Accepting request 808990 from home:pluskalm:branches:security

- Update to version 1.9.8:
  * Fix for Unresolved symbol error_exit in libhavege #20 by pld-gitsync [Jirka Hladky]
  * order after systemd-tmpfiles-setup-dev.service (origin/pr/21) [Christian Hesse]
  * use systemd security features [Christian Hesse]
  * do not run in container [Christian Hesse]
  * do not use carriage return in line break [Christian Hesse]
  * Fixed invalid UTF-8 codes in ChangeLog [Jirka Hladky]
- Changes for version 1.9.5:
  * Added test for /dev/random symlink [Jirka Hladky]
  * Update to automake 1.16 [Jirka Hladky]
  * Fix segv at start [Andrew]
  * Fixed built issue on Cygwin [jbaker6953]
  * Fix segfault on arm machines (origin/pr/7) [Natanael Copa]
  * init.d/Makefile.am - add missing dependency [Jackie Huang]
  * service.redhat - update PIDFile [Pierre-Jean Texier]
  * Fix type mismatch in get_poolsize [Andreas Schwab]
  * Fixup upstream changelog [Nicolas Braud-Santoni]
  * Remove support for CPUID on ia64 (origin/pr/19) [Jeremy Bobbio]
  * Output some progress during CUSUM and RANDOM EXCURSION test [Sven Hartge]
  * Diagnostics capture mode now works correctly [Ethan Rahn]
- Drop upstream patches:
  * f2193587.patch
  * get-poolsize.patch

OBS-URL: https://build.opensuse.org/request/show/808990
OBS-URL: https://build.opensuse.org/package/show/security/haveged?expand=0&rev=129

f2193587.patch

@@ -1,27 +0,0 @@
-From f2193587e8e51aa42b192c17ad39467931e2d4c2 Mon Sep 17 00:00:00 2001
-From: Natanael Copa <ncopa@alpinelinux.org>
-Date: Wed, 19 Sep 2018 09:51:43 +0200
-Subject: [PATCH] Fix segfault on arm machines
-
-Some ARM cpus does not report the cache size or say it is -1 in sysfs.
-It has been observed on xgene and thunderx machines.
-
-Fall back to the generic cache size when that happens so we don't
-segfault.
-
-Should fix https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866306
----
- src/havegetune.c |    2 ++
- 1 file changed, 2 insertions(+)
-
---- a/src/havegetune.c
-+++ b/src/havegetune.c	2018-09-19 09:25:27.016773887 +0000
-@@ -795,6 +795,8 @@ static int vfs_configInfoCache(
-          ctype = vfs_configFile(pAnchor, path, vfs_configType);
-          strcpy(path+plen, "size");
-          size  = vfs_configFile(pAnchor, path, vfs_configInt);
-+         if (size == -1)
-+               size = ctype == 'I' ? GENERIC_ICACHE : GENERIC_DCACHE;
-          cfg_cacheAdd(pAnchor, SRC_VFS_INDEX,  pArgs[1], level, ctype, size);
-          }
-      }

get-poolsize.patch

@@ -1,27 +0,0 @@
-From 6d52229623c296385813bc8178987cd50fa55193 Mon Sep 17 00:00:00 2001
-From: Andreas Schwab <schwab@suse.de>
-Date: Thu, 25 Jul 2019 11:19:12 +0200
-Subject: [PATCH] Fix type mismatch in get_poolsize
-
-Make max_bits signed so that error checking works.
----
- src/haveged.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/src/haveged.c b/src/haveged.c
-index 9788bda..543d833 100644
---- a/src/haveged.c
-+++ b/src/haveged.c
-@@ -496,7 +496,8 @@ static int get_poolsize(   /* RETURN: number of bits  */
-    void)                   /* IN: nothing             */
- {
-    FILE *poolsize_fh,*osrel_fh;
--   unsigned int max_bits,major,minor;
-+   unsigned int major,minor;
-+   int max_bits;
- 
-    poolsize_fh = fopen(params->poolsize, "rb");
-    if (poolsize_fh) {
--- 
-2.22.0
-

haveged-1.9.4.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:c4959d3cb1fa6391d16a3aa1ba4d82cd3a0d497206ae4b87d638088c0664e5aa
-size 493215

haveged-1.9.8.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:99aa1996c6e39ea2459cfc37addfb8b1eecc63f3a2b6da9db17b22e76b6851ae
+size 494473

haveged-conditional-enttest.patch

@@ -2,8 +2,10 @@
  haveged-1.9.4/configure.ac |    7 ++++++-
  1 file changed, 6 insertions(+), 1 deletion(-)
 
