* [#397100] TESTED etcd.git=etcd-ordinary-3.5.23-alt1
@ 2025-10-14 8:37 Girar awaiter (geochip)
2025-10-15 5:57 ` [#397100] DONE (try 2) etcd.git=etcd-ordinary-3.5.23-alt1 Girar pender (geochip)
0 siblings, 1 reply; 2+ messages in thread
From: Girar awaiter (geochip) @ 2025-10-14 8:37 UTC (permalink / raw)
To: Alexander Stepchenko; +Cc: sisyphus-incominger, girar-builder-sisyphus
https://git.altlinux.org/tasks/397100/logs/events.1.1.log
https://packages.altlinux.org/tasks/397100
subtask name aarch64 i586 x86_64
#100 etcd 2:40 1:49 1:43
2025-Oct-14 08:31:24 :: test-only task #397100 for sisyphus started by geochip:
#100 build etcd-ordinary-3.5.23-alt1 from /people/geochip/packages/etcd.git fetched at 2025-Oct-14 08:31:21
2025-Oct-14 08:31:25 :: [x86_64] #100 etcd.git etcd-ordinary-3.5.23-alt1: build start
2025-Oct-14 08:31:25 :: [i586] #100 etcd.git etcd-ordinary-3.5.23-alt1: build start
2025-Oct-14 08:31:25 :: [aarch64] #100 etcd.git etcd-ordinary-3.5.23-alt1: build start
2025-Oct-14 08:33:08 :: [x86_64] #100 etcd.git etcd-ordinary-3.5.23-alt1: build OK
2025-Oct-14 08:33:14 :: [i586] #100 etcd.git etcd-ordinary-3.5.23-alt1: build OK
2025-Oct-14 08:34:05 :: [aarch64] #100 etcd.git etcd-ordinary-3.5.23-alt1: build OK
2025-Oct-14 08:34:10 :: 100: build check OK
2025-Oct-14 08:34:11 :: build check OK
2025-Oct-14 08:34:18 :: #100: etcd.git etcd-ordinary-3.5.23-alt1: version check OK
2025-Oct-14 08:34:19 :: build version check OK
2025-Oct-14 08:34:36 :: noarch check OK
2025-Oct-14 08:34:38 :: plan: src +1 -1 =20732, aarch64 +2 -2 =36625, i586 +2 -2 =35131, x86_64 +2 -2 =37466
#100 etcd 3.5.16-alt4 -> 3.5.23-alt1
Tue Oct 14 2025 Alexander Stepchenko <geochip@altlinux> 3.5.23-alt1
- 3.5.16 -> 3.5.23
- Fixes:
+ CVE-2024-45337: Misuse of connection.serverAuthenticate may cause authorization bypass in golang.org/x/crypto
+ CVE-2024-45338: Non-linear parsing of case-insensitive content in golang.org/x/net/html
+ CVE-2024-51744: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt
+ CVE-2025-22869: Potential denial of service in golang.org/x/crypto
+ CVE-2025-22870: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net
+ CVE-2025-22872: Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net
+ CVE-2025-30204: jwt-go allows excessive memory allocation during header parsing
2025-Oct-14 08:34:38 :: etcd: fixes vulnerabilities: CVE-2024-45337 CVE-2024-45338 CVE-2024-51744 CVE-2025-22869 CVE-2025-22870 CVE-2025-22872 CVE-2025-30204
2025-Oct-14 08:35:21 :: patched apt indices
2025-Oct-14 08:35:31 :: created next repo
2025-Oct-14 08:35:41 :: duplicate provides check OK
2025-Oct-14 08:36:21 :: dependencies check OK
nm: /tmp/5PMW6QSVNe/bHoDrKls3A: no symbols
nm: /tmp/TOGfOuUeYD/DyV3hWEBF9: no symbols
nm: /tmp/5PMW6QSVNe/Uh1IZQQ64Y: no symbols
nm: /tmp/aCNWxa7pCF/6lH50gy5dA: no symbols
nm: /tmp/TOGfOuUeYD/e1aVNbv0M1: no symbols
nm: /tmp/aCNWxa7pCF/NLWKvUUtne: no symbols
nm: /tmp/5PMW6QSVNe/294QMX4uM_: no symbols
nm: /tmp/TOGfOuUeYD/vt2lNe4u_x: no symbols
nm: /tmp/aCNWxa7pCF/QXprbMejGx: no symbols
nm: /tmp/5PMW6QSVNe/S3ecfMDqW1: no symbols
nm: /tmp/TOGfOuUeYD/rgCZDeJdp6: no symbols
nm: /tmp/aCNWxa7pCF/ObeaNJQt2F: no symbols
nm: nm: /tmp/5PMW6QSVNe/Re4B2eVeF6: no symbols/tmp/TOGfOuUeYD/O4usH9Mix9: no symbols
