globus-ftp-client

  • Adapt to Perl 5.26 - POSIX::tmpnam() no longer available
  • Remove some redundant tests to reduce test time

globus-ftp-control

  • Fix hang/failure when using udt driver with local client transfer

globus-gass-cache-program

  • GT6 update

globus-gass-copy

  • Don't attempt sshftp data protection without creds (9.24)
  • Checksum verification based on contribution from IBM (9.24)
  • Fix uninitialized field related crash (9.25)
  • Remove checksum data from public handle (9.26)
  • Prevent some race conditions (9.27)

globus-gram-client

  • GT6 update

globus-gram-job-manager

  • Default to running personal gatekeeper on an ephemeral port

globus-gram-job-manager-condor

  • Make noarch build arch independent

globus-gridftp-server

  • New error message format (12.0)
  • Configuration database (12.0)
  • Better delay for end of session ref check (12.1)
  • Fix tests when getgroups() does not return effective gid (12.2)

globus-gridftp-server-control

  • Fix mem error on empty mlsc responses

globus-gssapi-gsi

  • Don't unlock unlocked mutex (12.14)
  • Remove legacy SSLv3 support (12.15)
  • Test fixes (12.16/12.17)
  • Put back use of SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for compatibility with Bestman (12.17-3)
  • Drop patch globus-gssapi-gsi-mutex-unlock.patch (fixed upstream 12.14)

globus-io

  • Remove legacy SSLv3 support

globus-net-manager

  • Fix .pc typo
  • Drop patch globus-net-manager-pkgconfig.patch (fixed upstream)

globus-xio

  • Don't rely on globus_error_put(NULL) to be GLOBUS_SUCCESS (5.15)
  • Fix crash in error handling in http driver (5.16)

globus-xio-gsi-driver

  • Fix crash when checking for anonymous GSS name when name comparison fails

globus-xio-pipe-driver

  • Fix .pc typo

globus-xio-udt-driver

  • Don't force --static flag to pkg-config
  • Drop some BuildRequires no longer needed with above change
  • Fix undefined symbols during linking

myproxy

  • Fix error check (6.1.26)
  • Remove legacy SSLv3 support (6.1.27)
This update has been submitted for testing by ellert. 2 years ago
This update has been pushed to testing. 2 years ago

What's the security implcations of this update? Is one of the crashes triggerable? Cheers

ellert edited this update. New build(s): - globus-gssapi-gsi-12.17-1.el6 - globus-gram-client-13.18-1.el6 - globus-xio-udt-driver-1.28-1.el6 - globus-ftp-client-8.36-1.el6 Removed build(s): - globus-ftp-client-8.35-2.el6 - globus-gssapi-gsi-12.16-1.el6 - globus-xio-udt-driver-1.27-1.el6 Karma has been reset. 2 years ago
This update has been submitted for testing by ellert. 2 years ago
This update has been pushed to testing. 2 years ago
ellert edited this update. New build(s): - globus-gram-job-manager-condor-2.6-5.el6 Karma has been reset. 2 years ago
This update has been submitted for testing by ellert. 2 years ago
This update has been pushed to testing. 2 years ago

Hi Mattias,

Please, hold this update on testing. For some reason is causing issues with gfal2 and srm. https://its.cern.ch/jira/browse/DMC-974

I am trying to find out what broke what.

User Icon aalvarez commented & provided feedback 2 years ago
karma

Hello again,

Sorry I need to downvote this update, but it looks like the commit 34813cc29eaa519482626a3c3576f5f7708653a6 introduced a change that breaks the interaction with Bestman endpoints.

Specifically these lines https://github.com/globus/globus-toolkit/commit/34813cc29eaa519482626a3c3576f5f7708653a6#diff-3a9f71c771ae39d522a3ef8e9dbe4162L519

They removed SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS, and Bestman doesn't seem to like empty fragments. It ends with a "0" prepended to the actual payload, which results on things like

HTTP/1.1 501 Method 0POST is not defined in RFC 2068 and is not supported by the Servlet API

Granted, this is an issue with Bestman, no the package itself, but if this goes into production, then all transfers to/from Bestman endpoints are going to break.

Also, Bestman is on it's EOL, so it is unlikely this will get patched. Do you think this could be re-enabled for the moment being?

Regards.

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe. 2 years ago
This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes 2 years ago
ellert edited this update. New build(s): - globus-gridftp-server-control-5.1-1.el6 - globus-gram-client-13.19-1.el6 - globus-ftp-control-7.8-1.el6 Removed build(s): - globus-gram-client-13.18-1.el6 Karma has been reset. 2 years ago
This update has been submitted for testing by ellert. 2 years ago

Hi Alejandro.

Thank you for your feedback and for investigating the issue and suggesting a solution. I have made a scratch build that implements your fix. Could you confirm that it restores functionality for you.

EPEL6: https://koji.fedoraproject.org/koji/taskinfo?taskID=20921582

ellert edited this update. New build(s): - globus-gssapi-gsi-12.17-3.el6 Removed build(s): - globus-gssapi-gsi-12.17-1.el6 Karma has been reset. 2 years ago
This update has been pushed to testing. 2 years ago
User Icon matyas commented & provided feedback 2 years ago
karma

Ran the Open Science Grid test suite on it and nothing broke for us.

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes 2 years ago
This update has been submitted for stable by ellert. 2 years ago
This update has been pushed to stable. 2 years ago

Please login to add feedback.

Automated Test Results