---- haveged-1.9.4/configure.ac
+Index: haveged-1.9.8/configure.ac
-+++ haveged-1.9.4/configure.ac	2018-09-19 09:23:58.582379792 +0000
+===================================================================
+--- haveged-1.9.8.orig/configure.ac
++++ haveged-1.9.8/configure.ac
 @@ -62,6 +62,11 @@ AC_ARG_ENABLE(nistest,
     AS_HELP_STRING([--enable-nistest=[no/yes]],[Run NIST test suite [default=no]]),
     , enable_nistest="no")

haveged-no-syslog.patch

@@ -1,12 +1,8 @@
-Index: haveged-1.9.1/src/haveged.c
+Index: haveged-1.9.8/src/haveged.c
 ===================================================================
----
+--- haveged-1.9.8.orig/src/haveged.c
- haveged-1.9.4/src/haveged.c |    6 ++++++
++++ haveged-1.9.8/src/haveged.c
- 1 file changed, 6 insertions(+)
+@@ -480,8 +480,10 @@ static void daemonize(     /* RETURN: no
-
---- haveged-1.9.4/src/haveged.c
-+++ haveged-1.9.4/src/haveged.c	2018-09-19 09:24:30.741795848 +0000
-@@ -478,8 +478,10 @@ static void daemonize(     /* RETURN: no
     void)                   /* IN: nothing       */
  {
     FILE *fh;
@@ -17,7 +13,7 @@ Index: haveged-1.9.1/src/haveged.c
     if (daemon(0, 0) == -1)
        error_exit("Cannot fork into the background");
     fh = fopen(params->pid_file, "w");
-@@ -684,7 +686,9 @@ void error_exit(           /* RETURN: no
+@@ -692,7 +694,9 @@ void error_exit(           /* RETURN: no
  #ifndef NO_DAEMON
     if (params->detached!=0) {
        unlink(params->pid_file);
@@ -27,7 +23,7 @@ Index: haveged-1.9.1/src/haveged.c
        }
     else
  #endif
-@@ -794,11 +798,13 @@ static void print_msg(     /* RETURN: no
+@@ -802,11 +806,13 @@ static void print_msg(     /* RETURN: no
     va_list ap;
     va_start(ap, format);
     snprintf(buffer, sizeof(buffer), "%s: %s", params->daemon, format);

haveged.changes

@@ -1,3 +1,30 @@
+-------------------------------------------------------------------
+Tue May 26 10:49:29 UTC 2020 - Martin Pluskal <mpluskal@suse.com>
+
+- Update to version 1.9.8:
+  * Fix for Unresolved symbol error_exit in libhavege #20 by pld-gitsync [Jirka Hladky]
+  * order after systemd-tmpfiles-setup-dev.service (origin/pr/21) [Christian Hesse]
+  * use systemd security features [Christian Hesse]
+  * do not run in container [Christian Hesse]
+  * do not use carriage return in line break [Christian Hesse]
+  * Fixed invalid UTF-8 codes in ChangeLog [Jirka Hladky]
+- Changes for version 1.9.5:
+  * Added test for /dev/random symlink [Jirka Hladky]
+  * Update to automake 1.16 [Jirka Hladky]
+  * Fix segv at start [Andrew]
+  * Fixed built issue on Cygwin [jbaker6953]
+  * Fix segfault on arm machines (origin/pr/7) [Natanael Copa]
+  * init.d/Makefile.am - add missing dependency [Jackie Huang]
+  * service.redhat - update PIDFile [Pierre-Jean Texier]
+  * Fix type mismatch in get_poolsize [Andreas Schwab]
+  * Fixup upstream changelog [Nicolas Braud-Santoni]
+  * Remove support for CPUID on ia64 (origin/pr/19) [Jeremy Bobbio]
+  * Output some progress during CUSUM and RANDOM EXCURSION test [Sven Hartge]
+  * Diagnostics capture mode now works correctly [Ethan Rahn]
+- Drop upstream patches:
+  * f2193587.patch
+  * get-poolsize.patch
+
 -------------------------------------------------------------------
 Tue Jul 30 08:25:59 UTC 2019 - Andreas Schwab <schwab@suse.de>
 

haveged.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package haveged
 #
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,13 +18,13 @@
 
 %{!?_udevrulesdir: %global _udevrulesdir %(pkg-config --variable=udevdir udev)/rules.d }
 Name:           haveged
-Version:        1.9.4
+Version:        1.9.8
 Release:        0
 Summary:        Daemon for feeding entropy into the random pool
 License:        GPL-3.0-only
 Group:          System/Daemons
 URL:            https://github.com/jirka-h/haveged
-Source0:        https://github.com/jirka-h/haveged/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz
+Source0:        https://github.com/jirka-h/haveged/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
 Source2:        %{name}.service
 Source3:        90-haveged.rules
 Source4:        haveged-dracut.module
@@ -34,10 +34,6 @@ Patch0:         ppc64le.patch
 Patch1:         haveged-conditional-enttest.patch
 # PATCH-FIX-UPSTREAM: don't write to syslog at startup to avoid deadlocks psimons@suse.com bnc#959237
 Patch2:         haveged-no-syslog.patch
-# PATCH-FIX-GITHUB: Fix segfault on arm machines
-Patch3:         f2193587.patch
-# PATCH-FIX-GITHUB: Fix type mismatch in get_poolsize bsc#1111047
-Patch4:         get-poolsize.patch
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  libtool
@@ -82,12 +78,7 @@ This package contains the haveged implementation of the HAVEGE
 algorithm and supporting features.
 
 %prep
-%setup -q
+%autosetup -p1
-%patch0 -p1
-%patch1 -p1
-%patch2 -p1
-%patch3 -p1
-%patch4 -p1
 
 %build
 autoreconf -fvi
@@ -168,7 +159,6 @@ ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}
 %{_mandir}/man3/libhavege.3%{?ext_man}
 %dir %{_includedir}/%{name}
 %{_includedir}/%{name}/havege.h
-%{_includedir}/%{name}/havegecmd.h
 %doc contrib/build/havege_sample.c
 %{_libdir}/*.so