Hello community, here is the log from the commit of package quagga for openSUSE:Factory checked in at 2017-04-11 09:46:08 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/quagga (Old) and /work/SRC/openSUSE:Factory/.quagga.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "quagga" Tue Apr 11 09:46:08 2017 rev:50 rq:485964 version:1.1.1 Changes: -------- --- /work/SRC/openSUSE:Factory/quagga/quagga.changes 2016-11-05 21:25:50.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.quagga.new/quagga.changes 2017-04-11 09:46:11.920304462 +0200 @@ -1,0 +2,42 @@ +Mon Apr 3 11:22:38 UTC 2017 - tchvatal@suse.com + +- Remove FIXME's added by spec-cleaner by using proper phases for the + prereq deps +- Remove code checking for the proc mounting (build scripts do that + for us anyway) + remove the commented out autoconf +- Use content of %tmpfiles_create macro rather than 2 lines of checks +- Use version in zebra provides/obsoletes to avoid rpmlint warning + +------------------------------------------------------------------- +Thu Mar 30 16:49:01 UTC 2017 - mt@suse.de + +- Update to quagga-1.1.1, a security and bug fix release (fate#323168): + See http://mirror.easyname.at/nongnu/quagga/quagga-1.1.1.changelog.txt + for complete changelog, a digest of the changes: + - Telnet 'vty' interface DoS fix due to unbounded memory + allocation (CVE-2017-5495,bsc#1021669) + - revert opsf6d: Update router-LSA when nbr's interface-ID changes + See http://mirror.easyname.at/nongnu/quagga/quagga-1.0.20161017.changelog.txt + for complete changelog, a digest of the changes: + - isisd: Fix size of malloc + - isisd: check for the existance of the correct list + - ospf6d: fix off-by-one on display of spf reasons + - ospf6d: don't access nexthops out of bounds + - bgpd: fix off-by-one in attribute flags handling + - zebra: stack overrun in IPv6 RA receive code (CVE-2016-1245) + - bgpd: Fix buffer overflow error in bgp_dump_routes_func +- Added libfpm_pb0 and libquagga_pb0 shared library sub-packages, + adjusted libzebra0 sub-package name to libzebra1. +- Use tmpfiles_create RPM macro to create quagga rundir and adjust + tmpfiles config to contain proper rundir at install time. +- Removed obsolete patches: + quagga-CVE-2016-1245-stack-overrun-in-IPv6-RA-receive.patch + quagga-CVE-2016-4049-fix-buf-ovflow-bgp-dump-routes.patch + quagga-autoconf-detect-AM_SILENT_RULES.patch +- Do not enable zebra's tcp interface (port 2600) to use default + unix socket for communication between the daemons (fate#323170). +- Added quagga.log and create and su statemets to logrotate config, + changed default zebra log file name from quagga.log to zebra.log. +- Cleaned up the spec file using spec-cleaner. + +------------------------------------------------------------------- Old: ---- quagga-1.0.20160315.tar.asc quagga-1.0.20160315.tar.xz quagga-CVE-2016-1245-stack-overrun-in-IPv6-RA-receive.patch quagga-CVE-2016-4049-fix-buf-ovflow-bgp-dump-routes.patch quagga-autoconf-detect-AM_SILENT_RULES.patch New: ---- quagga-1.1.1.tar.gz quagga-1.1.1.tar.gz.asc quagga.logrotate ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ quagga.spec ++++++ --- /var/tmp/diff_new_pack.jpdGiQ/_old 2017-04-11 09:46:12.804179603 +0200 +++ /var/tmp/diff_new_pack.jpdGiQ/_new 2017-04-11 09:46:12.808179038 +0200 @@ -1,7 +1,7 @@ # # spec file for package quagga # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -21,36 +21,37 @@ %else %bcond_with systemd %endif - -%bcond_without tcp_zebra +%bcond_with tcp_zebra %bcond_without irdp %bcond_with isis %bcond_with isis_topology %bcond_without pcre - +%if %{defined _rundir} +%define quagga_statedir %{_rundir}/%{name} +%else +%define quagga_statedir %{_localstatedir}/run/%{name} +%endif Name: quagga -Version: 1.0.20160315 +Version: 1.1.1 Release: 0 Summary: Routing Software for BGP, OSPF and RIP License: LGPL-2.1+ Group: Productivity/Networking/Routing Url: http://www.quagga.net -Source: http://download.savannah.gnu.org/releases/quagga/%{name}-%{version}.tar.xz -Source3: http://download.savannah.gnu.org/releases/quagga/%{name}-%{version}.tar.asc +Source: http://download.savannah.gnu.org/releases/quagga/%{name}-%{version}.tar.gz +Source1: %{name}-SUSE.tar.bz2 +Source2: %{name}.pam +Source3: http://download.savannah.gnu.org/releases/quagga/%{name}-%{version}.tar.gz.asc # downloaded from: http://download.savannah.gnu.org/releases/quagga/pgp-54CD2E60.asc # new download from: # http://www.nongnu.org/quagga/quagga.net.pgp.asc -Source4: quagga.keyring -Source1: %{name}-SUSE.tar.bz2 -Source2: %{name}.pam +Source4: %{name}.keyring Source5: %{name}-tmpfs.conf Source6: sysconfig.%{name} +Source7: %{name}.logrotate Patch1: %{name}-add-ospf6_main-return-value.patch Patch2: %{name}-add-table_test-return-value.patch Patch3: 0001-systemd-change-the-WantedBy-target.patch -Patch4: %{name}-autoconf-detect-AM_SILENT_RULES.patch -Patch5: %{name}-CVE-2016-4049-fix-buf-ovflow-bgp-dump-routes.patch -Patch6: %{name}-CVE-2016-1245-stack-overrun-in-IPv6-RA-receive.patch BuildRequires: autoconf >= 2.6 BuildRequires: automake >= 1.6 BuildRequires: libtool @@ -58,31 +59,25 @@ BuildRequires: pam-devel BuildRequires: readline-devel BuildRequires: xz +Requires(post): %fillup_prereq +Requires(post): %{install_info_prereq} +# pwdutils for useradd and groupadd +Requires(pre): pwdutils +Recommends: logrotate +Provides: zebra = %{version} +Obsoletes: zebra < %{version} +BuildRoot: %{_tmppath}/%{name}-%{version}-build %if %{with pcre} BuildRequires: pcre-devel %endif -%if 0%{suse_version} > 1220 +%if 0%{?suse_version} > 1220 BuildRequires: makeinfo %endif %if %{with systemd} -%{?systemd_requires} BuildRequires: systemd-rpm-macros +%{?systemd_requires} %else -PreReq: %insserv_prereq -%endif -PreReq: %fillup_prereq -PreReq: %install_info_prereq -# pwdutils for useradd and groupadd -PreReq: pwdutils -Recommends: logrotate -Provides: zebra -Obsoletes: zebra -BuildRoot: %{_tmppath}/%{name}-%{version}-build - -%if %{defined _rundir} -%define quagga_statedir %_rundir/%{name} -%else -%define quagga_statedir %_localstatedir/run/%{name} +Requires(post): %insserv_prereq %endif %description @@ -104,20 +99,37 @@ %description -n libospfapiclient0 This library contains part of the OSPFv2 implementation of Quagga. -%package -n libzebra0 +%package -n libzebra1 Summary: Quagga utility library Group: System/Libraries -%description -n libzebra0 +%description -n libzebra1 This library contains various utility functions to Quagga, such as data types, buffers