nm: /tmp/aCNWxa7pCF/ht1tgWM7fU: no symbols
nm: /tmp/TOGfOuUeYD/7Cxd0imLqL: no symbols
nm: /tmp/5PMW6QSVNe/U5vdef5PHv: no symbols
nm: /tmp/aCNWxa7pCF/INoIZCQDFz: no symbols
2025-Oct-14 08:36:25 :: [x86_64 i586 aarch64] ELF symbols check OK
2025-Oct-14 08:36:40 :: [i586] #100 etcd: install check OK
2025-Oct-14 08:36:41 :: [x86_64] #100 etcd: install check OK
2025-Oct-14 08:36:50 :: [aarch64] #100 etcd: install check OK
2025-Oct-14 08:36:51 :: [i586] #100 etcd-debuginfo: install check OK
2025-Oct-14 08:36:51 :: [x86_64] #100 etcd-debuginfo: install check OK
2025-Oct-14 08:37:06 :: [aarch64] #100 etcd-debuginfo: install check OK
2025-Oct-14 08:37:23 :: [x86_64-i586] generated apt indices
2025-Oct-14 08:37:23 :: [x86_64-i586] created next repo
2025-Oct-14 08:37:34 :: [x86_64-i586] dependencies check OK
2025-Oct-14 08:37:35 :: gears inheritance check OK
2025-Oct-14 08:37:35 :: srpm inheritance check OK
girar-check-perms: access to etcd ALLOWED for geochip: project leader
check-subtask-perms: #100: etcd: allowed for geochip
2025-Oct-14 08:37:36 :: acl check OK
2025-Oct-14 08:37:48 :: created contents_index files
2025-Oct-14 08:37:55 :: created hash files: aarch64 i586 src x86_64
2025-Oct-14 08:37:58 :: task #397100 for sisyphus TESTED
^ permalink raw reply [flat|nested] 2+ messages in thread
* [#397100] DONE (try 2) etcd.git=etcd-ordinary-3.5.23-alt1
2025-10-14 8:37 [#397100] TESTED etcd.git=etcd-ordinary-3.5.23-alt1 Girar awaiter (geochip)
@ 2025-10-15 5:57 ` Girar pender (geochip)
0 siblings, 0 replies; 2+ messages in thread
From: Girar pender (geochip) @ 2025-10-15 5:57 UTC (permalink / raw)
To: Alexander Stepchenko; +Cc: sisyphus-incominger, girar-builder-sisyphus
https://git.altlinux.org/tasks/archive/done/_387/397100/logs/events.2.2.log
https://packages.altlinux.org/tasks/397100
2025-Oct-15 05:52:18 :: task #397100 for sisyphus resumed by geochip:
#100 build etcd-ordinary-3.5.23-alt1 from /people/geochip/packages/etcd.git fetched at 2025-Oct-14 08:31:21
2025-Oct-15 05:52:19 :: [x86_64] #100 etcd.git etcd-ordinary-3.5.23-alt1: build start
2025-Oct-15 05:52:19 :: [aarch64] #100 etcd.git etcd-ordinary-3.5.23-alt1: build start
2025-Oct-15 05:52:19 :: [i586] #100 etcd.git etcd-ordinary-3.5.23-alt1: build start
2025-Oct-15 05:52:31 :: [i586] #100 etcd.git etcd-ordinary-3.5.23-alt1: build OK (cached)
2025-Oct-15 05:52:31 :: [x86_64] #100 etcd.git etcd-ordinary-3.5.23-alt1: build OK (cached)
2025-Oct-15 05:52:37 :: [aarch64] #100 etcd.git etcd-ordinary-3.5.23-alt1: build OK (cached)
2025-Oct-15 05:52:38 :: 100: build check OK (cached)
2025-Oct-15 05:52:39 :: build check OK
2025-Oct-15 05:52:47 :: #100: etcd.git etcd-ordinary-3.5.23-alt1: version check OK
2025-Oct-15 05:52:47 :: build version check OK
2025-Oct-15 05:53:04 :: noarch check OK
2025-Oct-15 05:53:05 :: plan: src +1 -1 =20748, aarch64 +2 -2 =36679, i586 +2 -2 =35141, x86_64 +2 -2 =37520
#100 etcd 3.5.16-alt4 -> 3.5.23-alt1
Tue Oct 14 2025 Alexander Stepchenko <geochip@altlinux> 3.5.23-alt1
- 3.5.16 -> 3.5.23
- Fixes:
+ CVE-2024-45337: Misuse of connection.serverAuthenticate may cause authorization bypass in golang.org/x/crypto
+ CVE-2024-45338: Non-linear parsing of case-insensitive content in golang.org/x/net/html
