* [#369570] p11 EPERM glpi.git=10.0.17-alt1
@ 2025-01-15 6:04 Girar awaiter (zidex)
2025-01-16 7:40 ` [#369570] p11 DONE (try 2) glpi.git=10.0.17-alt1 Girar pender (amakeenk)
0 siblings, 1 reply; 2+ messages in thread
From: Girar awaiter (zidex) @ 2025-01-15 6:04 UTC (permalink / raw)
To: Pavel Zilke; +Cc: sisyphus-incominger, girar-builder-p11, girar-builder-p11
https://git.altlinux.org/tasks/369570/logs/events.1.1.log
https://packages.altlinux.org/tasks/369570
subtask name aarch64 i586 x86_64
#100 glpi 1:45 1:15 1:11
2025-Jan-15 05:58:45 :: task #369570 for p11 started by zidex:
2025-Jan-15 05:58:45 :: message: security_fix
#100 build 10.0.17-alt1 from /people/zidex/packages/glpi.git fetched at 2025-Jan-15 05:58:16
2025-Jan-15 05:58:46 :: [x86_64] #100 glpi.git 10.0.17-alt1: build start
2025-Jan-15 05:58:46 :: [i586] #100 glpi.git 10.0.17-alt1: build start
2025-Jan-15 05:58:46 :: [aarch64] #100 glpi.git 10.0.17-alt1: build start
2025-Jan-15 05:59:57 :: [x86_64] #100 glpi.git 10.0.17-alt1: build OK
2025-Jan-15 06:00:01 :: [i586] #100 glpi.git 10.0.17-alt1: build OK
2025-Jan-15 06:00:31 :: [aarch64] #100 glpi.git 10.0.17-alt1: build OK
2025-Jan-15 06:00:52 :: #100: glpi.git 10.0.17-alt1: build check OK
2025-Jan-15 06:00:53 :: build check OK
2025-Jan-15 06:01:08 :: noarch check OK
2025-Jan-15 06:01:09 :: plan: src +1 -1 =19580, noarch +5 -4 =20524
#100 glpi 10.0.16-alt1 -> 10.0.17-alt1
Fri Nov 08 2024 Pavel Zilke <zidex@altlinux> 10.0.17-alt1
- New version 10.0.17
- Added glpi-php8.3
- This release fixes a security issue that has been recently discovered. Update is recommended!
- Security fixes:
+ CVE-2024-50339 : Unauthenticated session hijacking
+ CVE-2024-40638 : Account takeover through SQL injection
+ CVE-2024-43416 : Users email enumeration by unauthenticated user
+ CVE-2024-47758 : Account takeover without privilege escalation through the API
+ CVE-2024-47761 : Account takeover via the password reset feature
[...]
2025-Jan-15 06:01:10 :: glpi: mentions vulnerabilities: CVE-2024-50339 CVE-2024-40638 CVE-2024-43416 CVE-2024-47758 CVE-2024-47761 CVE-2024-47760 CVE-2024-48912 CVE-2024-45608 CVE-2024-41679 CVE-2024-45611 CVE-2024-47759 CVE-2024-43417 CVE-2024-43418 CVE-2024-45609 CVE-2024-45610 CVE-2024-41678
2025-Jan-15 06:01:39 :: patched apt indices
2025-Jan-15 06:01:48 :: created next repo
2025-Jan-15 06:01:58 :: duplicate provides check OK
2025-Jan-15 06:02:37 :: dependencies check OK
2025-Jan-15 06:02:54 :: [x86_64] #100 glpi: install check OK
2025-Jan-15 06:02:54 :: [i586] #100 glpi: install check OK
2025-Jan-15 06:03:04 :: [aarch64] #100 glpi: install check OK
2025-Jan-15 06:03:05 :: [x86_64] #100 glpi-apache2: install check OK
2025-Jan-15 06:03:06 :: [i586] #100 glpi-apache2: install check OK
2025-Jan-15 06:03:16 :: [x86_64] #100 glpi-php8.1: install check OK
2025-Jan-15 06:03:18 :: [i586] #100 glpi-php8.1: install check OK
2025-Jan-15 06:03:22 :: [aarch64] #100 glpi-apache2: install check OK
2025-Jan-15 06:03:28 :: [x86_64] #100 glpi-php8.2: install check OK
