* [#391565] p11 EPERM glpi.git=10.0.19-alt1
@ 2025-08-02 11:19 Girar awaiter (zidex)
2025-08-07 8:53 ` [#391565] p11 DONE (try 2) glpi.git=10.0.19-alt1 Girar pender (snowmix)
0 siblings, 1 reply; 2+ messages in thread
From: Girar awaiter (zidex) @ 2025-08-02 11:19 UTC (permalink / raw)
To: Pavel Zilke; +Cc: sisyphus-incominger, girar-builder-p11, girar-builder-p11
https://git.altlinux.org/tasks/391565/logs/events.1.1.log
https://packages.altlinux.org/tasks/391565
subtask name aarch64 i586 x86_64
#100 glpi 1:43 1:44 1:16
2025-Aug-02 11:13:22 :: task #391565 for p11 started by zidex:
2025-Aug-02 11:13:23 :: message: security_fix
#100 build 10.0.19-alt1 from /people/zidex/packages/glpi.git fetched at 2025-Aug-02 11:12:37
2025-Aug-02 11:13:24 :: [i586] #100 glpi.git 10.0.19-alt1: build start
2025-Aug-02 11:13:24 :: [aarch64] #100 glpi.git 10.0.19-alt1: build start
2025-Aug-02 11:13:24 :: [x86_64] #100 glpi.git 10.0.19-alt1: build start
2025-Aug-02 11:14:40 :: [x86_64] #100 glpi.git 10.0.19-alt1: build OK
2025-Aug-02 11:15:07 :: [aarch64] #100 glpi.git 10.0.19-alt1: build OK
2025-Aug-02 11:15:08 :: [i586] #100 glpi.git 10.0.19-alt1: build OK
2025-Aug-02 11:15:29 :: #100: glpi.git 10.0.19-alt1: build check OK
2025-Aug-02 11:15:30 :: build check OK
2025-Aug-02 11:15:45 :: noarch check OK
2025-Aug-02 11:15:46 :: plan: src +1 -1 =19749, noarch +5 -5 =20867
#100 glpi 10.0.18-alt1 -> 10.0.19-alt1
Wed Jul 16 2025 Pavel Zilke <zidex@altlinux> 10.0.19-alt1
- New version 10.0.19
- This release fixes a security issue that has been recently discovered. Update is recommended!
- Security fixes:
+ CVE-2025-27514 : Stored XSS on projects kanban
+ CVE-2025-52567 : Blind SSRF in RSS feeds and planning
+ CVE-2025-52897 : XSS and open redirection in planning
+ CVE-2025-53008 : Mail receiver credentials exfiltration
+ CVE-2025-53357 : Reservations modification by unauthorized user
+ CVE-2025-53113 : Access to unallowed items information through external links
[...]
2025-Aug-02 11:15:47 :: glpi: mentions vulnerabilities: CVE-2025-27514 CVE-2025-52567 CVE-2025-52897 CVE-2025-53008 CVE-2025-53357 CVE-2025-53113 CVE-2025-53111 CVE-2025-53112 CVE-2025-53105
2025-Aug-02 11:16:13 :: patched apt indices
2025-Aug-02 11:16:22 :: created next repo
2025-Aug-02 11:16:32 :: duplicate provides check OK
2025-Aug-02 11:17:08 :: dependencies check OK
2025-Aug-02 11:17:27 :: [x86_64] #100 glpi: install check OK
2025-Aug-02 11:17:28 :: [i586] #100 glpi: install check OK
2025-Aug-02 11:17:37 :: [aarch64] #100 glpi: install check OK
2025-Aug-02 11:17:40 :: [x86_64] #100 glpi-apache2: install check OK
2025-Aug-02 11:17:41 :: [i586] #100 glpi-apache2: install check OK
2025-Aug-02 11:17:53 :: [x86_64] #100 glpi-php8.1: install check OK
2025-Aug-02 11:17:54 :: [i586] #100 glpi-php8.1: install check OK
2025-Aug-02 11:17:55 :: [aarch64] #100 glpi-apache2: install check OK
2025-Aug-02 11:18:05 :: [x86_64] #100 glpi-php8.2: install check OK
