* [#306811] p10 EPERM glpi.git=9.5.9-alt1
@ 2022-09-14 20:11 Girar awaiter (zidex)
2022-09-16 14:19 ` [#306811] p10 DONE (try 2) glpi.git=9.5.9-alt1 Girar pender (amakeenk)
0 siblings, 1 reply; 2+ messages in thread
From: Girar awaiter (zidex) @ 2022-09-14 20:11 UTC (permalink / raw)
To: Pavel Zilke; +Cc: girar-builder-p10, sisyphus-incominger, girar-builder-p10
https://git.altlinux.org/tasks/306811/logs/events.1.1.log
subtask name aarch64 armh i586 ppc64le x86_64
#100 glpi 1:25 2:08 59 1:43 56
2022-Sep-14 20:05:35 :: task #306811 for p10 started by zidex:
2022-Sep-14 20:05:35 :: message: critical_security_fix
#100 build 9.5.9-alt1 from /people/zidex/packages/glpi.git fetched at 2022-Sep-14 20:04:53
2022-Sep-14 20:05:35 :: [i586] #100 glpi.git 9.5.9-alt1: build start
2022-Sep-14 20:05:35 :: [armh] #100 glpi.git 9.5.9-alt1: build start
2022-Sep-14 20:05:35 :: [aarch64] #100 glpi.git 9.5.9-alt1: build start
2022-Sep-14 20:05:35 :: [x86_64] #100 glpi.git 9.5.9-alt1: build start
2022-Sep-14 20:05:35 :: [ppc64le] #100 glpi.git 9.5.9-alt1: build start
2022-Sep-14 20:06:31 :: [x86_64] #100 glpi.git 9.5.9-alt1: build OK
2022-Sep-14 20:06:34 :: [i586] #100 glpi.git 9.5.9-alt1: build OK
2022-Sep-14 20:07:00 :: [aarch64] #100 glpi.git 9.5.9-alt1: build OK
2022-Sep-14 20:07:18 :: [ppc64le] #100 glpi.git 9.5.9-alt1: build OK
2022-Sep-14 20:07:43 :: [armh] #100 glpi.git 9.5.9-alt1: build OK
2022-Sep-14 20:08:06 :: #100: glpi.git 9.5.9-alt1: build check OK
2022-Sep-14 20:08:06 :: build check OK
2022-Sep-14 20:08:22 :: noarch check OK
2022-Sep-14 20:08:24 :: plan: src +1 -1 =17877, noarch +3 -3 =16477
#100 glpi 9.5.8-alt1 -> 9.5.9-alt1
Wed Sep 14 2022 Pavel Zilke <zidex@altlinux> 9.5.9-alt1
- New version 9.5.9
- This release fixes several critical security issues that has been recently discovered. Update is strongly recommended!
- Security fixes:
+ CVE-2022-35945 : XSS through registration API
+ CVE-2022-31143 : Leak of sensitive information through login page error
+ CVE-2022-35914 : [critical] Command injection using a third-party library script
+ CVE-2022-35946 : SQL injection through plugin controller
+ CVE-2022-35947 : [critical] Authentication via SQL injection
+ CVE-2022-36112 : Blind Server-Side Request Forgery (SSRF) in RSS feeds and planning
2022-Sep-14 20:08:24 :: glpi: mentions vulnerabilities: CVE-2022-35945 CVE-2022-31143 CVE-2022-35914 CVE-2022-35946 CVE-2022-35947 CVE-2022-36112
2022-Sep-14 20:08:51 :: patched apt indices
2022-Sep-14 20:09:05 :: created next repo
2022-Sep-14 20:09:12 :: duplicate provides check OK
2022-Sep-14 20:09:50 :: dependencies check OK
2022-Sep-14 20:10:02 :: [x86_64] #100 glpi: install check OK
2022-Sep-14 20:10:03 :: [i586] #100 glpi: install check OK
2022-Sep-14 20:10:09 :: [x86_64] #100 glpi-apache2: install check OK
2022-Sep-14 20:10:10 :: [i586] #100 glpi-apache2: install check OK
2022-Sep-14 20:10:12 :: [aarch64] #100 glpi: install check OK
2022-Sep-14 20:10:15 :: [ppc64le] #100 glpi: install check OK
2022-Sep-14 20:10:16 :: [x86_64] #100 glpi-php7: install check OK
