From 856be52bc89a2e1fc778397790cba44027939ee18886d9565a46a1c7af2cb8d6 Mon Sep 17 00:00:00 2001 From: Fabian Vogt Date: Wed, 17 Apr 2024 11:00:23 +0000 Subject: [PATCH] Accepting request 1168509 from home:dancermak:branches:devel:microos New upstream release 1.2.0 OBS-URL: https://build.opensuse.org/request/show/1168509 OBS-URL: https://build.opensuse.org/package/show/devel:microos/cni?expand=0&rev=13 --- 0001-fix-upstream-CVE-2021-38561.patch | 167 ------------------------- _service | 21 ++-- _servicedata | 2 +- cni-1.1.2.tar.gz | 3 - cni-1.2.0.obscpio | 3 + cni.changes | 11 ++ cni.obsinfo | 4 + cni.spec | 14 +-- vendor.tar.gz | 4 +- 9 files changed, 36 insertions(+), 193 deletions(-) delete mode 100644 0001-fix-upstream-CVE-2021-38561.patch delete mode 100644 cni-1.1.2.tar.gz create mode 100644 cni-1.2.0.obscpio create mode 100644 cni.obsinfo diff --git a/0001-fix-upstream-CVE-2021-38561.patch b/0001-fix-upstream-CVE-2021-38561.patch deleted file mode 100644 index e249ffd..0000000 --- a/0001-fix-upstream-CVE-2021-38561.patch +++ /dev/null @@ -1,167 +0,0 @@ -From 383b2e75a7a4198c42f8f87833eefb772868a56f Mon Sep 17 00:00:00 2001 -From: Russ Cox -Date: Mon, 9 Aug 2021 15:09:12 -0400 -Subject: [PATCH] language: turn parsing panics into ErrSyntax - -We keep finding new panics in the language parser. -Limit the damage by reporting those inputs as syntax errors. - -Change-Id: I786fe127c3df7e4c8e042d15095d3acf3c4e4a50 -Reviewed-on: https://go-review.googlesource.com/c/text/+/340830 -Trust: Russ Cox -Run-TryBot: Russ Cox -TryBot-Result: Go Bot -Reviewed-by: Roland Shoemaker ---- - internal/language/language.go | 43 +++++++++++++++++++++++++++++++---- - internal/language/parse.go | 7 ++++++ - language/parse.go | 22 ++++++++++++++++++ - 3 files changed, 68 insertions(+), 4 deletions(-) - -diff --git a/internal/language/language.go b/internal/language/language.go -index f41aedcfc..6105bc7fa 100644 ---- a/internal/language/language.go -+++ b/internal/language/language.go -@@ -251,6 +251,13 @@ func (t Tag) Parent() Tag { - - // ParseExtension parses s as an extension and returns it on success. - func ParseExtension(s string) (ext string, err error) { -+ defer func() { -+ if recover() != nil { -+ ext = "" -+ err = ErrSyntax -+ } -+ }() -+ - scan := makeScannerString(s) - var end int - if n := len(scan.token); n != 1 { -@@ -461,7 +468,14 @@ func (t Tag) findTypeForKey(key string) (start, sep, end int, hasExt bool) { - // ParseBase parses a 2- or 3-letter ISO 639 code. - // It returns a ValueError if s is a well-formed but unknown language identifier - // or another error if another error occurred. --func ParseBase(s string) (Language, error) { -+func ParseBase(s string) (l Language, err error) { -+ defer func() { -+ if recover() != nil { -+ l = 0 -+ err = ErrSyntax -+ } -+ }() -+ - if n := len(s); n < 2 || 3 < n { - return 0, ErrSyntax - } -@@ -472,7 +486,14 @@ func ParseBase(s string) (Language, error) { - // ParseScript parses a 4-letter ISO 15924 code. - // It returns a ValueError if s is a well-formed but unknown script identifier - // or another error if another error occurred. --func ParseScript(s string) (Script, error) { -+func ParseScript(s string) (scr Script, err error) { -+ defer func() { -+ if recover() != nil { -+ scr = 0 -+ err = ErrSyntax -+ } -+ }() -+ - if len(s) != 4 { - return 0, ErrSyntax - } -@@ -489,7 +510,14 @@ func EncodeM49(r int) (Region, error) { - // ParseRegion parses a 2- or 3-letter ISO 3166-1 or a UN M.49 code. - // It returns a ValueError if s is a well-formed but unknown region identifier - // or another error if another error occurred. --func ParseRegion(s string) (Region, error) { -+func ParseRegion(s string) (r Region, err error) { -+ defer func() { -+ if recover() != nil { -+ r = 0 -+ err = ErrSyntax -+ } -+ }() -+ - if n := len(s); n < 2 || 3 < n { - return 0, ErrSyntax - } -@@ -578,7 +606,14 @@ type Variant struct { - - // ParseVariant parses and returns a Variant. An error is returned if s is not - // a valid variant. --func ParseVariant(s string) (Variant, error) { -+func ParseVariant(s string) (v Variant, err error) { -+ defer func() { -+ if recover() != nil { -+ v = Variant{} -+ err = ErrSyntax -+ } -+ }() -+ - s = strings.ToLower(s) - if id, ok := variantIndex[s]; ok { - return Variant{id, s}, nil -diff --git a/internal/language/parse.go b/internal/language/parse.go -index c696fd0bd..47ee0fed1 100644 ---- a/internal/language/parse.go -+++ b/internal/language/parse.go -@@ -232,6 +232,13 @@ func Parse(s string) (t Tag, err error) { - if s == "" { - return Und, ErrSyntax - } -+ defer func() { -+ if recover() != nil { -+ t = Und -+ err = ErrSyntax -+ return -+ } -+ }() - if len(s) <= maxAltTaglen { - b := [maxAltTaglen]byte{} - for i, c := range s { -diff --git a/language/parse.go b/language/parse.go -index 11acfd885..59b041008 100644 ---- a/language/parse.go -+++ b/language/parse.go -@@ -43,6 +43,13 @@ func Parse(s string) (t Tag, err error) { - // https://www.unicode.org/reports/tr35/#Unicode_Language_and_Locale_Identifiers. - // The resulting tag is canonicalized using the canonicalization type c. - func (c CanonType) Parse(s string) (t Tag, err error) { -+ defer func() { -+ if recover() != nil { -+ t = Tag{} -+ err = language.ErrSyntax -+ } -+ }() -+ - tt, err := language.Parse(s) - if err != nil { - return makeTag(tt), err -@@ -79,6 +86,13 @@ func Compose(part ...interface{}) (t Tag, err error) { - // tag is returned after canonicalizing using CanonType c. If one or more errors - // are encountered, one of the errors is returned. - func (c CanonType) Compose(part ...interface{}) (t Tag, err error) { -+ defer func() { -+ if recover() != nil { -+ t = Tag{} -+ err = language.ErrSyntax -+ } -+ }() -+ - var b language.Builder - if err = update(&b, part...); err != nil { - return und, err -@@ -142,6 +156,14 @@ var errInvalidWeight = errors.New("ParseAcceptLanguage: invalid weight") - // Tags with a weight of zero will be dropped. An error will be returned if the - // input could not be parsed. - func ParseAcceptLanguage(s string) (tag []Tag, q []float32, err error) { -+ defer func() { -+ if recover() != nil { -+ tag = nil -+ q = nil -+ err = language.ErrSyntax -+ } -+ }() -+ - var entry string - for s != "" { - if entry, s = split(s, ','); entry == "" { diff --git a/_service b/_service index ffd2781..d92ab85 100644 --- a/_service +++ b/_service @@ -1,20 +1,19 @@ - + https://github.com/containernetworking/cni.git git - cni - .git + v1.2.0 @PARENT_TAG@ - v1.1.2 v(.