2025-Aug-02 11:18:07 :: [i586] #100 glpi-php8.2: install check OK
2025-Aug-02 11:18:13 :: [aarch64] #100 glpi-php8.1: install check OK
2025-Aug-02 11:18:18 :: [x86_64] #100 glpi-php8.3: install check OK
2025-Aug-02 11:18:20 :: [i586] #100 glpi-php8.3: install check OK
2025-Aug-02 11:18:31 :: [aarch64] #100 glpi-php8.2: install check OK
2025-Aug-02 11:18:49 :: [aarch64] #100 glpi-php8.3: install check OK
2025-Aug-02 11:18:51 :: gears inheritance check OK
2025-Aug-02 11:18:51 :: srpm inheritance check OK
girar-check-perms: access to glpi DENIED for zidex: project `glpi' is not listed in the acl file for repository `p11', and the policy for such projects in `p11' is to deny
check-subtask-perms: #100: glpi: needs approvals from members of @maint and @tester groups
2025-Aug-02 11:18:53 :: acl check FAILED
2025-Aug-02 11:19:12 :: created contents_index files
2025-Aug-02 11:19:18 :: created hash files: noarch src
2025-Aug-02 11:19:22 :: task #391565 for p11 EPERM
^ permalink raw reply [flat|nested] 2+ messages in thread
* [#391565] p11 DONE (try 2) glpi.git=10.0.19-alt1
2025-08-02 11:19 [#391565] p11 EPERM glpi.git=10.0.19-alt1 Girar awaiter (zidex)
@ 2025-08-07 8:53 ` Girar pender (snowmix)
0 siblings, 0 replies; 2+ messages in thread
From: Girar pender (snowmix) @ 2025-08-07 8:53 UTC (permalink / raw)
To: Pavel Zilke; +Cc: sisyphus-incominger, girar-builder-p11, girar-builder-p11
https://git.altlinux.org/tasks/archive/done/_382/391565/logs/events.2.2.log
https://packages.altlinux.org/tasks/391565
2025-Aug-07 08:48:38 :: task #391565 for p11 resumed by snowmix:
2025-Aug-07 08:48:38 :: message: security_fix
#100 build 10.0.19-alt1 from /people/zidex/packages/glpi.git fetched at 2025-Aug-02 11:12:37
2025-Aug-07 08:48:40 :: [x86_64] #100 glpi.git 10.0.19-alt1: build start
2025-Aug-07 08:48:40 :: [i586] #100 glpi.git 10.0.19-alt1: build start
2025-Aug-07 08:48:40 :: [aarch64] #100 glpi.git 10.0.19-alt1: build start
2025-Aug-07 08:48:51 :: [i586] #100 glpi.git 10.0.19-alt1: build OK (cached)
2025-Aug-07 08:48:52 :: [x86_64] #100 glpi.git 10.0.19-alt1: build OK (cached)
2025-Aug-07 08:48:58 :: [aarch64] #100 glpi.git 10.0.19-alt1: build OK (cached)
2025-Aug-07 08:49:18 :: #100: glpi.git 10.0.19-alt1: build check OK
2025-Aug-07 08:49:20 :: build check OK
2025-Aug-07 08:49:35 :: noarch check OK
2025-Aug-07 08:49:37 :: plan: src +1 -1 =19751, noarch +5 -5 =20872
#100 glpi 10.0.18-alt1 -> 10.0.19-alt1
Wed Jul 16 2025 Pavel Zilke <zidex@altlinux> 10.0.19-alt1
- New version 10.0.19
- This release fixes a security issue that has been recently discovered. Update is recommended!
- Security fixes:
+ CVE-2025-27514 : Stored XSS on projects kanban
+ CVE-2025-52567 : Blind SSRF in RSS feeds and planning
+ CVE-2025-52897 : XSS and open redirection in planning
+ CVE-2025-53008 : Mail receiver credentials exfiltration
+ CVE-2025-53357 : Reservations modification by unauthorized user
+ CVE-2025-53113 : Access to unallowed items information through external links
[...]
