pool/csync2
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

* VUL-1: CVE-2019-15523: csync2: incorrect TLS handshake error handling

Browse Source 
(bsc#1147139
- VUL-1: csync2: bad TLS key generation on installation (bsc#1145032)
  Adapt suggested changes in %post section.
  Do not hide output on standard error during generating the keys.
- Update patches
  * Add 0001-Add-COPYING-as-docfile.patch
  * Add 0002-Patch-sonames.patch
  * Add 0003-Set-AC_PROG_CPP-in-configure.ac.patch
  * Remove add-COPYING.patch
  * Remove add-ac_prog_cpp.patch
  * Remove fix-sonames.patch

OBS-URL: https://build.opensuse.org/package/show/network:ha-clustering:Factory/csync2?expand=0&rev=58
This commit is contained in:
Peter Varkoly 2021-04-07 19:24:19 +00:00 committed by Git OBS Bridge
parent 0672ff4540
commit 1daf591e5d
1 changed files with 17 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
csync2.changes
View File

@ -1,27 +1,25 @@
-------------------------------------------------------------------
Wed Apr 7 09:58:51 UTC 2021 - Peter Varkoly <varkoly@suse.com>
Wed Apr 7 19:21:54 UTC 2021 - Peter Varkoly <varkoly@suse.com>
- Update to 2.0+git.1600444747.83b3644:
* VUL-1: CVE-2019-15522: csync2: daemon fails to enforce TLS
(bsc#1147137)
* VUL-1: CVE-2019-15523: csync2: incorrect TLS handshake error handling
(bsc#1147139
* use standard %lld instead of non-standard %Ld format specifier
* try to avoid (temporary) -rw------- root:root files on receiving side
* fix diff mode truncation to first 512 byte
* disable xinetd template by default as preparation for systemd socket unit
* add systemd csync2.socket and csync2@.service templates
* escape peername in SQL statements
- VUL-1: csync2: bad TLS key generation on installation (bsc#1145032)
Adapt suggested changes in %post section.
Do not hide output on standard error during generating the keys.
- Remove patches contained by update:
* 0003-Set-AC_PROG_CPP-in-configure.ac.patch
* 0002-Patch-sonames.patch
* 0001-Add-COPYING-as-docfile.patch
-------------------------------------------------------------------
Wed Nov 20 14:00:30 UTC 2019 - Peter Varkoly <varkoly@suse.com>
- VUL-1: csync2: bad TLS key generation on installation (bsc#1145032)
Adapt suggested changes in %post section.
Do not hide output on standard error during generating the keys.
-------------------------------------------------------------------
Mon May 27 08:13:02 UTC 2019 - Kristoffer Gronlund <kgronlund@suse.com>
@ -30,6 +28,17 @@ Mon May 27 08:13:02 UTC 2019 - Kristoffer Gronlund <kgronlund@suse.com>
* Add error handling for out-of-memory while parsing config file
* create_key: use all random bits; add some error handling
- Update patches
* Add 0001-Add-COPYING-as-docfile.patch
* Add 0002-Patch-sonames.patch
* Add 0003-Set-AC_PROG_CPP-in-configure.ac.patch
* Remove add-COPYING.patch
* Remove add-ac_prog_cpp.patch
* Remove fix-sonames.patch
-------------------------------------------------------------------
Mon May 27 08:13:02 UTC 2019 - Kristoffer Gronlund <kgronlund@suse.com>
- Update patches
* Add 0001-Add-COPYING-as-docfile.patch
* Add 0002-Patch-sonames.patch