and socket handling. +%package -n libfpm_pb0 +Summary: Quagga fpm protobuf library +Group: System/Libraries + +%description -n libfpm_pb0 +This library contains forwarding plane manager protobuf definitions +for Quagga. + +%package -n libquagga_pb0 +Summary: Quagga quagga protobuf library +Group: System/Libraries + +%description -n libquagga_pb0 +This library contains protobuf memory management for Quagga. + %package devel Summary: Development files for quagga, a routing software for BGP, OSPF, RIP Group: Development/Libraries/C and C++ +Requires: libfpm_pb0 = %{version} Requires: libospf0 = %{version} Requires: libospfapiclient0 = %{version} -Requires: libzebra0 = %{version} +Requires: libquagga_pb0 = %{version} +Requires: libzebra1 = %{version} %description devel Quagga is a routing software suite, providing implementations of @@ -131,17 +143,8 @@ %patch1 -p 1 %patch2 -p 1 %patch3 -p 1 -%patch4 -p 1 -%patch5 -p 1 -%patch6 -p 1 %build -if ! ls /proc/net/{dev,route,snmp} >/dev/null; then - echo "ERROR: /proc is not mounted" >&2; - exit 1; -fi -rm -f m4/libtool.m4 m4/lt*.m4 -autoreconf --force --install export CFLAGS="%{optflags} -fno-strict-aliasing" %configure --disable-static --with-pic \ --enable-vtysh \ @@ -172,29 +175,31 @@ %install rm -r doc/quagga.info -make DESTDIR=%{buildroot} install -rm -rf %{buildroot}%{_libdir}/*.la +%make_install +find %{buildroot} -type f -name "*.la" -delete -print install -d %{buildroot}%{_sysconfdir}/{init.d,quagga,pam.d,logrotate.d} %if %{with systemd} install -d %{buildroot}%{_unitdir} -install -p -m 644 redhat/zebra.service %{buildroot}%{_unitdir}/zebra.service -ln -s /usr/sbin/service %{buildroot}%{_sbindir}/rczebra -install -p -m 644 redhat/isisd.service %{buildroot}%{_unitdir}/isisd.service -ln -s /usr/sbin/service %{buildroot}%{_sbindir}/rcisisd -install -p -m 644 redhat/ripd.service %{buildroot}%{_unitdir}/ripd.service -ln -s /usr/sbin/service %{buildroot}%{_sbindir}/rcripd -install -p -m 644 redhat/ospfd.service %{buildroot}%{_unitdir}/ospfd.service -ln -s /usr/sbin/service %{buildroot}%{_sbindir}/rcospfd -install -p -m 644 redhat/bgpd.service %{buildroot}%{_unitdir}/bgpd.service -ln -s /usr/sbin/service %{buildroot}%{_sbindir}/rcbgpd -install -p -m 644 redhat/ospf6d.service %{buildroot}%{_unitdir}/ospf6d.service -ln -s /usr/sbin/service %{buildroot}%{_sbindir}/rcospf6d -install -p -m 644 redhat/ripngd.service %{buildroot}%{_unitdir}/ripngd.service -ln -s /usr/sbin/service %{buildroot}%{_sbindir}/rcripngd -install -d -m 755 %{buildroot}/%{_tmpfilesdir} -install -p -m 644 %{SOURCE5} %{buildroot}/%{_tmpfilesdir}/quagga.conf +install -p -m 0644 redhat/zebra.service %{buildroot}%{_unitdir}/zebra.service +ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rczebra +install -p -m 0644 redhat/isisd.service %{buildroot}%{_unitdir}/isisd.service +ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcisisd +install -p -m 0644 redhat/ripd.service %{buildroot}%{_unitdir}/ripd.service +ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcripd +install -p -m 0644 redhat/ospfd.service %{buildroot}%{_unitdir}/ospfd.service +ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcospfd +install -p -m 0644 redhat/bgpd.service %{buildroot}%{_unitdir}/bgpd.service +ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcbgpd +install -p -m 0644 redhat/ospf6d.service %{buildroot}%{_unitdir}/ospf6d.service +ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcospf6d +install -p -m 0644 redhat/ripngd.service %{buildroot}%{_unitdir}/ripngd.service +ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcripngd +install -d -m 0755 %{buildroot}/%{_tmpfilesdir} +install -p -m 0644 %{SOURCE5} %{buildroot}/%{_tmpfilesdir}/quagga.conf +sed -e "s|@quagga_statedir@|%{quagga_statedir}|g" -i \ + %{buildroot}/%{_tmpfilesdir}/quagga.conf %else -install -m 755 SUSE/* %{buildroot}%{_sysconfdir}/init.d/ +install -m 0755 SUSE/* %{buildroot}%{_sysconfdir}/init.d/ ln -sf %{_sysconfdir}/init.d/zebra %{buildroot}%{_sbindir}/rczebra ln -sf %{_sysconfdir}/init.d/bgpd %{buildroot}%{_sbindir}/rcbgpd ln -sf %{_sysconfdir}/init.d/ospf6d %{buildroot}%{_sbindir}/rcospf6d @@ -202,20 +207,22 @@ ln -sf %{_sysconfdir}/init.d/ripngd %{buildroot}%{_sbindir}/rcripngd ln -sf %{_sysconfdir}/init.d/ripd %{buildroot}%{_sbindir}/rcripd %endif -install -d -m 755 %{buildroot}/var/adm/fillup-templates/ -install -m 644 %{S:6} %{buildroot}/var/adm/fillup-templates/sysconfig.%{name} -install -m 644 %{S:2} %{buildroot}%{_sysconfdir}/pam.d/quagga -install -d -m 750 %{buildroot}%{_localstatedir}/log/quagga -install -d -m 751 %{buildroot}%{quagga_statedir} -install -m 644 redhat/quagga.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/quagga +install -d -m 0755 %{buildroot}%{_localstatedir}/adm/fillup-templates/ +install -m 0644 %{SOURCE6} %{buildroot}%{_localstatedir}/adm/fillup-templates/sysconfig.%{name} +install -m 0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/pam.d/quagga +install -d -m 0750 %{buildroot}%{_localstatedir}/log/quagga +install -d -m 0751 %{buildroot}%{quagga_statedir} +install -m 0644 %{SOURCE7} %{buildroot}%{_sysconfdir}/logrotate.d/quagga rm -f %{buildroot}%{_sysconfdir}/quagga/*.sample* cat > %{buildroot}%{_sysconfdir}/quagga/zebra.conf << __EOF__ hostname quagga password quagga enable password quagga -log file %{_localstatedir}/log/quagga/quagga.log +log file %{_localstatedir}/log/quagga/zebra.log +__EOF__ +cat > %{buildroot}%{_sysconfdir}/quagga/vtysh.conf << __EOF__ +! vtysh is using PAM authentication allowing root to use it. __EOF__ -touch %{buildroot}%{_sysconfdir}/quagga/vtysh.conf %pre getent group quagga >/dev/null || %{_sbindir}/groupadd -r quagga || : @@ -229,13 +236,15 @@ %post %if %{with systemd} -systemd-tmpfiles --create %{_tmpfilesdir}/%{name}.conf || true +# Use %%tmpfiles_create when Leap 43.0 is oldest in support scope +%{_bindir}/systemd-tmpfiles --create %{_tmpfilesdir}/%{name}.conf || : %service_add_post zebra.service isisd.service ripd.service ospfd.service bgpd.service ospf6d.service ripngd.service -%{fillup_only} +%fillup_only %else %fillup_and_insserv +test -d %{quagga_statedir} || mkdir -m 0751 -p %{quagga_statedir} %endif -%install_info --info-dir=%{_infodir} %{_infodir}/%{name}.info.gz +%install_info --info-dir=%{_infodir} %{_infodir}/%{name}.info%{ext_info} %preun %if %{with systemd} @@ -245,7 +254,7 @@ %endif %postun -%install_info_delete --info-dir=%{_infodir} %{_infodir}/%{name}.info.gz +%install_info_delete --info-dir=%{_infodir} %{_infodir}/%{name}.info%{ext_info} %if %{with systemd} %service_del_postun zebra.service isisd.service ripd.service ospfd.service bgpd.service ospf6d.service ripngd.service %else @@ -257,17 +266,21 @@ %postun -n libospf0 -p /sbin/ldconfig %post -n libospfapiclient0 -p /sbin/ldconfig %postun -n libospfapiclient0 -p /sbin/ldconfig -%post -n libzebra0 -p /sbin/ldconfig -%postun -n libzebra0 -p /sbin/ldconfig +%post -n libzebra1 -p /sbin/ldconfig +%postun -n libzebra1 -p /sbin/ldconfig +%post -n libfpm_pb0 -p /sbin/ldconfig +%postun -n libfpm_pb0 -p /sbin/ldconfig +%post -n libquagga_pb0 -p /sbin/ldconfig +%postun -n libquagga_pb0 -p /sbin/ldconfig %files %defattr(-,root,root) %doc */*.sample* AUTHORS COPYING* ChangeLog NEWS README REPORTING-BUGS SERVICES TODO %{_sbindir}/* -%config %attr(750,root,quagga) %{_sysconfdir}/quagga/ +%dir %attr(750,root,quagga) %{_sysconfdir}/quagga/ %config(noreplace) %attr(640,root,quagga) %{_sysconfdir}/%{name}/*.conf %config(noreplace) %{_sysconfdir}/logrotate.d/* -/var/adm/fillup-templates/sysconfig.quagga +%{_localstatedir}/adm/fillup-templates/sysconfig.quagga %if %{with systemd} %{_unitdir}/*.service %dir %{_tmpfilesdir} @@ -290,10 +303,18 @@ %defattr(-,root,root) %{_libdir}/libospfapiclient.so.* -%files -n libzebra0 +%files -n libzebra1 %defattr(-,root,root) %{_libdir}/libzebra.so.* +%files -n libfpm_pb0 +%defattr(-,root,root) +%{_libdir}/libfpm_pb.so.* + +%files -n libquagga_pb0 +%defattr(-,root,root) +%{_libdir}/libquagga_pb.so.* + %files devel %defattr(-,root,root) %{_libdir}/*.so ++++++ quagga-tmpfs.conf ++++++ --- /var/tmp/diff_new_pack.jpdGiQ/_old 2017-04-11 09:46:12.868170564 +0200 +++ /var/tmp/diff_new_pack.jpdGiQ/_new 2017-04-11 09:46:12.868170564 +0200 @@ -1 +1 @@ -d /var/run/quagga 0755 quagga quagga +d @quagga_statedir@ 0751 quagga quagga ++++++ quagga.logrotate ++++++ /var/log/quagga/zebra.log /var/log/quagga/quagga.log { notifempty missingok create 600 quagga quagga su quagga quagga postrotate /bin/kill -USR1 `cat /var/run/quagga/zebra.pid 2> /dev/null` 2> /dev/null || true endscript } /var/log/quagga/bgpd.log { notifempty missingok create 600 quagga quagga su quagga quagga postrotate /bin/kill -USR1 `cat /var/run/quagga/bgpd.pid 2> /dev/null` 2> /dev/null || true endscript } /var/log/quagga/isisd.log { notifempty missingok create 600 quagga quagga su quagga quagga postrotate /bin/kill -USR1 `cat /var/run/quagga/isisd.pid 2> /dev/null` 2> /dev/null || true endscript } /var/log/quagga/ospfd.log { notifempty missingok create 600 quagga quagga su quagga quagga postrotate /bin/kill -USR1 `cat /var/run/quagga/ospfd.pid 2> /dev/null` 2> /dev/null || true endscript } /var/log/quagga/ospf6d.log { notifempty missingok create 600 quagga quagga su quagga quagga postrotate /bin/kill -USR1 `cat /var/run/quagga/ospf6d.pid 2> /dev/null` 2> /dev/null || true endscript } /var/log/quagga/ripd.log { notifempty missingok create 600 quagga quagga su quagga quagga postrotate /bin/kill -USR1 `cat /var/run/quagga/ripd.pid 2> /dev/null` 2> /dev/null || true endscript } /var/log/quagga/ripngd.log { notifempty missingok create 600 quagga quagga su quagga quagga postrotate /bin/kill -USR1 `cat /var/run/quagga/ripngd.pid 2> /dev/null` 2> /dev/null || true endscript }