+ CVE-2024-51744: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt
+ CVE-2025-22869: Potential denial of service in golang.org/x/crypto
+ CVE-2025-22870: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net
+ CVE-2025-22872: Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net
+ CVE-2025-30204: jwt-go allows excessive memory allocation during header parsing
2025-Oct-15 05:53:06 :: etcd: fixes vulnerabilities: CVE-2024-45337 CVE-2024-45338 CVE-2024-51744 CVE-2025-22869 CVE-2025-22870 CVE-2025-22872 CVE-2025-30204
2025-Oct-15 05:53:55 :: patched apt indices
2025-Oct-15 05:54:05 :: created next repo
2025-Oct-15 05:54:16 :: duplicate provides check OK
2025-Oct-15 05:54:57 :: dependencies check OK
2025-Oct-15 05:54:59 :: [x86_64 i586 aarch64] ELF symbols check OK
2025-Oct-15 05:55:11 :: [i586] #100 etcd: install check OK (cached)
2025-Oct-15 05:55:12 :: [x86_64] #100 etcd: install check OK (cached)
2025-Oct-15 05:55:15 :: [i586] #100 etcd-debuginfo: install check OK (cached)
2025-Oct-15 05:55:17 :: [x86_64] #100 etcd-debuginfo: install check OK (cached)
2025-Oct-15 05:55:18 :: [aarch64] #100 etcd: install check OK (cached)
2025-Oct-15 05:55:26 :: [aarch64] #100 etcd-debuginfo: install check OK (cached)
2025-Oct-15 05:55:46 :: [x86_64-i586] generated apt indices
2025-Oct-15 05:55:46 :: [x86_64-i586] created next repo
2025-Oct-15 05:55:57 :: [x86_64-i586] dependencies check OK
2025-Oct-15 05:55:58 :: gears inheritance check OK
2025-Oct-15 05:55:58 :: srpm inheritance check OK
girar-check-perms: access to etcd ALLOWED for geochip: project leader
check-subtask-perms: #100: etcd: allowed for geochip
2025-Oct-15 05:55:59 :: acl check OK
2025-Oct-15 05:56:13 :: created contents_index files
2025-Oct-15 05:56:23 :: created hash files: aarch64 i586 src x86_64
2025-Oct-15 05:56:26 :: task #397100 for sisyphus TESTED
2025-Oct-15 05:56:27 :: task is ready for commit
2025-Oct-15 05:56:33 :: repo clone OK
2025-Oct-15 05:56:33 :: packages update OK
2025-Oct-15 05:56:42 :: [x86_64 i586 aarch64] update OK
2025-Oct-15 05:56:42 :: repo update OK
2025-Oct-15 05:56:58 :: repo save OK
2025-Oct-15 05:56:58 :: src index update OK
2025-Oct-15 05:56:59 :: updated /gears/e/etcd.git branch `sisyphus'
2025-Oct-15 05:57:02 :: gears update OK
2025-Oct-15 05:57:02 :: task #397100 for sisyphus DONE
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-10-15 5:57 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-10-14 8:37 [#397100] TESTED etcd.git=etcd-ordinary-3.5.23-alt1 Girar awaiter (geochip)
2025-10-15 5:57 ` [#397100] DONE (try 2) etcd.git=etcd-ordinary-3.5.23-alt1 Girar pender (geochip)
ALT Linux Girar Builder robot reports
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/sisyphus-incominger/0 sisyphus-incominger/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 sisyphus-incominger sisyphus-incominger/ http://lore.altlinux.org/sisyphus-incominger \
sisyphus-incominger@lists.altlinux.org sisyphus-incominger@lists.altlinux.ru sisyphus-incominger@lists.altlinux.com
public-inbox-index sisyphus-incominger
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.sisyphus-incominger
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git