* [#322040] p10 EPERM glpi.git=9.5.13-alt1
@ 2023-05-27 17:40 Girar awaiter (zidex)
2023-06-02 14:09 ` [#322040] p10 DONE (try 2) glpi.git=9.5.13-alt1 Girar pender (snowmix)
0 siblings, 1 reply; 2+ messages in thread
From: Girar awaiter (zidex) @ 2023-05-27 17:40 UTC (permalink / raw)
To: Pavel Zilke; +Cc: girar-builder-p10, sisyphus-incominger, girar-builder-p10
https://git.altlinux.org/tasks/322040/logs/events.1.1.log
subtask name aarch64 armh i586 ppc64le x86_64
#100 glpi 1:27 2:11 58 1:39 55
2023-May-27 17:34:04 :: task #322040 for p10 started by zidex:
2023-May-27 17:34:04 :: message: security_fix
#100 build 9.5.13-alt1 from /people/zidex/packages/glpi.git fetched at 2023-May-27 17:33:26
2023-May-27 17:34:06 :: [ppc64le] #100 glpi.git 9.5.13-alt1: build start
2023-May-27 17:34:06 :: [aarch64] #100 glpi.git 9.5.13-alt1: build start
2023-May-27 17:34:06 :: [armh] #100 glpi.git 9.5.13-alt1: build start
2023-May-27 17:34:06 :: [x86_64] #100 glpi.git 9.5.13-alt1: build start
2023-May-27 17:34:06 :: [i586] #100 glpi.git 9.5.13-alt1: build start
2023-May-27 17:35:01 :: [x86_64] #100 glpi.git 9.5.13-alt1: build OK
2023-May-27 17:35:04 :: [i586] #100 glpi.git 9.5.13-alt1: build OK
2023-May-27 17:35:33 :: [aarch64] #100 glpi.git 9.5.13-alt1: build OK
2023-May-27 17:35:45 :: [ppc64le] #100 glpi.git 9.5.13-alt1: build OK
2023-May-27 17:36:17 :: [armh] #100 glpi.git 9.5.13-alt1: build OK
2023-May-27 17:36:37 :: #100: glpi.git 9.5.13-alt1: build check OK
2023-May-27 17:36:39 :: build check OK
2023-May-27 17:36:57 :: noarch check OK
2023-May-27 17:36:59 :: plan: src +1 -1 =18078, noarch +3 -3 =16585
#100 glpi 9.5.12-alt1 -> 9.5.13-alt1
Sat May 27 2023 Pavel Zilke <zidex@altlinux> 9.5.13-alt1
- New version 9.5.13
- This release fixes several security issues that have been recently discovered. Update is recommended!
- Security fixes:
+ CVE-2023-28632 : Account takeover by authenticated user
+ CVE-2023-28838 : SQL injection through dynamic reports
+ CVE-2023-28852 : Stored XSS through dashboard administration
+ CVE-2023-28636 : Stored XSS on external links
+ CVE-2023-28639 : Reflected XSS in search pages
+ CVE-2023-28634 : Privilege Escalation from technician to super-admin
[...]
