FEDORA-2017-9cac2b8b4a

security update in Fedora 27 for fedpkg and rpkg

Status: stable 2 years ago

Update

  • Fixed chain-build
  • Remove hard dependency of bash-completion from fedpkg

rpkg

  • Ignore TestModulesCli if openidc-client is unavailable (cqi)
  • Port mbs-build to rpkg (mprahl)
  • Add .vscode to .gitignore (mprahl)
  • Fix TestPatch.test_rediff in order to run with old version of mock (cqi)
  • Allow to specify alternative Copr config file - #184 (cqi)
  • Tests for patch command (cqi)
  • More Tests for mockbuild command (cqi)
  • More tests for getting spec file (cqi)
  • Tests for container-build-setup command (cqi)
  • Test for container-build to use custom config (cqi)
  • Suppress output from git command within setUp (cqi)
  • Skip test if rpmfluff is not available (lsedlar)
  • Allow to override build URL (cqi)
  • Test for mock-config command (cqi)
  • Tests for copr-build command (cqi)
  • Fix arch-override for container-build (lucarval)
  • Remove unsupported osbs for container-build (lucarval)
  • cli: add --arches support for koji_cointainerbuild (mlangsdo)
  • Strip refs/heads/ from branch only once (lsedlar)
  • Don't install bin and config files (cqi)
  • Fix kojiprofile selection in cliClient.container_build_koji (cqi)
  • Avoid branch detection for 'rpkg sources' (praiskup)
  • Fix encoding in new command (cqi)
  • Minor wording improvement in help (pgier)
  • Fix indentation (pviktori)
  • Add --with and --without options to mockbuild (pviktori)

fedpkg

  • Tests for update command (cqi)
  • Add support for module commands (mprahl)
  • Clean rest cert related code (cqi)
  • Remove fedora cert (cqi)
  • Override build URL for Koji (cqi)
  • changing anongiturl to use src.fp.o instead of pkgs.fp.o. - #119 (tflink)
  • Add tests (cqi)
  • Enable lookaside_namespaced - #130 (cqi)
  • Detect dist tag correctly for RHEL and CentOS - #141 (cqi)
  • Remove deprecated call to platform.dist (cqi)
  • Do not prompt hint for SSL cert if fail to log into Koji (cqi)
  • Add more container-build options to bash completion (cqi)
  • Remove osbs from bash completion - #138 (cqi)
  • Install executables via entry_points - #134 (cqi)
  • Fix container build target (lsedlar)
  • Get correct build target for rawhide containers (lsedlar)
  • Update error message to reflect deprecation of --dist option (pgier)

How to install

sudo dnf upgrade --advisory=FEDORA-2017-9cac2b8b4a

Comments 42

This update has been submitted for testing by cqi.

cqi edited this update.

cqi edited this update.

cqi edited this update.

This update has been pushed to testing.

With fedpkg-1.30.fc27,

22700048 build (f26-candidate, /git/rpms/rubygem-gtk3:2535b13ec0ac45ecc74200be33dad00e136b7821): open (buildvm-s390x-15.s390.fedoraproject.org) -> FAILED: BuildError: src.fedoraproject.org:/git/rpms/rubygem-gtk3 is not in the list of allowed SCMs
  0 free  0 open  0 done  2 failed

https://koji.fedoraproject.org/koji/taskinfo?taskID=22700048

Reverting to fedpkg-1.29-5.fc27 resolves the above issue.

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.

Same finding as @mtasaka

karma: -1

Cannot run fedpkg new-sources successfully:

$ fedpkg new-sources node-v8.8.1-stripped.tar.gz
Could not execute new_sources: Error checking for node-v8.8.1-stripped.tar.gz at https://src.fedoraproject.org/repo/pkgs/upload.cgi

Works fine when I downgrade back to the versions in the stable repo.

karma: -1

This update has been obsoleted.

@ sgallagh Hi, can you run it again with -v -d and what is the output? Thanks.

