Browse code
Upgrade ELK stack to 6.4.3 for CVE-2018-17244,CVE-2018-17245,CVE-2018-17246
Change-Id: I2f0231737a5fe39197d158781ab183fa904d4fb0
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/6708
Reviewed-by: Anish Swaminathan <anishs@vmware.com>
Tested-by: Anish Swaminathan <anishs@vmware.com>
smaliakkal authored on 2019/02/14 11:55:49Showing 4 changed files
- SPECS/elasticsearch/elasticsearch.spec
- SPECS/kibana/kibana.spec
- SPECS/logstash/logstash.spec
- SPECS/yarn/yarn.spec
| ... | ... |
@@ -2,12 +2,12 @@ |
| 2 | 2 |
|
| 3 | 3 |
Summary: Elastic Search |
| 4 | 4 |
Name: elasticsearch |
| 5 |
-Version: 6.4.1 |
|
| 5 |
+Version: 6.4.3 |
|
| 6 | 6 |
Release: 1%{?dist}
|
| 7 | 7 |
License: Apache License Version 2.0 |
| 8 | 8 |
URL: https://github.com/elastic/elasticsearch/archive/v%{version}.tar.gz
|
| 9 | 9 |
Source0: %{name}-%{version}.tar.gz
|
| 10 |
-%define sha1 %{name}-%{version}.tar.gz=0cee8c50023e699b49eda523262bf1c212fb9714
|
|
| 10 |
+%define sha1 %{name}-%{version}.tar.gz=44f99fca3ad7373c4e3fd73b7a396ed7e1e2519a
|
|
| 11 | 11 |
Source1: cacerts |
| 12 | 12 |
%define sha1 cacerts=f584c7c1f48c552f39acfb5560a300a657d9f3bb |
| 13 | 13 |
Group: Development/Daemons |
| ... | ... |
@@ -119,6 +119,8 @@ rm -rf %{buildroot}/*
|
| 119 | 119 |
%attr(755,elasticsearch,elasticsearch) /usr/lib/tmpfiles.d/elasticsearch.conf |
| 120 | 120 |
|
| 121 | 121 |
%changelog |
| 122 |
+* Wed Feb 13 2019 Siju Maliakkal <smaliakkal@vmware.com> 6.4.3-1 |
|
| 123 |
+- Upgrade to 6.4.3 for CVE-2018-17244 |
|
| 122 | 124 |
* Wed Dec 19 2018 Siju Maliakkal <smaliakkal@vmware.com> 6.4.1-1 |
| 123 | 125 |
- Upgraded elasticsearch to 6.4.1 to mitigate CVE-2018-3831 |
| 124 | 126 |
* Thu Oct 25 2018 Tapas Kundu <tkundu@vmware.com> 6.4.0-1 |
| ... | ... |
@@ -1,6 +1,6 @@ |
| 1 | 1 |
Name: kibana |
| 2 | 2 |
Summary: Browser-based analytics and search dashboard for Elasticsearch. |
| 3 |
-Version: 6.4.1 |
|
| 3 |
+Version: 6.4.3 |
|
| 4 | 4 |
Release: 1%{?dist}
|
| 5 | 5 |
License: Apache License Version 2.0 |
| 6 | 6 |
URL: https://www.elastic.co/products/kibana |
| ... | ... |
@@ -8,7 +8,7 @@ Source0: https://github.com/elastic/kibana/archive/%{name}-%{version}.ta
|
| 8 | 8 |
Vendor: VMware, Inc. |
| 9 | 9 |
Distribution: Photon |
| 10 | 10 |
Group: System Environment/Daemons |
| 11 |
-%define sha1 kibana=144d2a1e8958b07cf7ca0d51a9d58de0ac7ad123 |
|
| 11 |
+%define sha1 kibana=a882485146299406487d9015ad1afd3ec57b65b8 |
|
| 12 | 12 |
BuildRequires: git |
| 13 | 13 |
BuildRequires: yarn |
| 14 | 14 |
BuildRequires: nodejs |
| ... | ... |