2023-May-27 17:36:59 :: glpi: mentions vulnerabilities: CVE-2023-28632 CVE-2023-28838 CVE-2023-28852 CVE-2023-28636 CVE-2023-28639 CVE-2023-28634 CVE-2023-28633
2023-May-27 17:37:23 :: patched apt indices
2023-May-27 17:37:35 :: created next repo
2023-May-27 17:37:43 :: duplicate provides check OK
2023-May-27 17:38:18 :: dependencies check OK
2023-May-27 17:38:31 :: [x86_64] #100 glpi: install check OK
2023-May-27 17:38:32 :: [i586] #100 glpi: install check OK
2023-May-27 17:38:39 :: [x86_64] #100 glpi-apache2: install check OK
2023-May-27 17:38:40 :: [i586] #100 glpi-apache2: install check OK
2023-May-27 17:38:42 :: [aarch64] #100 glpi: install check OK
2023-May-27 17:38:45 :: [ppc64le] #100 glpi: install check OK
2023-May-27 17:38:46 :: [x86_64] #100 glpi-php7: install check OK
2023-May-27 17:38:48 :: [i586] #100 glpi-php7: install check OK
2023-May-27 17:38:54 :: [armh] #100 glpi: install check OK
2023-May-27 17:38:54 :: [aarch64] #100 glpi-apache2: install check OK
2023-May-27 17:39:01 :: [ppc64le] #100 glpi-apache2: install check OK
2023-May-27 17:39:07 :: [aarch64] #100 glpi-php7: install check OK
2023-May-27 17:39:14 :: [armh] #100 glpi-apache2: install check OK
2023-May-27 17:39:16 :: [ppc64le] #100 glpi-php7: install check OK
2023-May-27 17:39:33 :: [armh] #100 glpi-php7: install check OK
2023-May-27 17:39:34 :: gears inheritance check OK
2023-May-27 17:39:35 :: srpm inheritance check OK
girar-check-perms: access to glpi DENIED for zidex: project `glpi' is not listed in the acl file for repository `p10', and the policy for such projects in `p10' is to deny
check-subtask-perms: #100: glpi: needs approvals from members of @maint and @tester groups
2023-May-27 17:39:36 :: acl check FAILED
2023-May-27 17:39:53 :: created contents_index files
2023-May-27 17:40:01 :: created hash files: noarch src
2023-May-27 17:40:03 :: task #322040 for p10 EPERM
^ permalink raw reply [flat|nested] 2+ messages in thread
* [#322040] p10 DONE (try 2) glpi.git=9.5.13-alt1
2023-05-27 17:40 [#322040] p10 EPERM glpi.git=9.5.13-alt1 Girar awaiter (zidex)
@ 2023-06-02 14:09 ` Girar pender (snowmix)
0 siblings, 0 replies; 2+ messages in thread
From: Girar pender (snowmix) @ 2023-06-02 14:09 UTC (permalink / raw)
To: Pavel Zilke; +Cc: girar-builder-p10, sisyphus-incominger, girar-builder-p10
https://git.altlinux.org/tasks/archive/done/_314/322040/logs/events.2.1.log
2023-Jun-02 14:05:03 :: task #322040 for p10 resumed by snowmix:
2023-Jun-02 14:05:03 :: message: security_fix
#100 build 9.5.13-alt1 from /people/zidex/packages/glpi.git fetched at 2023-May-27 17:33:26
2023-Jun-02 14:05:04 :: [aarch64] #100 glpi.git 9.5.13-alt1: build start
2023-Jun-02 14:05:04 :: [i586] #100 glpi.git 9.5.13-alt1: build start
2023-Jun-02 14:05:04 :: [armh] #100 glpi.git 9.5.13-alt1: build start
2023-Jun-02 14:05:04 :: [x86_64] #100 glpi.git 9.5.13-alt1: build start
2023-Jun-02 14:05:04 :: [ppc64le] #100 glpi.git 9.5.13-alt1: build start
2023-Jun-02 14:05:12 :: [i586] #100 glpi.git 9.5.13-alt1: build OK (cached)
2023-Jun-02 14:05:12 :: [x86_64] #100 glpi.git 9.5.13-alt1: build OK (cached)
2023-Jun-02 14:05:19 :: [aarch64] #100 glpi.git 9.5.13-alt1: build OK (cached)
2023-Jun-02 14:05:20 :: [ppc64le] #100 glpi.git 9.5.13-alt1: build OK (cached)
2023-Jun-02 14:05:27 :: [armh] #100 glpi.git 9.5.13-alt1: build OK (cached)
2023-Jun-02 14:05:47 :: #100: glpi.git 9.5.13-alt1: build check OK
2023-Jun-02 14:05:49 :: build check OK
2023-Jun-02 14:06:06 :: noarch check OK
2023-Jun-02 14:06:08 :: plan: src +1 -1 =18090, noarch +3 -3 =16589
#100 glpi 9.5.12-alt1 -> 9.5.13-alt1
Sat May 27 2023 Pavel Zilke <zidex@altlinux> 9.5.13-alt1
- New version 9.5.13
- This release fixes several security issues that have been recently discovered. Update is recommended!
