SHA256
1
0
forked from pool/traefik

Accepting request 1132710 from home:avicenzi:branches:devel:kubic

- Update to version 2.10.7:
  * CVE-2023-45283 (boo#1216943)
  * CVE-2023-45284 (boo#1216944)
  * CVE-2023-47124 (boo#1217806)
  * CVE-2023-47633 (boo#1217807)
  * CVE-2023-47106 (boo#1217804)
  * GHSA-7v4p-328v-8v5g, CVE-2023-39325 (boo#1216109)

OBS-URL: https://build.opensuse.org/request/show/1132710
OBS-URL: https://build.opensuse.org/package/show/devel:kubic/traefik?expand=0&rev=23
This commit is contained in:
Alexandre Vicenzi 2023-12-12 16:30:53 +00:00 committed by Git OBS Bridge
parent c354994b45
commit 657b51e00e
10 changed files with 66 additions and 23 deletions

View File

@ -3,7 +3,7 @@
<param name="url">https://github.com/traefik/traefik.git</param> <param name="url">https://github.com/traefik/traefik.git</param>
<param name="scm">git</param> <param name="scm">git</param>
<param name="exclude">.git</param> <param name="exclude">.git</param>
<param name="revision">v2.10.1</param> <param name="revision">v2.10.7</param>
<param name="versionformat">@PARENT_TAG@</param> <param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param> <param name="changesgenerate">enable</param>
<param name="versionrewrite-pattern">v(.*)</param> <param name="versionrewrite-pattern">v(.*)</param>

View File

@ -1,4 +1,4 @@
<servicedata> <servicedata>
<service name="tar_scm"> <service name="tar_scm">
<param name="url">https://github.com/traefik/traefik.git</param> <param name="url">https://github.com/traefik/traefik.git</param>
<param name="changesrevision">7805c683e3336501cf168f40d5d03d4b73431783</param></service></servicedata> <param name="changesrevision">0a7964300166d167f68d5502bc245b3b9c8842b4</param></service></servicedata>

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:49425aed79f05fc1a78b56cdf8c06b34cbd8a128250be39ebb68cad6cbd4bf80
size 8923393

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:e8473c4585698b264c07c1fc2ebf282124662e722257ccddbf4bd8b3bac8dea3
size 1895036

3
traefik-2.10.7.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:b03a5b57ce316981eb89862a3d5f8ba6d9f79b3338a6e60efe8cca08111c9fba
size 9473934

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:df526b3a913dcd1d29b3d94f55a08d02c6aa91d9af02d5c55a0084829946abca
size 4324320

View File

@ -1,3 +1,48 @@
-------------------------------------------------------------------
Fri Dec 08 12:51:12 UTC 2023 - alexandre.vicenzi@suse.com
- Update to version 2.10.7:
* CVEs:
* CVE-2023-45283 (boo#1216943)
* CVE-2023-45284 (boo#1216944)
* CVE-2023-47124 (boo#1217806)
* CVE-2023-47633 (boo#1217807)
* CVE-2023-47106 (boo#1217804)
* GHSA-7v4p-328v-8v5g, CVE-2023-39325 (boo#1216109)
* Bug fixes:
* [accesslogs] Fix preflight response status in access logs
* [accesslogs] Move origin fields capture to service level
* [acme] Do not check for wildcard domains for non DNS challenge
* [acme] Remove backoff for http challenge (CVE-2023-47124)
* [acme] Update go-acme/lego to v4.14.0
* [consul,consulcatalog] Update github.com/hashicorp/consul/api
* [http3] Update quic-go to v0.39.1
* [k8s/crd] Fix multiple subsets endpoint
* [k8s/ingress,k8s/crd,k8s,hub] Clean code related to Hub
* [k8s/ingress,k8s] fix: avoid panic on resource backends
* [kv] Ignore ErrKeyNotFound error for the KV provider
* [logs] Fixed datadog logs json format issue
* [metrics] Enable Prometheus provider cleanup when only the router's metrics level is activated
* [middleware,authentication] Adjust forward auth to avoid connection leak
* [middleware,server] Improve CNAME flattening to avoid unnecessary error logging
* [middleware,tracing,plugins] fix: traceability of the middleware plugins
* [middleware] Allow X-Forwarded-For delete operation
* [middleware] Encode query semicolons
* [middleware] Fix stripPrefix middleware is not applied to retried attempts
* [middleware] Missing trailer with custom errors middleware
* [middleware] Support informational headers in middlewares redefining the response writer
* [plugins] Improve error messages related to plugins
* [provider] Refuse recursive requests (CVE-2023-47633)
* [server] Deny request with fragment in URL path (CVE-2023-47106)
* [server] Update x/net and grpc/grpc-go
* [tracing] Remove deprecated code usage for datadog tracer
* [tracing] Update DataDog tracing dependency to v1.50.1
* [webui] Add missing accessControlAllowOriginListRegex to middleware view
* Fix false positive in url anonymization
* Misc:
* [webui] Updates the Hub tooltip content using a web component and adds an option to disable Hub button
- Update Go version (CVE-2023-45283, CVE-2023-45284, CVE-2023-39325)
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Jun 12 17:26:46 UTC 2023 - alexandre.vicenzi@suse.com Mon Jun 12 17:26:46 UTC 2023 - alexandre.vicenzi@suse.com