2022-Sep-14 20:10:17 :: [i586] #100 glpi-php7: install check OK
2022-Sep-14 20:10:24 :: [aarch64] #100 glpi-apache2: install check OK
2022-Sep-14 20:10:24 :: [armh] #100 glpi: install check OK
2022-Sep-14 20:10:30 :: [ppc64le] #100 glpi-apache2: install check OK
2022-Sep-14 20:10:35 :: [aarch64] #100 glpi-php7: install check OK
2022-Sep-14 20:10:43 :: [armh] #100 glpi-apache2: install check OK
2022-Sep-14 20:10:43 :: [ppc64le] #100 glpi-php7: install check OK
2022-Sep-14 20:11:03 :: [armh] #100 glpi-php7: install check OK
2022-Sep-14 20:11:04 :: gears inheritance check OK
2022-Sep-14 20:11:04 :: srpm inheritance check OK
girar-check-perms: access to glpi DENIED for zidex: project `glpi' is not listed in the acl file for repository `p10', and the policy for such projects in `p10' is to deny
check-subtask-perms: #100: glpi: needs approvals from members of @maint and @tester groups
2022-Sep-14 20:11:05 :: acl check FAILED
2022-Sep-14 20:11:25 :: created contents_index files
2022-Sep-14 20:11:34 :: created hash files: noarch src
2022-Sep-14 20:11:36 :: task #306811 for p10 EPERM
^ permalink raw reply [flat|nested] 2+ messages in thread
* [#306811] p10 DONE (try 2) glpi.git=9.5.9-alt1
2022-09-14 20:11 [#306811] p10 EPERM glpi.git=9.5.9-alt1 Girar awaiter (zidex)
@ 2022-09-16 14:19 ` Girar pender (amakeenk)
0 siblings, 0 replies; 2+ messages in thread
From: Girar pender (amakeenk) @ 2022-09-16 14:19 UTC (permalink / raw)
To: Pavel Zilke; +Cc: girar-builder-p10, sisyphus-incominger, girar-builder-p10
https://git.altlinux.org/tasks/archive/done/_299/306811/logs/events.2.1.log
2022-Sep-16 14:15:16 :: task #306811 for p10 resumed by amakeenk:
2022-Sep-16 14:15:16 :: message: critical_security_fix
#100 build 9.5.9-alt1 from /people/zidex/packages/glpi.git fetched at 2022-Sep-14 20:04:53
2022-Sep-16 14:15:17 :: [aarch64] #100 glpi.git 9.5.9-alt1: build start
2022-Sep-16 14:15:17 :: [x86_64] #100 glpi.git 9.5.9-alt1: build start
2022-Sep-16 14:15:17 :: [armh] #100 glpi.git 9.5.9-alt1: build start
2022-Sep-16 14:15:17 :: [ppc64le] #100 glpi.git 9.5.9-alt1: build start
2022-Sep-16 14:15:17 :: [i586] #100 glpi.git 9.5.9-alt1: build start
2022-Sep-16 14:15:25 :: [i586] #100 glpi.git 9.5.9-alt1: build OK (cached)
2022-Sep-16 14:15:25 :: [x86_64] #100 glpi.git 9.5.9-alt1: build OK (cached)
2022-Sep-16 14:15:31 :: [aarch64] #100 glpi.git 9.5.9-alt1: build OK (cached)
2022-Sep-16 14:15:33 :: [ppc64le] #100 glpi.git 9.5.9-alt1: build OK (cached)
2022-Sep-16 14:15:39 :: [armh] #100 glpi.git 9.5.9-alt1: build OK (cached)
2022-Sep-16 14:16:00 :: #100: glpi.git 9.5.9-alt1: build check OK
2022-Sep-16 14:16:01 :: build check OK
2022-Sep-16 14:16:19 :: noarch check OK
2022-Sep-16 14:16:21 :: plan: src +1 -1 =17879, noarch +3 -3 =16477
#100 glpi 9.5.8-alt1 -> 9.5.9-alt1
Wed Sep 14 2022 Pavel Zilke <zidex@altlinux> 9.5.9-alt1
- New version 9.5.9
- This release fixes several critical security issues that has been recently discovered. Update is strongly recommended!
