* Tue Sep 05 2023 Nitesh Kumar <kunitesh@vmware.com> 2.4.3-2
151 
+- Version bump up to use libssh v0.10.5
152 
+* Wed Apr 20 2022 Gerrit Photon <photon-checkins@vmware.com> 2.4.3-1
153 
+- Automatic Version Bump
154 
+* Wed Jan 12 2022 Tapas Kundu <tkundu@vmware.com> 2.4.2-1
155 
+- Fix CVE-2021-4122
156 
+- Update to 2.4.2
157 
+* Tue Nov 30 2021 Satya Naga Vasamsetty <svasamsetty@vmware.com> 2.3.5-2
158 
+- bump up version for openssl 3.0.0 compatibility
159 
+- Add device-mapper package dependency
160 
+* Thu Apr 8 2021 Vamsi Krishna Brahmajosyula <vbrahmajosyula@vmware.com> 2.3.5-1
161 
+- Initial package.
SPECS/libnetconf2/libnetconf2.spec
History View file @ 6dc366a
... ... 
@@ -1,24 +1,24 @@
1 1 
 Summary:        NETCONF library in C intended for building NETCONF clients and servers.
2 2 
 Name:           libnetconf2
3 3 
 Version:        2.1.18
4 
-Release:        3%{?dist}
4 
+Release:        4%{?dist}
5 5 
 License:        BSD-3-Clause
6 6 
 Group:          Development/Tools
7 7 
 URL:            https://github.com/CESNET/libnetconf2
8 8 
 Vendor:         VMware, Inc.
9 9 
 Distribution:   Photon
10 10
11 
-Source0:        https://github.com/CESNET/libnetconf2/archive/refs/tags/%{name}-%{version}.tar.gz
11 
+Source0: https://github.com/CESNET/libnetconf2/archive/refs/tags/%{name}-%{version}.tar.gz
12 12 
 %define sha512 %{name}=01ca262c3e530f3d89e61838f08bf3abeae5c9c3c1cf9570416183a2060b850c18bdf661154ec31f7b57b13067c956fe01453ebc461d0d3935e841073a39fb20
13 13
14 
-BuildRequires:  cmake
15 
-BuildRequires:  make
16 
-BuildRequires:  gcc
17 
-BuildRequires:  libssh-devel
18 
-BuildRequires:  openssl-devel
19 
-BuildRequires:  libyang-devel
20 
-BuildRequires:  pcre2-devel
21 
-BuildRequires:  Linux-PAM-devel
14 
+BuildRequires: cmake
15 
+BuildRequires: make
16 
+BuildRequires: gcc
17 
+BuildRequires: libssh-devel
18 
+BuildRequires: openssl-devel
19 
+BuildRequires: libyang-devel
20 
+BuildRequires: pcre2-devel
21 
+BuildRequires: Linux-PAM-devel
22 22
23 23 
 Requires: pcre2
24 24 
 Requires: libyang
... ... 
@@ -99,6 +99,8 @@ popd
99 99 
 %dir %{_includedir}/%{name}
100 100
101 101 
 %changelog
102 
+* Tue Sep 05 2023 Nitesh Kumar <kunitesh@vmware.com> 2.1.18-4
103 
+- Version bump up to use libssh v0.10.5
102 104 
 * Mon Jul 24 2023 Brennan Lamoreaux <blamoreaux@vmware.com> 2.1.18-3
103 105 
 - Version bump as part of pcre2 update
104 106 
 * Tue Apr 11 2023 Brennan Lamoreaux <blamoreaux@vmware.com> 2.1.18-2
SPECS/libssh/libssh.spec
History View file @ 6dc366a
... ... 
@@ -1,32 +1,32 @@
1 1 
 Summary:        A library implementing the SSH protocol
2 2 
 Name:           libssh
3 
-Version:        0.9.6
4 
-Release:        5%{?dist}
3 
+Version:        0.10.5
4 
+Release:        1%{?dist}
5 5 
 License:        LGPLv2+
6 6 
 Vendor:         VMware, Inc.
