Fix building of etcd


Bump to commit f29b1ada19713544b698dab8c94c97cfa1e83dac


Bump to commit e1ca3b4434945e57e8e3a451cdbde74a903cc8e1 Security fix for CVE-2018-16886 Security fix for CVE-2018-1098 CVE-2018-1099

This update has been submitted for testing by eclipseo.

a year ago

This update has obsoleted etcd-3.3.12-2.20190413gitf29b1ad.fc29, and has inherited its bugs and notes.

a year ago

This update has been pushed to testing.

a year ago
User Icon martinpitt commented & provided feedback a year ago
karma

This still fails, but differently now. On a current and clean F-29, with etcd-3.2.16-6.fc29.x86_64:

# systemctl status -l etcd
● etcd.service - Etcd Server
   Loaded: loaded (/usr/lib/systemd/system/etcd.service; disabled; vendor preset: disabled)
   Active: active (running) since Tue 2019-04-16 02:18:20 EDT; 35s ago
 Main PID: 7797 (etcd)
    Tasks: 9 (limit: 1147)
   Memory: 35.6M
      CPU: 226ms
   CGroup: /system.slice/etcd.service
           └─7797 /usr/bin/etcd --name=default --data-dir=/var/lib/etcd/default.etcd --listen-client-urls=http://localhost:2379

Apr 16 02:18:20 m1.cockpit.lan etcd[7797]: 8e9e05c52164694d received MsgVoteResp from 8e9e05c52164694d at term 2
Apr 16 02:18:20 m1.cockpit.lan etcd[7797]: 8e9e05c52164694d became leader at term 2
Apr 16 02:18:20 m1.cockpit.lan etcd[7797]: raft.node: 8e9e05c52164694d elected leader 8e9e05c52164694d at term 2
Apr 16 02:18:20 m1.cockpit.lan etcd[7797]: setting up the initial cluster version to 3.2
Apr 16 02:18:20 m1.cockpit.lan etcd[7797]: published {Name:default ClientURLs:[http://localhost:2379]} to cluster cdf818194e3a8c32
Apr 16 02:18:20 m1.cockpit.lan systemd[1]: Started Etcd Server.
Apr 16 02:18:20 m1.cockpit.lan etcd[7797]: ready to serve client requests
Apr 16 02:18:20 m1.cockpit.lan etcd[7797]: serving insecure client requests on 127.0.0.1:2379, this is strongly discouraged!
Apr 16 02:18:20 m1.cockpit.lan etcd[7797]: set the initial cluster version to 3.2
Apr 16 02:18:20 m1.cockpit.lan etcd[7797]: enabled capabilities for version 3.2

Somehow dnf upgrade --enablerepo=updates-testing etcd and dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2019-049b108f40 say "nothing to do", so it seems this isn't yet published. However, I downloaded the build manually with koji download-build, and it fails again:

# systemctl status -l etcd
● etcd.service - Etcd Server
   Loaded: loaded (/usr/lib/systemd/system/etcd.service; disabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Tue 2019-04-16 02:25:42 EDT; 2min 33s ago
  Process: 23291 ExecStart=/bin/bash -c GOMAXPROCS=$(nproc) /usr/bin/etcd --name="${ETCD_NAME}" --data-dir="${ETCD_DATA_DIR}" --listen-client-urls="${ETCD_LISTEN_>
 Main PID: 23291 (code=exited, status=1/FAILURE)
      CPU: 16ms

Apr 16 02:25:42 m1.cockpit.lan systemd[1]: Starting Etcd Server...
Apr 16 02:25:42 m1.cockpit.lan etcd[23291]: recognized and used environment variable ETCD_ADVERTISE_CLIENT_URLS=http://localhost:2379
Apr 16 02:25:42 m1.cockpit.lan etcd[23291]: conflicting environment variable "ETCD_LISTEN_CLIENT_URLS" is shadowed by corresponding command-line flag (either unset environment variable or disable flag)
Apr 16 02:25:42 m1.cockpit.lan systemd[1]: etcd.service: Main process exited, code=exited, status=1/FAILURE
Apr 16 02:25:42 m1.cockpit.lan systemd[1]: etcd.service: Failed with result 'exit-code'.
Apr 16 02:25:42 m1.cockpit.lan systemd[1]: Failed to start Etcd Server.

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.

a year ago
User Icon eclipseo commented & provided feedback a year ago

Caused by https://github.com/etcd-io/etcd/pull/9382 Will fix our service file accordingly.

This update has been obsoleted by etcd-3.3.12-4.20190413gitf29b1ad.fc29.

a year ago

Please login to add feedback.

Metadata
Type
security
Karma
-1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Dates
submitted
a year ago
in testing
a year ago
BZ#1514762 etcd-3.3.12 is available
0
0
BZ#1552714 CVE-2018-1098 etcd: Cross-site request forgery via crafted local POST forms
0
0
BZ#1552717 CVE-2018-1099 etcd: DNS rebinding vulnerability in etcd server
0
0
BZ#1552720 CVE-2018-1098 CVE-2018-1099 etcd: various flaws [fedora-all]
0
0
BZ#1607180 during build, vendor'ed files are used
0
0
BZ#1651034 CVE-2018-16886 etcd: Improper Authentication in auth/store.go:AuthInfoFromTLS() via gRPC-gateway
0
0
BZ#1665782 CVE-2018-16886 etcd: Improper Authentication in auth/store.go:AuthInfoFromTLS() via gRPC-gateway [fedora-all]
0
0

Automated Test Results