View File

@ -19,7 +19,7 @@
%define project github.com/traefik/traefik %define project github.com/traefik/traefik
Name: traefik Name: traefik
Version: 2.10.1 Version: 2.10.7
Release: 0 Release: 0
Summary: The Cloud Native Application Proxy Summary: The Cloud Native Application Proxy
License: MIT License: MIT
@ -33,12 +33,10 @@ Source4: %{name}-%{version}.webui.tar.gz
BuildRequires: go-bindata BuildRequires: go-bindata
BuildRequires: golang-packaging BuildRequires: golang-packaging
BuildRequires: systemd-rpm-macros BuildRequires: systemd-rpm-macros
BuildRequires: (golang(API) >= 1.20 with golang(API) < 1.21) BuildRequires: (golang(API) >= 1.21 with golang(API) < 1.22)
Recommends: podman Recommends: podman
%{?systemd_requires} %{?systemd_requires}
%{go_provides} %{go_provides}
# Make sure that the binary is not getting stripped.
%{go_nostrip}
%description %description
Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer
@ -52,7 +50,6 @@ Pointing Traefik at your orchestrator should be the only configuration step you
%setup -q %setup -q
%build %build
build_date=$(date -u -d @${SOURCE_DATE_EPOCH:-$(date +%%s)} +"%%Y%%m%%d")
%{goprep} %{project} %{goprep} %{project}
# tarball causes "inconsistent vendoring" # tarball causes "inconsistent vendoring"
@ -64,16 +61,17 @@ tar -xf %{SOURCE4}
# see script/generate # see script/generate
go generate go generate
build_date=$(date -u -d @${SOURCE_DATE_EPOCH:-$(date +%%s)} +"%%Y%%m%%d")
# see script/binary # see script/binary
CGO_ENABLED=0 GOGC=off go build \ CGO_ENABLED=0 GOGC=off go build \
-buildmode=pie \ -buildmode=pie \
-mod=vendor \ -mod=vendor \
-ldflags "-s -w \ -ldflags "-X github.com/traefik/traefik/v3/pkg/version.Version=%{version} \
-X github.com/traefik/traefik/v2/pkg/version.Version=%{version} \ -X github.com/traefik/traefik/v3/pkg/version.Codename='' \
-X github.com/traefik/traefik/v2/pkg/version.Codename='' \ -X github.com/traefik/traefik/v3/pkg/version.BuildDate=${build_date}" \
-X github.com/traefik/traefik/v2/pkg/version.BuildDate=${build_date}" \
-installsuffix nocgo \ -installsuffix nocgo \
-o traefik ./cmd/traefik -o traefik \
./cmd/traefik
%install %install
install -d %{buildroot}/%{_sbindir} install -d %{buildroot}/%{_sbindir}

View File

@ -8,7 +8,7 @@
# Global configuration # Global configuration
################################################################ ################################################################
[global] [global]
checkNewVersion = true checkNewVersion = false
sendAnonymousUsage = false sendAnonymousUsage = false
################################################################ ################################################################
@ -42,7 +42,7 @@
# Optional # Optional
# Default: "ERROR" # Default: "ERROR"
# #
level = "INFO" # level = "DEBUG"
# Sets the filepath for the traefik log. If not specified, stdout will be used. # Sets the filepath for the traefik log. If not specified, stdout will be used.
# Intermediate directories are created if necessary. # Intermediate directories are created if necessary.
@ -69,7 +69,7 @@
# #
# Optional # Optional
# #
[accessLog] # [accessLog]
# Sets the file path for the access log. If not specified, stdout will be used. # Sets the file path for the access log. If not specified, stdout will be used.
# Intermediate directories are created if necessary. # Intermediate directories are created if necessary.

View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1 version https://git-lfs.github.com/spec/v1
oid sha256:ee225980a42857b01b873a30d126e675709949f5b7d9f1ba726c1cf63fbc2116 oid sha256:a89d2a954de032e57e86dab229d6b0c6c2a992ea83015d31c6f6161ebb569381
size 27669549 size 23503919