From: "Girar awaiter (zidex)" <girar-builder@altlinux.org>
To: Pavel Zilke <zidex@altlinux.org>
Cc: sisyphus-incominger@lists.altlinux.org, girar-builder-p9@altlinux.org
Subject: [#323561] p9 EPERM glpi.git=9.5.13-alt1
Date: Fri, 23 Jun 2023 10:35:42 +0000
Message-ID: <girar.task.323561.1.1@gyle.mskdc.altlinux.org> (raw)
https://git.altlinux.org/tasks/323561/logs/events.1.1.log
subtask name aarch64 armh i586 ppc64le x86_64
#100 glpi 2:17 3:14 1:27 2:43 1:15
2023-Jun-23 10:28:36 :: task #323561 for p9 started by zidex:
2023-Jun-23 10:28:36 :: message: security_fix
#100 build 9.5.13-alt1 from /people/zidex/packages/glpi.git fetched at 2023-Jun-23 10:28:02
2023-Jun-23 10:28:38 :: [aarch64] #100 glpi.git 9.5.13-alt1: build start
2023-Jun-23 10:28:38 :: [armh] #100 glpi.git 9.5.13-alt1: build start
2023-Jun-23 10:28:38 :: [ppc64le] #100 glpi.git 9.5.13-alt1: build start
2023-Jun-23 10:28:38 :: [i586] #100 glpi.git 9.5.13-alt1: build start
2023-Jun-23 10:28:38 :: [x86_64] #100 glpi.git 9.5.13-alt1: build start
2023-Jun-23 10:29:53 :: [x86_64] #100 glpi.git 9.5.13-alt1: build OK
2023-Jun-23 10:30:05 :: [i586] #100 glpi.git 9.5.13-alt1: build OK
2023-Jun-23 10:30:55 :: [aarch64] #100 glpi.git 9.5.13-alt1: build OK
2023-Jun-23 10:31:21 :: [ppc64le] #100 glpi.git 9.5.13-alt1: build OK
2023-Jun-23 10:31:52 :: [armh] #100 glpi.git 9.5.13-alt1: build OK
2023-Jun-23 10:32:11 :: #100: glpi.git 9.5.13-alt1: build check OK
2023-Jun-23 10:32:13 :: build check OK
2023-Jun-23 10:32:33 :: noarch check OK
2023-Jun-23 10:32:35 :: plan: src +1 -1 =18275, noarch +3 -3 =19165
#100 glpi 9.5.12-alt1 -> 9.5.13-alt1
Sat May 27 2023 Pavel Zilke <zidex@altlinux> 9.5.13-alt1
- New version 9.5.13
- This release fixes several security issues that have been recently discovered. Update is recommended!
- Security fixes:
+ CVE-2023-28632 : Account takeover by authenticated user
+ CVE-2023-28838 : SQL injection through dynamic reports
+ CVE-2023-28852 : Stored XSS through dashboard administration
+ CVE-2023-28636 : Stored XSS on external links
+ CVE-2023-28639 : Reflected XSS in search pages
+ CVE-2023-28634 : Privilege Escalation from technician to super-admin
[...]
2023-Jun-23 10:32:36 :: glpi: mentions vulnerabilities: CVE-2023-28632 CVE-2023-28838 CVE-2023-28852 CVE-2023-28636 CVE-2023-28639 CVE-2023-28634 CVE-2023-28633
2023-Jun-23 10:33:12 :: patched apt indices
2023-Jun-23 10:33:24 :: created next repo
2023-Jun-23 10:33:32 :: duplicate provides check OK
2023-Jun-23 10:34:29 :: dependencies check OK
2023-Jun-23 10:34:44 :: [x86_64] #100 glpi: install check OK
2023-Jun-23 10:34:45 :: [i586] #100 glpi: install check OK
2023-Jun-23 10:34:52 :: [x86_64] #100 glpi-apache2: install check OK
2023-Jun-23 10:34:53 :: [i586] #100 glpi-apache2: install check OK
2023-Jun-23 10:35:00 :: [x86_64] #100 glpi-php7: install check OK
2023-Jun-23 10:35:01 :: [i586] #100 glpi-php7: install check OK
2023-Jun-23 10:35:02 :: gears inheritance check OK
2023-Jun-23 10:35:03 :: srpm inheritance check OK
girar-check-perms: access to glpi DENIED for zidex: project `glpi' is not listed in the acl file for repository `p9', and the policy for such projects in `p9' is to deny
check-subtask-perms: #100: glpi: needs approvals from members of @maint and @tester groups
2023-Jun-23 10:35:05 :: acl check FAILED
2023-Jun-23 10:35:26 :: created contents_index files
2023-Jun-23 10:35:38 :: created hash files: noarch src
2023-Jun-23 10:35:41 :: task #323561 for p9 EPERM
next reply other threads:[~2023-06-23 10:35 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-23 10:35 Girar awaiter (zidex) [this message]
2023-06-27 12:07 ` [#323561] p9 DONE (try 2) glpi.git=9.5.13-alt1 Girar pender (amakeenk)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=girar.task.323561.1.1@gyle.mskdc.altlinux.org \
--to=girar-builder@altlinux.org \
--cc=devel@lists.altlinux.org \
--cc=girar-builder-p9@altlinux.org \
--cc=sisyphus-incominger@lists.altlinux.org \
--cc=zidex@altlinux.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
ALT Linux Girar Builder robot reports
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/sisyphus-incominger/0 sisyphus-incominger/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 sisyphus-incominger sisyphus-incominger/ http://lore.altlinux.org/sisyphus-incominger \
sisyphus-incominger@lists.altlinux.org sisyphus-incominger@lists.altlinux.ru sisyphus-incominger@lists.altlinux.com
public-inbox-index sisyphus-incominger
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.sisyphus-incominger
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git