Upgraded procps-ng to 3.3.15 to fix :
- CVE-2018-1122 CVE-2018-1123 CVE-2018-1124 CVE-2018-1125
- CVE-2018-1126
Change-Id: I3d34891963d02d2e7214f7830fb4212c557e5580
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/5473
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Sharath George
1 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,17 +0,0 @@ |
1 |
-+++ b/watch.c 2016-06-21 12:46:59.335652273 -0700 |
|
2 |
-@@ -228,10 +228,12 @@ |
|
3 |
- * attributes to apply, but typically there are between 1 and 3. |
|
4 |
- */ |
|
5 |
- |
|
6 |
-- if (*endptr == '\0') set_ansi_attribute(0); /* [m treated as [0m */ |
|
7 |
- |
|
8 |
-- for (endptr = numstart = buf; *endptr != '\0'; numstart = endptr + 1) |
|
9 |
-+ for (endptr = numstart = buf; *endptr != '\0'; numstart = endptr + 1) { |
|
10 |
- set_ansi_attribute(strtol(numstart, &endptr, 10)); |
|
11 |
-+ if (numstart == endptr) |
|
12 |
-+ set_ansi_attribute(0); /* [m treated as [0m */ |
|
13 |
-+ } |
|
14 |
- } |
|
15 |
- |
|
16 |
- static void __attribute__ ((__noreturn__)) do_exit(int status) |
... | ... |
@@ -1,15 +1,14 @@ |
1 | 1 |
Summary: Programs for monitoring processes |
2 | 2 |
Name: procps-ng |
3 |
-Version: 3.3.11 |
|
4 |
-Release: 4%{?dist} |
|
3 |
+Version: 3.3.15 |
|
4 |
+Release: 1%{?dist} |
|
5 | 5 |
License: GPLv2 |
6 | 6 |
URL: http://procps.sourceforge.net/ |
7 | 7 |
Group: Applications/System |
8 | 8 |
Vendor: VMware, Inc. |
9 | 9 |
Distribution: Photon |
10 | 10 |
Source0: http://sourceforge.net/projects/procps-ng/files/Production/%{name}-%{version}.tar.xz |
11 |
-%define sha1 procps-ng=1bdca65547df9ed019bd83649b0f8b8eaa017e25 |
|
12 |
-Patch0: Fixto-interpret-ascii-sequence.patch |
|
11 |
+%define sha1 procps-ng=2929bc64f0cf7b2db997eef79b7187658e47230d |
|
13 | 12 |
BuildRequires: ncurses-devel >= 6.0-3 |
14 | 13 |
Requires: ncurses >= 6.0-3 |
15 | 14 |
%description |
... | ... |
@@ -21,7 +20,6 @@ Requires: %{name} = %{version} |
21 | 21 |
It contains the libraries and header files to create applications |
22 | 22 |
%prep |
23 | 23 |
%setup -q |
24 |
-%patch0 -p1 |
|
25 | 24 |
%build |
26 | 25 |
./configure \ |
27 | 26 |
--prefix=%{_prefix} \ |
... | ... |
@@ -60,8 +58,8 @@ find %{buildroot} -name '*.la' -delete |
60 | 60 |
/bin/pkill |
61 | 61 |
%{_sbindir}/pidof |
62 | 62 |
%_datadir/locale/* |
63 |
-%{_docdir}/procps-ng-3.3.11/FAQ |
|
64 |
-%{_docdir}/procps-ng-3.3.11/bugs.md |
|
63 |
+%{_docdir}/%{name}-%{version}/FAQ |
|
64 |
+%{_docdir}/%{name}-%{version}/bugs.md |
|
65 | 65 |
%{_mandir}/man8/vmstat.8.gz |
66 | 66 |
%{_mandir}/man8/sysctl.8.gz |
67 | 67 |
%{_mandir}/man1/slabtop.1.gz |
... | ... |
@@ -77,10 +75,11 @@ find %{buildroot} -name '*.la' -delete |
77 | 77 |
%{_mandir}/man1/w.1.gz |
78 | 78 |
%{_mandir}/man1/watch.1.gz |
79 | 79 |
%{_mandir}/man1/ps.1.gz |
80 |
+%{_mandir}/man1/procps.1.gz |
|
80 | 81 |
%{_mandir}/man3/* |
81 | 82 |
%{_mandir}/man5/sysctl.conf.5.gz |
82 |
-%{_libdir}/libprocps.so.5 |
|
83 |
-%{_libdir}/libprocps.so.5.0.0 |
|
83 |
+%{_libdir}/libprocps.so.7 |
|
84 |
+%{_libdir}/libprocps.so.7.1.0 |
|
84 | 85 |
/sbin/sysctl |
85 | 86 |
%files devel |
86 | 87 |
%{_includedir}/proc/sig.h |
... | ... |
@@ -95,9 +94,14 @@ find %{buildroot} -name '*.la' -delete |
95 | 95 |
%{_includedir}/proc/slab.h |
96 | 96 |
%{_includedir}/proc/alloc.h |
97 | 97 |
%{_includedir}/proc/whattime.h |
98 |
+%{_includedir}/proc/numa.h |
|
98 | 99 |
%{_libdir}/pkgconfig/libprocps.pc |
99 | 100 |
%{_libdir}/libprocps.so |
100 | 101 |
%changelog |
102 |
+* Thu Aug 09 2018 Tapas Kundu <tkundu@vmware.com> 3.3.15-1 |
|
103 |
+- Upgrade version to 3.3.15. |
|
104 |
+- Fix for CVE-2018-1122 CVE-2018-1123 CVE-2018-1124 CVE-2018-1125 |
|
105 |
+- Fix for CVE-2018-1126 |
|
101 | 106 |
* Mon Apr 3 2017 Alexey Makhalov <amakhalov@vmware.com> 3.3.11-4 |
102 | 107 |
- Use specified version of ncurses wich has long chtype and mmask_t |
103 | 108 |
(see ncurses changelog) |