diff --git a/.gitignore b/.gitignore index 5991ecf..6bb2893 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/mstflint-4.13.3-2.tar.gz +SOURCES/mstflint-4.14.0-1.tar.gz diff --git a/.mstflint.metadata b/.mstflint.metadata index 7236b73..7a04323 100644 --- a/.mstflint.metadata +++ b/.mstflint.metadata @@ -1 +1 @@ -d77fe8bf03a63ef51ff362c9f6367c2657e0b2c9 SOURCES/mstflint-4.13.3-2.tar.gz +a40914d0212dba225576b83172ef9fec50db1150 SOURCES/mstflint-4.14.0-1.tar.gz diff --git a/SOURCES/0001-Fix-a-format-security-compilation-defect.patch b/SOURCES/0001-Fix-a-format-security-compilation-defect.patch new file mode 100644 index 0000000..2612b3c --- /dev/null +++ b/SOURCES/0001-Fix-a-format-security-compilation-defect.patch @@ -0,0 +1,45 @@ +From 28dfbf252a31b4e8c1d0f5e038f6889b7eadfc16 Mon Sep 17 00:00:00 2001 +From: Honggang Li +Date: Wed, 1 Apr 2020 10:52:12 +0800 +Subject: [PATCH] Fix a format security compilation defect + +subcommands.cpp:1852:42: error: format not a string literal and no format arguments [-Werror=format-security] +1852 | false, "N/A").c_str()); + +Signed-off-by: Honggang Li +--- + flint/subcommands.cpp | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/flint/subcommands.cpp b/flint/subcommands.cpp +index 7230f9a59f94..0f6440be7b28 100755 +--- a/flint/subcommands.cpp ++++ b/flint/subcommands.cpp +@@ -1847,7 +1847,7 @@ bool BurnSubCommand::checkFwVersion(bool CreateFromImgInfo, u_int16_t fw_ver0, u + char curr_ver[124], new_ver[124]; + printf("\n"); + printf(" Current FW version on flash: "); +- snprintf(curr_ver, 124, ++ snprintf(curr_ver, 124, "%s", + current.get_fw_version(VERSION_FORMAT(_devInfo.fw_info.fw_ver[1]), + false, "N/A").c_str()); + +@@ -1856,13 +1856,13 @@ bool BurnSubCommand::checkFwVersion(bool CreateFromImgInfo, u_int16_t fw_ver0, u + + printf(" New FW version: "); + if (CreateFromImgInfo) { +- snprintf(new_ver, 124, ++ snprintf(new_ver, 124, "%s", + new_version.get_fw_version( + VERSION_FORMAT(_imgInfo.fw_info.fw_ver[1]), false, + "N/A").c_str()); + } + else { +- snprintf(new_ver, 124, ++ snprintf(new_ver, 124, "%s", + new_version.get_fw_version(VERSION_FORMAT(fw_ver1), false, + "N/A").c_str()); + } +-- +2.25.1 + diff --git a/SPECS/mstflint.spec b/SPECS/mstflint.spec index d4d171f..cbc0de7 100644 --- a/SPECS/mstflint.spec +++ b/SPECS/mstflint.spec @@ -2,15 +2,16 @@ Name: mstflint Summary: Mellanox firmware burning tool -Version: 4.13.3 -Release: 2%{?dist} +Version: 4.14.0 +Release: 1%{?dist} License: GPLv2+ or BSD Group: Applications/System -Source: https://github.com/Mellanox/mstflint/releases/download/v4.13.3-2/mstflint-4.13.3-2.tar.gz +Source: https://github.com/Mellanox/mstflint/releases/download/v4.14.0-1/mstflint-4.14.0-1.tar.gz Patch2: 0001-Fix-shebang-for-python-scripts.patch Patch3: extend-buffer.patch Patch4: add-default-link-flags-for-shared-libraries.patch Patch6: replace-mlxfwreset-with-mstfwreset-in-mstflint-message.patch +Patch7: 0001-Fix-a-format-security-compilation-defect.patch Url: https://github.com/Mellanox/mstflint BuildRequires: libstdc++-devel, zlib-devel, libibmad-devel, gcc-c++, gcc BuildRequires: libcurl-devel, boost-devel, libxml2-devel, openssl-devel @@ -31,6 +32,7 @@ for network adapters based on Mellanox Technologies chips. %patch3 -p1 %patch4 -p1 %patch6 -p1 +%patch7 -p1 find . -type f -iname '*.[ch]' -exec chmod a-x '{}' ';' find . -type f -iname '*.cpp' -exec chmod a-x '{}' ';' @@ -58,6 +60,10 @@ find %{buildroot} -type f -name '*.a' -delete %{_mandir}/man1/* %changelog +* Thu Apr 16 2020 Honggang Li - 4.14.0-1 +- Rebase to latest upstream release v4.14.0-1 +- Resolves: bz1789386 + * Thu Jan 16 2020 Honggang Li - 4.13.3-2 - Rebase to latest upstream release v4.13.3-2 - Resolves: bz1788927