From 098c08209c055610c6388d920920cab579640955eb2e7eea32b47524fadfed5c Mon Sep 17 00:00:00 2001 From: Alexandre Vicenzi Date: Mon, 12 Jun 2023 23:37:11 +0000 Subject: [PATCH 1/4] Accepting request 1092714 from home:avicenzi:branches:devel:kubic Update to 2.10.1 OBS-URL: https://build.opensuse.org/request/show/1092714 OBS-URL: https://build.opensuse.org/package/show/devel:kubic/traefik?expand=0&rev=18 --- _service | 2 +- _servicedata | 2 +- traefik-2.10.1.tar.gz | 3 +++ traefik-2.10.1.webui.tar.gz | 3 +++ traefik-2.9.6.tar.gz | 3 --- traefik-2.9.6.webui.tar.gz | 3 --- traefik.changes | 40 +++++++++++++++++++++++++++++++++++++ traefik.spec | 20 ++++++++++++------- vendor.tar.gz | 4 ++-- 9 files changed, 63 insertions(+), 17 deletions(-) create mode 100644 traefik-2.10.1.tar.gz create mode 100644 traefik-2.10.1.webui.tar.gz delete mode 100644 traefik-2.9.6.tar.gz delete mode 100644 traefik-2.9.6.webui.tar.gz diff --git a/_service b/_service index cd68bd1..a775c79 100644 --- a/_service +++ b/_service @@ -3,7 +3,7 @@ https://github.com/traefik/traefik.git git .git - v2.9.6 + v2.10.1 @PARENT_TAG@ enable v(.*) diff --git a/_servicedata b/_servicedata index 4940032..7618255 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://github.com/traefik/traefik.git - d97d3a6726ad6e50110dd2ff2b552a8b17eeed55 \ No newline at end of file + 7805c683e3336501cf168f40d5d03d4b73431783 \ No newline at end of file diff --git a/traefik-2.10.1.tar.gz b/traefik-2.10.1.tar.gz new file mode 100644 index 0000000..cf9b075 --- /dev/null +++ b/traefik-2.10.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:49425aed79f05fc1a78b56cdf8c06b34cbd8a128250be39ebb68cad6cbd4bf80 +size 8923393 diff --git a/traefik-2.10.1.webui.tar.gz b/traefik-2.10.1.webui.tar.gz new file mode 100644 index 0000000..99a8c38 --- /dev/null +++ b/traefik-2.10.1.webui.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e8473c4585698b264c07c1fc2ebf282124662e722257ccddbf4bd8b3bac8dea3 +size 1895036 diff --git a/traefik-2.9.6.tar.gz b/traefik-2.9.6.tar.gz deleted file mode 100644 index 4fb7986..0000000 --- a/traefik-2.9.6.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:6981903df81c0cffdcafae7b8f89d90be18e50bcde76c6ceba3b6f027ac01a85 -size 8828544 diff --git a/traefik-2.9.6.webui.tar.gz b/traefik-2.9.6.webui.tar.gz deleted file mode 100644 index 5da7d22..0000000 --- a/traefik-2.9.6.webui.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:5a6a3d5110e52cf08de9a57011ad3e661669afdf1c962c58c0aa20d29791f872 -size 1886418 diff --git a/traefik.changes b/traefik.changes index 90750f8..a16253c 100644 --- a/traefik.changes +++ b/traefik.changes @@ -1,3 +1,43 @@ +------------------------------------------------------------------- +Mon Jun 12 17:26:46 UTC 2023 - alexandre.vicenzi@suse.com + +- Update to version 2.10.1: + * CVEs + * CVE-2023-29013 + * CVE-2023-24534 + * CVE-2022-41724 + * Enhancements + * [docker] Expose ContainerName in Docker provider + * [hub] Remove hub configuration out of experimental + * [k8s/crd] Introduce traefik.io API Group CRDs + * [k8s/ingress,k8s/crd,k8s] Native Kubernetes service load-balancing + * [middleware,metrics] Add prometheus metric requests_total with headers + * [nomad] Support multiple namespaces in the Nomad Provider + * [tracing] Add support to send DataDog traces via