[check-mk/el6] Merge the changes we want from master
averi
averi at fedoraproject.org
Wed Sep 17 22:57:06 UTC 2014
commit 071b3c57301f639ed91ea611cfc53fa7c4f44afb
Author: Andrea Veri <av at gnome.org>
Date: Thu Sep 18 00:57:01 2014 +0200
Merge the changes we want from master
.gitignore | 1 +
check-mk.spec | 35 +++++++++++++++++++++++++++++------
sources | 2 +-
3 files changed, 31 insertions(+), 7 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 49d8d19..e534987 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,4 @@
/check_mk-1.2.4.tar.gz
/check_mk-1.2.4p1.tar.gz
/check_mk-1.2.4p2.tar.gz
+/check_mk-1.2.4p5.tar.gz
diff --git a/check-mk.spec b/check-mk.spec
index 6853849..64ca860 100644
--- a/check-mk.spec
+++ b/check-mk.spec
@@ -1,8 +1,8 @@
%define _requires_exceptions pear(default.php)
Name: check-mk
-Version: 1.2.4p2
-Release: 2%{?dist}
+Version: 1.2.4p5
+Release: 1%{?dist}
Summary: A new general purpose Nagios-plugin for retrieving data
Group: Applications/Internet
License: GPLv2 and GPLv3
@@ -15,6 +15,7 @@ Requires: mod_python
Source1: First-Installation.txt
Source2: defaults
Source3: defaults.py
+Patch0: 01-Set-Legacy-Eval-True.patch
AutoReq: 0
# Do not provide from a documentation
@@ -71,6 +72,9 @@ This package contains the check-mk's web interface aka WATO.
%prep
%setup -q -n check_mk-%{version}
tar xf agents.tar.gz
+tar xf web.tar.gz && rm -f web.tar.gz
+%patch0 -p0
+tar zcf web.tar.gz htdocs plugins
%build
rm -f waitmax
@@ -96,7 +100,8 @@ install -d -m 755 %{buildroot}%{_datadir}/check-mk-agent
install -d -m 755 %{buildroot}%{_datadir}/check-mk-agent/plugins
install -d -m 755 %{buildroot}%{_datadir}/check-mk-agent/local
install -m 644 plugins/mk_logwatch %{buildroot}%{_datadir}/check-mk-agent/plugins
-install -m 644 plugins/j4p_performance %{buildroot}%{_datadir}/check-mk-agent/plugins
+# The j4p_performance plugin has been deprecated.
+#install -m 644 plugins/j4p_performance %{buildroot}%{_datadir}/check-mk-agent/plugins
install -m 644 plugins/mk_oracle %{buildroot}%{_datadir}/check-mk-agent/plugins
install -m 644 plugins/sylo %{buildroot}%{_datadir}/check-mk-agent/plugins
@@ -185,6 +190,9 @@ rm -rf %{buildroot}%{_datadir}/check_mk/agents/solaris/
rm -rf %{buildroot}%{_datadir}/check_mk/agents/hpux/
rm -rf %{buildroot}%{_datadir}/check_mk/agents/sap/
+# Remove deprecated agent plugins.
+rm -rf %{buildroot}%{_datadir}/check_mk/agents/plugins/j4p_performance
+
# Remove Windows files.
rm -rf %{buildroot}%{_docdir}/check_mk/windows/
rm -rf %{buildroot}%{_datadir}/check_mk/agents/windows/
@@ -223,11 +231,10 @@ rmdir %{buildroot}%{_prefix}/lib/check_mk
%{_bindir}/mkp
%{_bindir}/check_mk
%config(noreplace) %{_sysconfdir}/check_mk/main.mk
-%config(noreplace) %{_sysconfdir}/check_mk/main.mk-1.2.4p2
+%config(noreplace) %{_sysconfdir}/check_mk/main.mk-1.2.4p5
%{_sysconfdir}/check_mk/First-Installation.txt
%{_sysconfdir}/check_mk/conf.d
%{_sysconfdir}/nagios/auth.serials
-%{_datadir}/check_mk/agents
%{_datadir}/check_mk/modules
%{_datadir}/check_mk/checks
%{_datadir}/check_mk/pnp-templates
@@ -239,6 +246,7 @@ rmdir %{buildroot}%{_prefix}/lib/check_mk
%doc COPYING ChangeLog AUTHORS
%files agent
+%{_datadir}/check_mk/agents
%{_bindir}/check_mk_agent
%{_bindir}/waitmax
%{_bindir}/mk-job
@@ -254,7 +262,7 @@ rmdir %{buildroot}%{_prefix}/lib/check_mk
%files multisite
%{_datadir}/check_mk/web
%config(noreplace) %{_sysconfdir}/check_mk/multisite.mk
-%config(noreplace) %{_sysconfdir}/check_mk/multisite.mk-1.2.4p2
+%config(noreplace) %{_sysconfdir}/check_mk/multisite.mk-1.2.4p5
%{_sysconfdir}/check_mk/multisite.d
%attr(660, apache, nagios) %{_sysconfdir}/check_mk/conf.d/wato
@@ -263,6 +271,21 @@ rmdir %{buildroot}%{_prefix}/lib/check_mk
%{_libdir}/check_mk
%changelog
+* Wed Sep 17 2014 Andrea Veri <averi at fedoraproject.org> - 1.2.4p5-1
+- New upstream release. Fixes CVEs:
+ - CVE-2014-5338
+ - CVE-2014-5339
+ - CVE-2014-5340 (BZ: #1132337, #1132339, #1132341)
+- Stop shipping the j4p_performance plugin as it's deprecated. (BZ: #1133068)
+- Turn Wato_Legacy_Eval as True as we want to prevent breakages
+ between machines running different Python and/or check-mk releases.
+ This is necessary after the 'ast' move from 'pickle' (that was
+ generating a insecure API call), however the 'ast' module is still
+ not available for RHEL / CentOS 5 machines. The patch is there to
+ avoid miscommunications between different distribution releases. More
+ information is available at:
+ http://mathias-kettner.com/check_mk_werks.php?werk_id=984.
+
* Tue May 27 2014 Andrea Veri <averi at fedoraproject.org> - 1.2.4p2-2
- Install the mk-job binary on /usr/bin.
- Make sure the proper permissions are given to /var/lib/check_mk_agent/job
diff --git a/sources b/sources
index 2153953..6d6a60d 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-1162c007d89558bc20c5655e35a0ba94 check_mk-1.2.4p2.tar.gz
+ef3055d191bd38295d1716b3f7824115 check_mk-1.2.4p5.tar.gz
More information about the scm-commits
mailing list