7 7 
 Distribution:   Photon
8 8 
 Group:          System Environment/NetworkingLibraries
9 9 
 URL:            https://www.libssh.org
10 10
11 
-Source0:        https://www.libssh.org/files/0.9/%{name}-%{version}.tar.xz
12 
-%define sha512  %{name}=4040ec4af937e95be2e41313ef6d4db60b46b8d4dea10c09402398127c1d1ca8843392d207088aeee3c7ef631c6ae7b66861327dcebf78ed3af0723777619fd1
11 
+Source0: https://www.libssh.org/files/0.10/%{name}-%{version}.tar.xz
12 
+%define sha512 %{name}=2b758f9df2b5937865d4aee775ffeafafe3ae6739a89dfc470e38c7394e3c3cb5fcf8f842fdae04929890ee7e47bf8f50e3a38e82dfd26a009f3aae009d589e0
13 13
14 
-Source1:        %{name}_client.config
15 
-Source2:        %{name}_server.config
14 
+Source1: libssh_client.config
15 
+Source2: libssh_server.config
16 16
17 
-BuildRequires:  build-essential
18 
-BuildRequires:  cmake
19 
-BuildRequires:  krb5-devel
20 
-BuildRequires:  nmap-ncat
21 
-BuildRequires:  openssh-clients
22 
-BuildRequires:  openssh-server
23 
-BuildRequires:  openssl-devel
24 
-BuildRequires:  zlib-devel
25 
-BuildRequires:  libpcap-devel
17 
+BuildRequires: build-essential
18 
+BuildRequires: cmake
19 
+BuildRequires: krb5-devel
20 
+BuildRequires: nmap-ncat
21 
+BuildRequires: openssh-clients
22 
+BuildRequires: openssh-server
23 
+BuildRequires: openssl-devel
24 
+BuildRequires: zlib-devel
25 
+BuildRequires: libpcap-devel
26 26
27 
-Requires:       %{name}-config = %{version}-%{release}
28 
-Requires:       e2fsprogs-libs
29 
-Requires:       krb5
27 
+Requires: %{name}-config = %{version}-%{release}
28 
+Requires: e2fsprogs-libs
29 
+Requires: krb5
30 30
31 31 
 %description
32 32 
 The ssh library was designed to be used by programmers needing a working SSH
... ... 
@@ -81,8 +81,7 @@ install -d -m755 %{buildroot}%{_sysconfdir}/%{name}
81 81 
 install -m644 %{SOURCE1} %{buildroot}%{_sysconfdir}/%{name}/%{name}_client.config
82 82 
 install -m644 %{SOURCE2} %{buildroot}%{_sysconfdir}/%{name}/%{name}_server.config
83 83
84 
-%post -p /sbin/ldconfig
85 
-%postun -p /sbin/ldconfig
84 
+%ldconfig_scriptlets
86 85
87 86 
 %if 0%{?with_check}
88 87 
 %check
... ... 
@@ -90,11 +89,13 @@ install -m644 %{SOURCE2} %{buildroot}%{_sysconfdir}/%{name}/%{name}_server.confi
90 90 
 %endif
91 91
92 92 
 %files
93 
-%doc AUTHORS BSD ChangeLog README
93 
+%defattr(-,root,root)
94 
+%doc AUTHORS BSD README
94 95 
 %license COPYING
95 96 
 %{_libdir}/%{name}.so.4*
96 97
97 98 
 %files devel
99 
+%defattr(-,root,root)
98 100 
 %{_includedir}/%{name}/
99 101 
 %dir %{_libdir}/cmake/
100 102 
 %{_libdir}/cmake/%{name}/
... ... 
@@ -102,11 +103,15 @@ install -m644 %{SOURCE2} %{buildroot}%{_sysconfdir}/%{name}/%{name}_server.confi
102 102 
 %{_libdir}/%{name}.so
103 103
104 104 
 %files config
105 
+%defattr(-,root,root)
105 106 
 %attr(0755,root,root) %dir %{_sysconfdir}/%{name}
106 107 
 %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/%{name}/%{name}_client.config
107 108 
 %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/%{name}/%{name}_server.config
108 109
109 110 
 %changelog
111 
+* Tue Sep 05 2023 Nitesh Kumar <kunitesh@vmware.com> 0.10.5-1
112 
+- Version upgrade to v0.10.5 to fix follwing CVE's:
113 
+- CVE-2023-2023-1667, CVE-2023-2283
110 114 
 * Fri Jul 28 2023 Srish Srinivasan <ssrish@vmware.com> 0.9.6-5
111 115 
 - Bump version as a part of krb5 upgrade
112 116 
 * Fri Apr 14 2023 Shreenidhi Shedi <sshedi@vmware.com> 0.9.6-4