Unix Socket + * [webui] Display period setting of the RateLimit middleware in the webui + * [webui] Modify the Hub Button + * Bug fixes + * [docker] Expose ContainerName in Docker provider + * [docker] Only warn about missing docker network when network_mode is not host or container + * [ecs] Prevent panicking when a container has no network interfaces + * [file] Make file provider more resilient wrt first configuration + * [hub] hub: get out of experimental. + * [k8s/crd] Introduce traefik.io API Group CRDs + * [k8s/ingress,k8s/crd,k8s] Native Kubernetes service load-balancing + * [logs] Differentiate UDP stream and TCP connection in logs + * [metrics] Include user-defined default cert for traefik_tls_certs_not_after metric + * [middleware,metrics] Add prometheus metric requests_total with headers + * [middleware] Prevent from no rate limiting when average is zero + * [middleware] Prevents superfluous WriteHeader call in the error middleware + * [middleware] Sanitize X-Forwarded-Proto header in RedirectScheme middleware + * [nomad] Fix default configuration settings for Nomad Provider + * [nomad] Fix Nomad client TLS defaults + * [nomad] Support multiple namespaces in the Nomad Provider + * [plugins] Improve DeepCopy of PluginConf + * [server] Remove User-Agent header removal from ReverseProxy director func + * [tls,tcp] Adds the support for IPv6 in the TCP HostSNI matcher + * [tracing] Add support to send DataDog traces via Unix Socket + ------------------------------------------------------------------- Tue Jan 17 09:48:46 UTC 2023 - alexandre.vicenzi@suse.com diff --git a/traefik.spec b/traefik.spec index 4479b34..5b7544e 100644 --- a/traefik.spec +++ b/traefik.spec @@ -19,7 +19,7 @@ %define project github.com/traefik/traefik Name: traefik -Version: 2.9.6 +Version: 2.10.1 Release: 0 Summary: The Cloud Native Application Proxy License: MIT @@ -30,10 +30,12 @@ Source1: vendor.tar.gz Source2: traefik.service Source3: traefik.toml Source4: %{name}-%{version}.webui.tar.gz +BuildRequires: , BuildRequires: go-bindata BuildRequires: golang-packaging BuildRequires: systemd-rpm-macros -BuildRequires: golang(API) >= 1.19 +BuildRequires: golang(API) < 1.21 +BuildRequires: golang(API) >= 1.20 Recommends: podman %{?systemd_requires} %{go_provides} @@ -61,15 +63,19 @@ tar -xf %{SOURCE1} # unpack webui tar -xf %{SOURCE4} -CGO_ENABLED=0 - +# see script/generate go generate -go build \ +# see script/binary +CGO_ENABLED=0 GOGC=off go build \ -buildmode=pie \ -mod=vendor \ - -ldflags "-s -w -X github.com/traefik/traefik/v2/pkg/version.Version=%{version} -X github.com/traefik/traefik/v2/pkg/version.Codename='' -X github.com/traefik/traefik/v2/pkg/version.BuildDate=${build_date}" \ - -o traefik ./cmd/traefik/ + -ldflags "-s -w \ + -X github.com/traefik/traefik/v2/pkg/version.Version=%{version} \ + -X github.com/traefik/traefik/v2/pkg/version.Codename='' \ + -X github.com/traefik/traefik/v2/pkg/version.BuildDate=${build_date}" \ + -installsuffix nocgo \ + -o traefik ./cmd/traefik %install install -d %{buildroot}/%{_sbindir} diff --git a/vendor.tar.gz b/vendor.tar.gz index adfaf74..55b308e 100644 --- a/vendor.tar.gz +++ b/vendor.tar.gz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:21292068e2ccfbe8089441d55a04f4ef441c7be1efb6240e48d2bc88c541e1c5 -size 