From 8c1778faed31ab3534818e45f9ae320beef3caa6 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Aug 03 2021 08:12:12 +0000 Subject: import rh-varnish6-varnish-6.0.8-2.el7 --- diff --git a/.gitignore b/.gitignore index a94e32c..69df369 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ SOURCES/pkg-varnish-cache-5b97619.tar.gz -SOURCES/varnish-6.0.6.tgz +SOURCES/varnish-6.0.8.tgz diff --git a/.rh-varnish6-varnish.metadata b/.rh-varnish6-varnish.metadata index 0e28b0f..a72fd96 100644 --- a/.rh-varnish6-varnish.metadata +++ b/.rh-varnish6-varnish.metadata @@ -1,2 +1,2 @@ 91352a70dcc046774a2d5cc8c1b778021dd3d58e SOURCES/pkg-varnish-cache-5b97619.tar.gz -c9cdd61f46d70b1bf8cb5eac3510aa3f4cf5c326 SOURCES/varnish-6.0.6.tgz +7c5e50eabcd3c0ddb6c463ba4645678a2f71233a SOURCES/varnish-6.0.8.tgz diff --git a/SOURCES/varnish-6.0.8-use-python2.patch b/SOURCES/varnish-6.0.8-use-python2.patch new file mode 100644 index 0000000..e6e6b98 --- /dev/null +++ b/SOURCES/varnish-6.0.8-use-python2.patch @@ -0,0 +1,148 @@ +diff --git a/configure.ac b/configure.ac +index 55289f6..990115b 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -41,35 +41,33 @@ AC_ARG_WITH([rst2man], + AS_HELP_STRING([--with-rst2man=PATH], [Location of rst2man (auto)]), + [RST2MAN="$withval"], + AC_CHECK_PROGS(RST2MAN, +- [rst2man-3.6 rst2man-3 rst2man rst2man.py], ++ [rst2man rst2man.py rst2man-3.6 rst2man-2.7], + [no])) + if test "x$RST2MAN" = "xno"; then + AC_MSG_ERROR( +- [rst2man is needed to build Varnish, please install python3-docutils.]) ++ [rst2man is needed to build Varnish, please install python-docutils.]) + fi + + AC_ARG_WITH([sphinx-build], + AS_HELP_STRING([--with-sphinx-build=PATH], [Location of sphinx-build (auto)]), + [SPHINX="$withval"], + AC_CHECK_PROGS(SPHINX, +- [sphinx-build-3.6 sphinx-build-3 sphinx-build], ++ [sphinx-build sphinx-build-3.6 sphinx-build-2.7], + [no])) + if test "x$SPHINX" = "xno"; then + AC_MSG_ERROR( +- [sphinx-build is needed to build Varnish, please install python3-sphinx.]) ++ [sphinx-build is needed to build Varnish, please install python-sphinx.]) + fi + + AC_ARG_WITH([rst2html], +- AS_HELP_STRING([--with-rst2html=PATH], [Location of rst2html (auto)]), +- [RST2HTML="$withval"], +- AC_CHECK_PROGS(RST2HTML, +- [rst2html-3.6 rst2html-3 rst2html rst2html.py], +- "no")) ++ AS_HELP_STRING([--with-rst2html=PATH], ++ [Location of rst2html (auto)]), ++ [RST2HTML="$withval"], ++ [AC_CHECK_PROGS(RST2HTML, [rst2html rst2html.py], "no") ++ if test "x$RST2HTML" = "xno"; then ++ AC_MSG_WARN([rst2html not found - not building changelog]) ++ fi]) + AM_CONDITIONAL(HAVE_RST2HTML,[test "x$RST2HTML" != "xno"]) +-if test "x$RST2HTML" = "xno"; then +- AC_MSG_ERROR( +- [rst2html not found - (Weird, we found rst2man?!)]) +-fi + + AC_ARG_WITH([dot], + AS_HELP_STRING([--with-dot=PATH], +diff --git a/doc/sphinx/vtc-syntax.py b/doc/sphinx/vtc-syntax.py +index 8b15ca7..6d4946d 100644 +--- a/doc/sphinx/vtc-syntax.py ++++ b/doc/sphinx/vtc-syntax.py +@@ -29,6 +29,7 @@ + # Process various varnishtest C files and output reStructuredText to be + # included in vtc(7). + ++from __future__ import print_function + import sys + import re + +@@ -38,7 +39,7 @@ def parse_file(fn, cl, tl, sl): + section = "" + resec = re.compile("[ /]\* SECTION: ") + +- f = open(fn, "r", encoding="UTF-8") ++ f = open(fn, "r") + + for l in f: + if "*/" in l: +diff --git a/lib/libvcc/generate.py b/lib/libvcc/generate.py +index be3dd32..0118d79 100755 +--- a/lib/libvcc/generate.py ++++ b/lib/libvcc/generate.py +@@ -30,6 +30,8 @@ + # Generate various .c and .h files for the VCL compiler and the interfaces + # for it. + ++from __future__ import print_function ++ + ####################################################################### + # These are our tokens + +diff --git a/lib/libvcc/vmodtool.py b/lib/libvcc/vmodtool.py +index 35c19e9..14f93b1 100755 +--- a/lib/libvcc/vmodtool.py ++++ b/lib/libvcc/vmodtool.py +@@ -33,6 +33,9 @@ Read the vmod.vcc file (inputvcc) and produce: + vmod_${name}.rst -- Extracted documentation + """ + ++# This script should work with both Python 2 and Python 3. ++from __future__ import print_function ++ + import os + import sys + import re +diff --git a/lib/libvcc/vsctool.py b/lib/libvcc/vsctool.py +index d95b66e..e65b007 100644 +--- a/lib/libvcc/vsctool.py ++++ b/lib/libvcc/vsctool.py +@@ -35,6 +35,8 @@ the same general syntax as a `.rst` file, but for now we process + it with this program to get a *real* `.rst` file. + ''' + ++from __future__ import print_function ++ + import getopt + import json + import sys +diff --git a/varnish-legacy.m4 b/varnish-legacy.m4 +index 9f67359..e5e2821 100644 +--- a/varnish-legacy.m4 ++++ b/varnish-legacy.m4 +@@ -98,10 +98,9 @@ AC_SUBST([VMOD_DIR]) + + AC_DEFUN([VARNISH_VMODTOOL], + [ +-AC_CHECK_PROGS(PYTHON, [python3.9 python3.8 python3.7 python3.6 python3.5 dnl +- python3.4 python3 python, "no"]) ++AC_CHECK_PROGS(PYTHON, [python3 python3.1 python3.2 python2.7 python2.6 python2.5 python2 python], "no") + if test "x$PYTHON" = "xno"; then +- AC_MSG_ERROR([Python >= 3.4 is needed to build, please install python.]) ++ AC_MSG_ERROR([Python is needed to build, please install python.]) + fi + VARNISH_PKG_GET_VAR([VMODTOOL], [vmodtool]) + AC_SUBST([VMODTOOL]) +diff --git a/varnish.m4 b/varnish.m4 +index 392c36c..71df96d 100644 +--- a/varnish.m4 ++++ b/varnish.m4 +@@ -130,10 +130,10 @@ AC_DEFUN([_VARNISH_CHECK_DEVEL], [ + # --------------------- + AC_DEFUN([_VARNISH_CHECK_PYTHON], [ + m4_define_default([_AM_PYTHON_INTERPRETER_LIST], +- [python3.9 python3.8 python3.7 python3.6 python3.5 dnl +- python3.4 python3 python]) +- AM_PATH_PYTHON([3.4], [], [ +- AC_MSG_ERROR([Python >= 3.4 is required.]) ++[python3.9 python3.8 python3.7 python3.6 python3.5 python3.4 python2.7 dnl ++python python2 python3]) ++ AM_PATH_PYTHON([2.7], [], [ ++ AC_MSG_ERROR([Python >= 2.7 is required.]) + ]) + + ]) diff --git a/SPECS/varnish.spec b/SPECS/varnish.spec index 6a88b42..4ed0c70 100644 --- a/SPECS/varnish.spec +++ b/SPECS/varnish.spec @@ -20,8 +20,8 @@ Summary: High-performance HTTP accelerator Name: %{?scl:%scl_prefix}varnish -Version: 6.0.6 -Release: 1%{?dist} +Version: 6.0.8 +Release: 2%{?dist} License: BSD Group: System Environment/Daemons URL: http://www.varnish-cache.org/ @@ -31,6 +31,7 @@ Source2: scl-register-helper.sh Patch0: varnish.scl.patch Patch1: varnish-4.1.0.fix_find-provides.patch Patch2: varnish-6.0.2.fix_ld_library_path_in_doc_build.patch +Patch3: varnish-6.0.8-use-python2.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -47,6 +48,7 @@ BuildRequires: libedit-devel BuildRequires: %{?scl:%scl_prefix}jemalloc-devel BuildRequires: gcc BuildRequires: make +BuildRequires: autoconf, libtool %if 0%{?rhel} == 6 BuildRequires: selinux-policy @@ -144,11 +146,7 @@ ln -s pkg-varnish-cache-%{commit1}/debian debian %patch0 -p1 -b .scl %patch1 -p0 %patch2 -p1 - -for f in configure configure.ac; do - sed -i 's|ljemalloc|l%{scl}jemalloc|g' $f - sed -i '/^VARNISH_STATE_DIR=/s,varnish,%{name},' $f -done +%patch3 -p1 sed -i 's/varnishabi-/%{name}-varnishabi-/g' redhat/find-provides @@ -171,6 +169,14 @@ export LDFLAGS="-L%{_libdir} -Wl,-rpath,%{_libdir} %{__global_ldflags}" export RST2MAN=/bin/true export AM_LT_LDFLAGS="-release %{scl}" + +autoreconf -i + +for f in configure configure.ac; do + sed -i 's|ljemalloc|l%{scl}jemalloc|g' $f + sed -i '/^VARNISH_STATE_DIR=/s,varnish,%{name},' $f +done + %configure --disable-static \ %ifarch aarch64 --with-jemalloc=no \ @@ -486,6 +492,11 @@ fi %endif %changelog +* Thu Jul 22 2021 Luboš Uhliarik - 6.0.8-2 +- new version 6.0.8 +- Resolves: #1982865 - CVE-2021-36740 rh-varnish6: varnish: HTTP/2 request + smuggling attack via a large Content-Length header for a POST request + * Thu Apr 02 2020 Lubos Uhliarik - 6.0.6-1 - update to Varnish 6.0.6 - Resolves: #1819937 - rh-varnish6-varnish: varnish: remote clients may