[sgallagh@sgallaghp50:nodejs (master)]$ fedpkg -v -d new-sources  node-v8.8.1-stripped.tar.gz 
Creating repo object from /home/sgallagh/workspace/fedora/nodejs
Status: 404 Not Found
Content-type: text/plain

Module "rpms/nodejs" does not exist!
Could not execute new_sources: Error checking for node-v8.8.1-stripped.tar.gz at https://src.fedoraproject.org/repo/pkgs/upload.cgi
Traceback (most recent call last):
  File "/usr/bin/fedpkg", line 11, in <module>
    load_entry_point('fedpkg==1.30', 'console_scripts', 'fedpkg')()
  File "/usr/lib/python2.7/site-packages/fedpkg/__main__.py", line 77, in main
    sys.exit(client.args.command())
  File "/usr/lib/python2.7/site-packages/pyrpkg/cli.py", line 1585, in new_sources
    self.cmd.upload(self.args.files, replace=self.args.replace)
  File "/usr/lib/python2.7/site-packages/pyrpkg/__init__.py", line 2429, in upload
    f, file_hash)
  File "/usr/lib/python2.7/site-packages/pyrpkg/lookaside.py", line 296, in upload
    if self.remote_file_exists(name, filename, hash):
  File "/usr/lib/python2.7/site-packages/pyrpkg/lookaside.py", line 275, in remote_file_exists
    % (filename, self.upload_url))
pyrpkg.errors.UploadError: Error checking for node-v8.8.1-stripped.tar.gz at https://src.fedoraproject.org/repo/pkgs/upload.cgi

cqi edited this update.

New build(s):

  • fedpkg-1.30-2.fc27

Removed build(s):

  • fedpkg-1.30-1.fc27

Karma has been reset.

This update has been submitted for testing by cqi.

This update has been pushed to testing.

@pbrobinson I just tried fedpkg from Fedora 27 updates-testing, I can do an anonymous clone, scratch-build, sources and new-sources. Which version of fedpkg installed in your Fedora 27 machine? I found old fedpkg-1.30-1 was available in updates-testing, but new build fedpkg-1.30-2 is available now. Can you try again? Thank you.

works for me

karma: +1

works for me. build from scm issue resolved with this update.

This update has reached 3 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for batched by cqi.

I could not built sssd in f25

BuildError: src.fedoraproject.org:/git/rpms/sssd is not in the list of allowed SCMs https://koji.fedoraproject.org/koji/taskinfo?taskID=22848261

karma: +1

puiterwijk edited this update.

New build(s):

  • fedpkg-1.30-3.fc27

Removed build(s):

  • fedpkg-1.30-2.fc27

Karma has been reset.

This update has been submitted for testing by puiterwijk.

@lslebodn Please try again with fedpkg-1.30-3 which was updated after your build.

works for me

karma: +1

This update has been pushed to testing.

Works

karma: +1

This update has reached 3 days in testing and can be pushed to stable now if the maintainer wishes

fedpkg chain-build regressed, doesn't appear to work correctly, one example: https://koji.fedoraproject.org/koji/taskinfo?taskID=22984686

karma: -1

cqi edited this update.

New build(s):

  • rpkg-1.51-2.fc27
  • fedpkg-1.30-4.fc27

Removed build(s):

  • fedpkg-1.30-3.fc27
  • rpkg-1.51-1.fc27

Karma has been reset.

This update has been submitted for testing by cqi.

cqi edited this update.

@rdieter Hi, please have a try with these new builds.

This update has been pushed to testing.

This update has been submitted for batched by cqi.

Bodhi is unable to request this update for stabilization: This update has not yet met the minimum testing requirements defined in the Package Update Acceptance Criteria

This update has been submitted for stable by bodhi.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
+1
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 2 years ago
in testing 2 years ago
in stable 2 years ago
modified 2 years ago

Related Bugs 2

00 #1188634 fedpkg clone -a should use https:// transport
00 #1509322 fedpkg >= 1.30-1 depends on bash-completion

Automated Test Results

Test Cases

0+1 Test Case build from distgit with mock
0+1 Test Case clone distgit repository
0+1 Test Case download upstream sources
0+1 Test Case scratch build from distgit