*) + + v* enable - - cni-*.tar - gz + + + *.tar + zst - - cni - - + + diff --git a/_servicedata b/_servicedata index 4baeda2..3632155 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://github.com/containernetworking/cni.git - 3363d143688bb83ca18489ac8b9dc204c1d49c4a \ No newline at end of file + df52e9460d3a819920b63e28c4d5d6f12bed6758 \ No newline at end of file diff --git a/cni-1.1.2.tar.gz b/cni-1.1.2.tar.gz deleted file mode 100644 index 01c3fdf..0000000 --- a/cni-1.1.2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:105ee0fcde31f65af37b0ca4f51c75144873c9f0d0b23f60d7d4b4d73d4718e0 -size 119566 diff --git a/cni-1.2.0.obscpio b/cni-1.2.0.obscpio new file mode 100644 index 0000000..e4216a5 --- /dev/null +++ b/cni-1.2.0.obscpio @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:461565925812439cfbdd64916eb7346f6982289ac1342477ec5975c1c679c846 +size 4164620 diff --git a/cni.changes b/cni.changes index 1fde50a..52fa704 100644 --- a/cni.changes +++ b/cni.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Tue Apr 16 13:27:50 UTC 2024 - Dan Čermák + +- Remove 0001-fix-upstream-CVE-2021-38561.patch, patch has been merged into + golang.org/x/text version 0.3.7, vendored bundle now contains 0.14.0 +- Stop shipping development files DCO & CONTRIBUTING.md +- New upstream release 1.2.0 with spec 1.1.0: + * GC verb + * STATUS verb + * Version negotiation + ------------------------------------------------------------------- Mon Oct 9 09:40:04 UTC 2023 - Dan Čermák diff --git a/cni.obsinfo b/cni.obsinfo new file mode 100644 index 0000000..ccfc707 --- /dev/null +++ b/cni.obsinfo @@ -0,0 +1,4 @@ +name: cni +version: 1.2.0 +mtime: 1713196028 +commit: df52e9460d3a819920b63e28c4d5d6f12bed6758 diff --git a/cni.spec b/cni.spec index 6427089..131eece 100644 --- a/cni.spec +++ b/cni.spec @@ -22,21 +22,20 @@ %define cni_bin_dir %{_libexecdir}/cni %define cni_doc_dir %{_docdir}/cni Name: cni -Version: 1.1.2 +Version: 1.2.0 Release: 0 Summary: Container Network Interface - networking for Linux containers License: Apache-2.0 Group: System/Management URL: https://github.com/containernetworking/cni -Source0: %{name}-%{version}.tar.gz +Source0: %{name}-%{version}.tar.zst Source1: 99-loopback.conf Source2: vendor.tar.gz -# PATCH-FIX-UPSTREAM bsc#1206711 -Patch0: 0001-fix-upstream-CVE-2021-38561.patch BuildRequires: golang-packaging BuildRequires: shadow BuildRequires: systemd-rpm-macros BuildRequires: golang(API) >= 1.21 +BuildRequires: zstd Requires(post): %fillup_prereq Recommends: cni-plugins %{?systemd_requires} @@ -51,10 +50,7 @@ the container is deleted. Because of this focus, CNI has a wide range of support and the specification is simple to implement. %prep -%autosetup -a2 -N -pushd vendor/golang.org/x/text -%autopatch -p1 -popd +%autosetup -a2 %build export GOFLAGS=-mod=vendor @@ -89,7 +85,7 @@ install -m 755 -d "%{buildroot}%{cni_doc_dir}" %{fillup_only -n %{name}} %files -%doc CONTRIBUTING.md README.md DCO +%doc README.md %license LICENSE %dir %{cni_etc_dir} %dir %{cni_etc_dir}/net.d diff --git a/vendor.tar.gz b/vendor.tar.gz index e1a4272..9950366 100644 --- a/vendor.tar.gz +++ b/vendor.tar.gz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:10a58222af4f7590f69085fff3391c09efb199ae94313ed184e76f0504f08e39 -size 2016341 +oid sha256:a09799765aa6e59e32f9549905d3845f6a0bb6887dfd3bae8309a93dcc27b900 +size 2336537