@@ -114,6 +114,8 @@ exit |
| 114 | 114 |
%{_datadir}/%{name}
|
| 115 | 115 |
|
| 116 | 116 |
%changelog |
| 117 |
+* Wed Feb 13 2019 Siju Maliakkal <smaliakkal@vmware.com> 6.4.3-1 |
|
| 118 |
+- Upgrade to 6.4.3 CVE-2018-17245,CVE-2018-17246 |
|
| 117 | 119 |
* Wed Jan 23 2019 Siju Maliakkal <smaliakkal@vmware.com> 6.4.1-1 |
| 118 | 120 |
- Upgrade to 6.4.1 to mitigate CVE-2018-3830 |
| 119 | 121 |
* Tue Sep 11 2018 Keerthana K <keerthanak@vmware.com> 6.4.0-1 |
| ... | ... |
@@ -1,14 +1,14 @@ |
| 1 | 1 |
Summary: Logstash is a tool for managing events and logs. |
| 2 | 2 |
Name: logstash |
| 3 |
-Version: 6.4.1 |
|
| 4 |
-Release: 2%{?dist}
|
|
| 3 |
+Version: 6.4.3 |
|
| 4 |
+Release: 1%{?dist}
|
|
| 5 | 5 |
License: Apache License Version 2.0 |
| 6 | 6 |
Group: Applications/System |
| 7 | 7 |
Vendor: VMware, Inc. |
| 8 | 8 |
Distribution: Photon |
| 9 | 9 |
URL: https://github.com/elastic/logstash/archive/%{name}-%{version}.tar.gz
|
| 10 | 10 |
Source0: %{name}-%{version}.tar.gz
|
| 11 |
-%define sha1 %{name}-%{version}.tar.gz=8b35bfbe7657af4f61595301b0482f5f1b1460e0
|
|
| 11 |
+%define sha1 %{name}-%{version}.tar.gz=a55f9d8f5d13c46cf44bba743469b77130b7487b
|
|
| 12 | 12 |
Source1: %{name}.service
|
| 13 | 13 |
Source2: %{name}.conf
|
| 14 | 14 |
Patch0: logstash-update-java-dependencies.patch |
| ... | ... |
@@ -114,6 +114,8 @@ fi |
| 114 | 114 |
%attr(-,logstash,logstash) /var/log/%{name}
|
| 115 | 115 |
|
| 116 | 116 |
%changelog |
| 117 |
+* Wed Feb 13 2019 Siju Maliakkal <smaliakkal@vmware.com> 6.4.3-1 |
|
| 118 |
+- Upgraded to 6.4.3 for kibana,elasticsearch compatibility |
|
| 117 | 119 |
* Fri Feb 08 2019 Ankit Jain <ankitja@vmware.com> 6.4.1-2 |
| 118 | 120 |
- Updated the Java dependencies |
| 119 | 121 |
* Wed Jan 23 2019 Siju Maliakkal <smaliakkal@vmware.com> 6.4.1-1 |
| ... | ... |
@@ -1,6 +1,6 @@ |
| 1 | 1 |
Summary: Fast, reliable, and secure dependency management. |
| 2 | 2 |
Name: yarn |
| 3 |
-Version: 1.6.0 |
|
| 3 |
+Version: 1.10.1 |
|
| 4 | 4 |
Release: 1%{?dist}
|
| 5 | 5 |
License: BSD 2-Clause |
| 6 | 6 |
URL: https://yarnpkg.com |
| ... | ... |
@@ -43,5 +43,7 @@ ln -sf %{_libdir}/node_modules/%{name}/bin/yarn.js %{buildroot}%{_bindir}/yarnpk
|
| 43 | 43 |
%{_libdir}/node_modules/%{name}
|
| 44 | 44 |
|
| 45 | 45 |
%changelog |
| 46 |
+* Wed Feb 13 2019 Siju Maliakkal <smaliakkal@vmware.com> 1.10.1-1 |
|
| 47 |
+- Upgrade to 1.10.1 for kibana buildrequirement |
|
| 46 | 48 |
* Mon Jul 09 2018 Keerthana K <keerthanak@vmware.com> 1.6.0-1 |
| 47 | 49 |
- Initial yarn package for PhotonOS. |