27359615 +oid sha256:ee225980a42857b01b873a30d126e675709949f5b7d9f1ba726c1cf63fbc2116 +size 27669549 From 139ebbfea057703687ad686813fc27c7c92b9ec86468f4cecf2a3ab59a49aef8 Mon Sep 17 00:00:00 2001 From: Alexandre Vicenzi Date: Mon, 12 Jun 2023 23:44:44 +0000 Subject: [PATCH 2/4] Accepting request 1092716 from home:avicenzi:branches:devel:kubic Update to 2.10.1 OBS-URL: https://build.opensuse.org/request/show/1092716 OBS-URL: https://build.opensuse.org/package/show/devel:kubic/traefik?expand=0&rev=19 --- traefik.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/traefik.spec b/traefik.spec index 5b7544e..41204fc 100644 --- a/traefik.spec +++ b/traefik.spec @@ -30,7 +30,6 @@ Source1: vendor.tar.gz Source2: traefik.service Source3: traefik.toml Source4: %{name}-%{version}.webui.tar.gz -BuildRequires: , BuildRequires: go-bindata BuildRequires: golang-packaging BuildRequires: systemd-rpm-macros From e8a4dbc2d64d0ba0a8df831bf0e08cad1daa4c3a0c93e4c6cfdc6889d94766f1 Mon Sep 17 00:00:00 2001 From: Alexandre Vicenzi Date: Tue, 13 Jun 2023 17:55:26 +0000 Subject: [PATCH 3/4] Accepting request 1092962 from home:avicenzi:branches:devel:kubic Add BZ issues OBS-URL: https://build.opensuse.org/request/show/1092962 OBS-URL: https://build.opensuse.org/package/show/devel:kubic/traefik?expand=0&rev=20 --- traefik.changes | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/traefik.changes b/traefik.changes index a16253c..b50f355 100644 --- a/traefik.changes +++ b/traefik.changes @@ -3,9 +3,9 @@ Mon Jun 12 17:26:46 UTC 2023 - alexandre.vicenzi@suse.com - Update to version 2.10.1: * CVEs - * CVE-2023-29013 - * CVE-2023-24534 - * CVE-2022-41724 + * CVE-2022-41724 (bsc#1208271) + * CVE-2023-24534 (bsc#1210127) + * CVE-2023-29013 (bsc#1210505) * Enhancements * [docker] Expose ContainerName in Docker provider * [hub] Remove hub configuration out of experimental @@ -37,6 +37,8 @@ Mon Jun 12 17:26:46 UTC 2023 - alexandre.vicenzi@suse.com * [server] Remove User-Agent header removal from ReverseProxy director func * [tls,tcp] Adds the support for IPv6 in the TCP HostSNI matcher * [tracing] Add support to send DataDog traces via Unix Socket + * [server] Update golang.org/x/net to v0.7.0 (CVE-2022-41724) +- Update Go version (CVE-2023-24534, CVE-2023-29013) ------------------------------------------------------------------- Tue Jan 17 09:48:46 UTC 2023 - alexandre.vicenzi@suse.com From c354994b456c4c93f2aa400f8e83225d1e3dbc93175b6a0e5640419c5027c993 Mon Sep 17 00:00:00 2001 From: Alexandre Vicenzi Date: Thu, 15 Jun 2023 23:30:30 +0000 Subject: [PATCH 4/4] Accepting request 1093392 from home:avicenzi:branches:devel:kubic Fix BuildRequires OBS-URL: https://build.opensuse.org/request/show/1093392 OBS-URL: https://build.opensuse.org/package/show/devel:kubic/traefik?expand=0&rev=21 --- traefik.spec | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/traefik.spec b/traefik.spec index 41204fc..8ac3fcd 100644 --- a/traefik.spec +++ b/traefik.spec @@ -33,8 +33,7 @@ Source4: %{name}-%{version}.webui.tar.gz BuildRequires: go-bindata BuildRequires: golang-packaging BuildRequires: systemd-rpm-macros -BuildRequires: golang(API) < 1.21 -BuildRequires: golang(API) >= 1.20 +BuildRequires: (golang(API) >= 1.20 with golang(API) < 1.21) Recommends: podman %{?systemd_requires} %{go_provides}