2025-Jan-15 06:03:30 :: [i586] #100 glpi-php8.2: install check OK
2025-Jan-15 06:03:39 :: [x86_64] #100 glpi-php8.3: install check OK
2025-Jan-15 06:03:40 :: [aarch64] #100 glpi-php8.1: install check OK
2025-Jan-15 06:03:42 :: [i586] #100 glpi-php8.3: install check OK
2025-Jan-15 06:03:58 :: [aarch64] #100 glpi-php8.2: install check OK
2025-Jan-15 06:04:16 :: [aarch64] #100 glpi-php8.3: install check OK
2025-Jan-15 06:04:17 :: gears inheritance check OK
2025-Jan-15 06:04:17 :: srpm inheritance check OK
girar-check-perms: access to glpi DENIED for zidex: project `glpi' is not listed in the acl file for repository `p11', and the policy for such projects in `p11' is to deny
check-subtask-perms: #100: glpi: needs approvals from members of @maint and @tester groups
2025-Jan-15 06:04:18 :: acl check FAILED
2025-Jan-15 06:04:39 :: created contents_index files
2025-Jan-15 06:04:46 :: created hash files: noarch src
2025-Jan-15 06:04:49 :: task #369570 for p11 EPERM
^ permalink raw reply [flat|nested] 2+ messages in thread
* [#369570] p11 DONE (try 2) glpi.git=10.0.17-alt1
2025-01-15 6:04 [#369570] p11 EPERM glpi.git=10.0.17-alt1 Girar awaiter (zidex)
@ 2025-01-16 7:40 ` Girar pender (amakeenk)
0 siblings, 0 replies; 2+ messages in thread
From: Girar pender (amakeenk) @ 2025-01-16 7:40 UTC (permalink / raw)
To: Pavel Zilke; +Cc: sisyphus-incominger, girar-builder-p11, girar-builder-p11
https://git.altlinux.org/tasks/archive/done/_360/369570/logs/events.2.1.log
https://packages.altlinux.org/tasks/369570
2025-Jan-16 07:36:04 :: task #369570 for p11 resumed by amakeenk:
2025-Jan-16 07:36:04 :: message: security_fix
#100 build 10.0.17-alt1 from /people/zidex/packages/glpi.git fetched at 2025-Jan-15 05:58:16
2025-Jan-16 07:36:05 :: [i586] #100 glpi.git 10.0.17-alt1: build start
2025-Jan-16 07:36:05 :: [x86_64] #100 glpi.git 10.0.17-alt1: build start
2025-Jan-16 07:36:05 :: [aarch64] #100 glpi.git 10.0.17-alt1: build start
2025-Jan-16 07:36:16 :: [i586] #100 glpi.git 10.0.17-alt1: build OK (cached)
2025-Jan-16 07:36:16 :: [x86_64] #100 glpi.git 10.0.17-alt1: build OK (cached)
2025-Jan-16 07:36:23 :: [aarch64] #100 glpi.git 10.0.17-alt1: build OK (cached)
2025-Jan-16 07:36:44 :: #100: glpi.git 10.0.17-alt1: build check OK
2025-Jan-16 07:36:45 :: build check OK
2025-Jan-16 07:37:00 :: noarch check OK
2025-Jan-16 07:37:02 :: plan: src +1 -1 =19589, noarch +5 -4 =20526
#100 glpi 10.0.16-alt1 -> 10.0.17-alt1
Fri Nov 08 2024 Pavel Zilke <zidex@altlinux> 10.0.17-alt1
- New version 10.0.17
- Added glpi-php8.3
- This release fixes a security issue that has been recently discovered. Update is recommended!
- Security fixes:
+ CVE-2024-50339 : Unauthenticated session hijacking
+ CVE-2024-40638 : Account takeover through SQL injection
+ CVE-2024-43416 : Users email enumeration by unauthenticated user
+ CVE-2024-47758 : Account takeover without privilege escalation through the API
+ CVE-2024-47761 : Account takeover via the password reset feature
[...]