- Security fixes:
+ CVE-2022-35945 : XSS through registration API
+ CVE-2022-31143 : Leak of sensitive information through login page error
+ CVE-2022-35914 : [critical] Command injection using a third-party library script
+ CVE-2022-35946 : SQL injection through plugin controller
+ CVE-2022-35947 : [critical] Authentication via SQL injection
+ CVE-2022-36112 : Blind Server-Side Request Forgery (SSRF) in RSS feeds and planning
2022-Sep-16 14:16:21 :: glpi: mentions vulnerabilities: CVE-2022-35945 CVE-2022-31143 CVE-2022-35914 CVE-2022-35946 CVE-2022-35947 CVE-2022-36112
2022-Sep-16 14:16:52 :: patched apt indices
2022-Sep-16 14:17:05 :: created next repo
2022-Sep-16 14:17:12 :: duplicate provides check OK
2022-Sep-16 14:17:52 :: dependencies check OK
2022-Sep-16 14:18:00 :: [x86_64] #100 glpi: install check OK (cached)
2022-Sep-16 14:18:01 :: [i586] #100 glpi: install check OK (cached)
2022-Sep-16 14:18:02 :: [x86_64] #100 glpi-apache2: install check OK (cached)
2022-Sep-16 14:18:02 :: [i586] #100 glpi-apache2: install check OK (cached)
2022-Sep-16 14:18:04 :: [x86_64] #100 glpi-php7: install check OK (cached)
2022-Sep-16 14:18:04 :: [i586] #100 glpi-php7: install check OK (cached)
2022-Sep-16 14:18:07 :: [aarch64] #100 glpi: install check OK (cached)
2022-Sep-16 14:18:09 :: [ppc64le] #100 glpi: install check OK (cached)
2022-Sep-16 14:18:10 :: [aarch64] #100 glpi-apache2: install check OK (cached)
2022-Sep-16 14:18:12 :: [ppc64le] #100 glpi-apache2: install check OK (cached)
2022-Sep-16 14:18:14 :: [aarch64] #100 glpi-php7: install check OK (cached)
2022-Sep-16 14:18:14 :: [armh] #100 glpi: install check OK (cached)
2022-Sep-16 14:18:16 :: [ppc64le] #100 glpi-php7: install check OK (cached)
2022-Sep-16 14:18:19 :: [armh] #100 glpi-apache2: install check OK (cached)
2022-Sep-16 14:18:24 :: [armh] #100 glpi-php7: install check OK (cached)
2022-Sep-16 14:18:25 :: gears inheritance check OK
2022-Sep-16 14:18:25 :: srpm inheritance check OK
girar-check-perms: access to @maint ALLOWED for cas: member of approved group
girar-check-perms: access to @tester ALLOWED for amakeenk: member of approved group
check-subtask-perms: #100: glpi: approved by cas, approved by amakeenk
2022-Sep-16 14:18:26 :: acl check OK
2022-Sep-16 14:18:45 :: created contents_index files
2022-Sep-16 14:18:53 :: created hash files: noarch src
2022-Sep-16 14:18:55 :: task #306811 for p10 TESTED
2022-Sep-16 14:18:55 :: task is ready for commit
2022-Sep-16 14:19:00 :: repo clone OK
2022-Sep-16 14:19:00 :: packages update OK
2022-Sep-16 14:19:03 :: [noarch] update OK
2022-Sep-16 14:19:03 :: repo update OK
2022-Sep-16 14:19:12 :: repo save OK
2022-Sep-16 14:19:12 :: src index update OK
2022-Sep-16 14:19:15 :: updated /gears/g/glpi.git branch `p10'
2022-Sep-16 14:19:36 :: gears update OK
2022-Sep-16 14:19:36 :: task #306811 for p10 DONE
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-09-16 14:19 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-09-14 20:11 [#306811] p10 EPERM glpi.git=9.5.9-alt1 Girar awaiter (zidex)
2022-09-16 14:19 ` [#306811] p10 DONE (try 2) glpi.git=9.5.9-alt1 Girar pender (amakeenk)
ALT Linux Girar Builder robot reports
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/sisyphus-incominger/0 sisyphus-incominger/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 sisyphus-incominger sisyphus-incominger/ http://lore.altlinux.org/sisyphus-incominger \
sisyphus-incominger@lists.altlinux.org sisyphus-incominger@lists.altlinux.ru sisyphus-incominger@lists.altlinux.com
public-inbox-index sisyphus-incominger
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.sisyphus-incominger
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git