- Security fixes:
+ CVE-2023-28632 : Account takeover by authenticated user
+ CVE-2023-28838 : SQL injection through dynamic reports
+ CVE-2023-28852 : Stored XSS through dashboard administration
+ CVE-2023-28636 : Stored XSS on external links
+ CVE-2023-28639 : Reflected XSS in search pages
+ CVE-2023-28634 : Privilege Escalation from technician to super-admin
[...]
2023-Jun-02 14:06:08 :: glpi: mentions vulnerabilities: CVE-2023-28632 CVE-2023-28838 CVE-2023-28852 CVE-2023-28636 CVE-2023-28639 CVE-2023-28634 CVE-2023-28633
2023-Jun-02 14:06:32 :: patched apt indices
2023-Jun-02 14:06:44 :: created next repo
2023-Jun-02 14:06:51 :: duplicate provides check OK
2023-Jun-02 14:07:25 :: dependencies check OK
2023-Jun-02 14:07:40 :: [x86_64] #100 glpi: install check OK
2023-Jun-02 14:07:40 :: [i586] #100 glpi: install check OK
2023-Jun-02 14:07:48 :: [x86_64] #100 glpi-apache2: install check OK
2023-Jun-02 14:07:49 :: [i586] #100 glpi-apache2: install check OK
2023-Jun-02 14:07:51 :: [aarch64] #100 glpi: install check OK
2023-Jun-02 14:07:55 :: [ppc64le] #100 glpi: install check OK
2023-Jun-02 14:07:56 :: [x86_64] #100 glpi-php7: install check OK
2023-Jun-02 14:07:57 :: [i586] #100 glpi-php7: install check OK
2023-Jun-02 14:08:05 :: [aarch64] #100 glpi-apache2: install check OK
2023-Jun-02 14:08:06 :: [armh] #100 glpi: install check OK
2023-Jun-02 14:08:12 :: [ppc64le] #100 glpi-apache2: install check OK
2023-Jun-02 14:08:19 :: [aarch64] #100 glpi-php7: install check OK
2023-Jun-02 14:08:29 :: [ppc64le] #100 glpi-php7: install check OK
2023-Jun-02 14:08:29 :: [armh] #100 glpi-apache2: install check OK
2023-Jun-02 14:08:51 :: [armh] #100 glpi-php7: install check OK
2023-Jun-02 14:08:52 :: gears inheritance check OK
2023-Jun-02 14:08:53 :: srpm inheritance check OK
girar-check-perms: access to @maint ALLOWED for cas: member of approved group
girar-check-perms: access to @tester ALLOWED for snowmix: member of approved group
check-subtask-perms: #100: glpi: approved by cas, approved by snowmix
2023-Jun-02 14:08:54 :: acl check OK
2023-Jun-02 14:09:11 :: created contents_index files
2023-Jun-02 14:09:18 :: created hash files: noarch src
2023-Jun-02 14:09:20 :: task #322040 for p10 TESTED
2023-Jun-02 14:09:21 :: task is ready for commit
2023-Jun-02 14:09:27 :: repo clone OK
2023-Jun-02 14:09:27 :: packages update OK
2023-Jun-02 14:09:29 :: [noarch] update OK
2023-Jun-02 14:09:29 :: repo update OK
2023-Jun-02 14:09:39 :: repo save OK
2023-Jun-02 14:09:39 :: src index update OK
2023-Jun-02 14:09:43 :: updated /gears/g/glpi.git branch `p10'
2023-Jun-02 14:09:57 :: gears update OK
2023-Jun-02 14:09:57 :: task #322040 for p10 DONE
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-06-02 14:09 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-05-27 17:40 [#322040] p10 EPERM glpi.git=9.5.13-alt1 Girar awaiter (zidex)
2023-06-02 14:09 ` [#322040] p10 DONE (try 2) glpi.git=9.5.13-alt1 Girar pender (snowmix)
ALT Linux Girar Builder robot reports
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/sisyphus-incominger/0 sisyphus-incominger/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 sisyphus-incominger sisyphus-incominger/ http://lore.altlinux.org/sisyphus-incominger \
sisyphus-incominger@lists.altlinux.org sisyphus-incominger@lists.altlinux.ru sisyphus-incominger@lists.altlinux.com
public-inbox-index sisyphus-incominger
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.sisyphus-incominger
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git