2025-Aug-07 08:49:37 :: glpi: mentions vulnerabilities: CVE-2025-27514 CVE-2025-52567 CVE-2025-52897 CVE-2025-53008 CVE-2025-53357 CVE-2025-53113 CVE-2025-53111 CVE-2025-53112 CVE-2025-53105
2025-Aug-07 08:50:06 :: patched apt indices
2025-Aug-07 08:50:16 :: created next repo
2025-Aug-07 08:50:26 :: duplicate provides check OK
2025-Aug-07 08:51:05 :: dependencies check OK
2025-Aug-07 08:51:16 :: [x86_64] #100 glpi: install check OK (cached)
2025-Aug-07 08:51:17 :: [i586] #100 glpi: install check OK (cached)
2025-Aug-07 08:51:21 :: [x86_64] #100 glpi-apache2: install check OK (cached)
2025-Aug-07 08:51:21 :: [i586] #100 glpi-apache2: install check OK (cached)
2025-Aug-07 08:51:24 :: [aarch64] #100 glpi: install check OK (cached)
2025-Aug-07 08:51:25 :: [x86_64] #100 glpi-php8.1: install check OK (cached)
2025-Aug-07 08:51:25 :: [i586] #100 glpi-php8.1: install check OK (cached)
2025-Aug-07 08:51:30 :: [x86_64] #100 glpi-php8.2: install check OK (cached)
2025-Aug-07 08:51:30 :: [i586] #100 glpi-php8.2: install check OK (cached)
2025-Aug-07 08:51:32 :: [aarch64] #100 glpi-apache2: install check OK (cached)
2025-Aug-07 08:51:34 :: [x86_64] #100 glpi-php8.3: install check OK (cached)
2025-Aug-07 08:51:34 :: [i586] #100 glpi-php8.3: install check OK (cached)
2025-Aug-07 08:51:40 :: [aarch64] #100 glpi-php8.1: install check OK (cached)
2025-Aug-07 08:51:48 :: [aarch64] #100 glpi-php8.2: install check OK (cached)
2025-Aug-07 08:51:56 :: [aarch64] #100 glpi-php8.3: install check OK (cached)
2025-Aug-07 08:51:57 :: gears inheritance check OK
2025-Aug-07 08:51:57 :: srpm inheritance check OK
girar-check-perms: access to @maint ALLOWED for cas: member of approved group
girar-check-perms: access to @tester ALLOWED for snowmix: member of approved group
check-subtask-perms: #100: glpi: approved by cas, approved by snowmix
2025-Aug-07 08:51:59 :: acl check OK
2025-Aug-07 08:52:24 :: created contents_index files
2025-Aug-07 08:52:31 :: created hash files: noarch src
2025-Aug-07 08:52:35 :: task #391565 for p11 TESTED
2025-Aug-07 08:52:35 :: task is ready for commit
2025-Aug-07 08:52:41 :: repo clone OK
2025-Aug-07 08:52:41 :: packages update OK
2025-Aug-07 08:52:45 :: [noarch] update OK
2025-Aug-07 08:52:45 :: repo update OK
2025-Aug-07 08:52:55 :: repo save OK
2025-Aug-07 08:52:55 :: src index update OK
2025-Aug-07 08:52:55 :: updated /gears/g/glpi.git branch `p11'
2025-Aug-07 08:53:18 :: gears update OK
2025-Aug-07 08:53:19 :: task #391565 for p11 DONE
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-08-07 8:53 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-08-02 11:19 [#391565] p11 EPERM glpi.git=10.0.19-alt1 Girar awaiter (zidex)
2025-08-07 8:53 ` [#391565] p11 DONE (try 2) glpi.git=10.0.19-alt1 Girar pender (snowmix)
ALT Linux Girar Builder robot reports
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/sisyphus-incominger/0 sisyphus-incominger/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 sisyphus-incominger sisyphus-incominger/ http://lore.altlinux.org/sisyphus-incominger \
sisyphus-incominger@lists.altlinux.org sisyphus-incominger@lists.altlinux.ru sisyphus-incominger@lists.altlinux.com
public-inbox-index sisyphus-incominger
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.sisyphus-incominger
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git