2025-Jan-16 07:37:02 :: glpi: mentions vulnerabilities: CVE-2024-50339 CVE-2024-40638 CVE-2024-43416 CVE-2024-47758 CVE-2024-47761 CVE-2024-47760 CVE-2024-48912 CVE-2024-45608 CVE-2024-41679 CVE-2024-45611 CVE-2024-47759 CVE-2024-43417 CVE-2024-43418 CVE-2024-45609 CVE-2024-45610 CVE-2024-41678
2025-Jan-16 07:37:33 :: patched apt indices
2025-Jan-16 07:37:43 :: created next repo
2025-Jan-16 07:37:54 :: duplicate provides check OK
2025-Jan-16 07:38:34 :: dependencies check OK
2025-Jan-16 07:38:44 :: [i586] #100 glpi: install check OK (cached)
2025-Jan-16 07:38:45 :: [x86_64] #100 glpi: install check OK (cached)
2025-Jan-16 07:38:49 :: [i586] #100 glpi-apache2: install check OK (cached)
2025-Jan-16 07:38:49 :: [x86_64] #100 glpi-apache2: install check OK (cached)
2025-Jan-16 07:38:52 :: [aarch64] #100 glpi: install check OK (cached)
2025-Jan-16 07:38:53 :: [i586] #100 glpi-php8.1: install check OK (cached)
2025-Jan-16 07:38:53 :: [x86_64] #100 glpi-php8.1: install check OK (cached)
2025-Jan-16 07:38:57 :: [i586] #100 glpi-php8.2: install check OK (cached)
2025-Jan-16 07:38:58 :: [x86_64] #100 glpi-php8.2: install check OK (cached)
2025-Jan-16 07:38:59 :: [aarch64] #100 glpi-apache2: install check OK (cached)
2025-Jan-16 07:39:01 :: [i586] #100 glpi-php8.3: install check OK (cached)
2025-Jan-16 07:39:02 :: [x86_64] #100 glpi-php8.3: install check OK (cached)
2025-Jan-16 07:39:07 :: [aarch64] #100 glpi-php8.1: install check OK (cached)
2025-Jan-16 07:39:15 :: [aarch64] #100 glpi-php8.2: install check OK (cached)
2025-Jan-16 07:39:22 :: [aarch64] #100 glpi-php8.3: install check OK (cached)
2025-Jan-16 07:39:23 :: gears inheritance check OK
2025-Jan-16 07:39:24 :: srpm inheritance check OK
girar-check-perms: access to @maint ALLOWED for cas: member of approved group
girar-check-perms: access to @tester ALLOWED for amakeenk: member of approved group
check-subtask-perms: #100: glpi: approved by cas, approved by amakeenk
2025-Jan-16 07:39:25 :: acl check OK
2025-Jan-16 07:39:50 :: created contents_index files
2025-Jan-16 07:40:01 :: created hash files: noarch src
2025-Jan-16 07:40:05 :: task #369570 for p11 TESTED
2025-Jan-16 07:40:05 :: task is ready for commit
2025-Jan-16 07:40:12 :: repo clone OK
2025-Jan-16 07:40:12 :: packages update OK
2025-Jan-16 07:40:16 :: [noarch] update OK
2025-Jan-16 07:40:16 :: repo update OK
2025-Jan-16 07:40:27 :: repo save OK
2025-Jan-16 07:40:27 :: src index update OK
2025-Jan-16 07:40:27 :: updated /gears/g/glpi.git branch `p11'
2025-Jan-16 07:40:46 :: gears update OK
2025-Jan-16 07:40:46 :: task #369570 for p11 DONE
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-01-16 7:40 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-01-15 6:04 [#369570] p11 EPERM glpi.git=10.0.17-alt1 Girar awaiter (zidex)
2025-01-16 7:40 ` [#369570] p11 DONE (try 2) glpi.git=10.0.17-alt1 Girar pender (amakeenk)
ALT Linux Girar Builder robot reports
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/sisyphus-incominger/0 sisyphus-incominger/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 sisyphus-incominger sisyphus-incominger/ http://lore.altlinux.org/sisyphus-incominger \
sisyphus-incominger@lists.altlinux.org sisyphus-incominger@lists.altlinux.ru sisyphus-incominger@lists.altlinux.com
public-inbox-index sisyphus-incominger
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.sisyphus-incominger
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git