[check-mk/el6] Merge the changes we want from master

averi averi at fedoraproject.org
Wed Sep 17 22:57:06 UTC 2014 

commit 071b3c57301f639ed91ea611cfc53fa7c4f44afb
Author: Andrea Veri <av at gnome.org>
Date:   Thu Sep 18 00:57:01 2014 +0200

    Merge the changes we want from master

 .gitignore    |    1 +
 check-mk.spec |   35 +++++++++++++++++++++++++++++------
 sources       |    2 +-
 3 files changed, 31 insertions(+), 7 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 49d8d19..e534987 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,4 @@
 /check_mk-1.2.4.tar.gz
 /check_mk-1.2.4p1.tar.gz
 /check_mk-1.2.4p2.tar.gz
+/check_mk-1.2.4p5.tar.gz
diff --git a/check-mk.spec b/check-mk.spec
index 6853849..64ca860 100644
--- a/check-mk.spec
+++ b/check-mk.spec
@@ -1,8 +1,8 @@
 %define _requires_exceptions pear(default.php)
 
 Name:		check-mk
-Version:	1.2.4p2
-Release:	2%{?dist}
+Version:	1.2.4p5
+Release:	1%{?dist}
 Summary:	A new general purpose Nagios-plugin for retrieving data
 Group:		Applications/Internet
 License:	GPLv2 and GPLv3
@@ -15,6 +15,7 @@ Requires:	mod_python
 Source1:	First-Installation.txt
 Source2:	defaults
 Source3:	defaults.py
+Patch0:		01-Set-Legacy-Eval-True.patch
 AutoReq:	0
 
 # Do not provide from a documentation
@@ -71,6 +72,9 @@ This package contains the check-mk's web interface aka WATO.
 %prep
 %setup -q -n check_mk-%{version}
 tar xf agents.tar.gz
+tar xf web.tar.gz && rm -f web.tar.gz
+%patch0 -p0
+tar zcf web.tar.gz htdocs plugins
 
 %build
 rm -f waitmax
@@ -96,7 +100,8 @@ install -d -m 755 %{buildroot}%{_datadir}/check-mk-agent
 install -d -m 755 %{buildroot}%{_datadir}/check-mk-agent/plugins
 install -d -m 755 %{buildroot}%{_datadir}/check-mk-agent/local
 install -m 644 plugins/mk_logwatch %{buildroot}%{_datadir}/check-mk-agent/plugins
-install -m 644 plugins/j4p_performance %{buildroot}%{_datadir}/check-mk-agent/plugins
+# The j4p_performance plugin has been deprecated.
+#install -m 644 plugins/j4p_performance %{buildroot}%{_datadir}/check-mk-agent/plugins
 install -m 644 plugins/mk_oracle %{buildroot}%{_datadir}/check-mk-agent/plugins
 install -m 644 plugins/sylo %{buildroot}%{_datadir}/check-mk-agent/plugins
 
@@ -185,6 +190,9 @@ rm -rf %{buildroot}%{_datadir}/check_mk/agents/solaris/
 rm -rf %{buildroot}%{_datadir}/check_mk/agents/hpux/
 rm -rf %{buildroot}%{_datadir}/check_mk/agents/sap/
 
+# Remove deprecated agent plugins.
+rm -rf %{buildroot}%{_datadir}/check_mk/agents/plugins/j4p_performance
+
 # Remove Windows files.
 rm -rf %{buildroot}%{_docdir}/check_mk/windows/
 rm -rf %{buildroot}%{_datadir}/check_mk/agents/windows/
@@ -223,11 +231,10 @@ rmdir %{buildroot}%{_prefix}/lib/check_mk
 %{_bindir}/mkp
 %{_bindir}/check_mk
 %config(noreplace) %{_sysconfdir}/check_mk/main.mk
-%config(noreplace) %{_sysconfdir}/check_mk/main.mk-1.2.4p2
+%config(noreplace) %{_sysconfdir}/check_mk/main.mk-1.2.4p5
 %{_sysconfdir}/check_mk/First-Installation.txt
 %{_sysconfdir}/check_mk/conf.d
 %{_sysconfdir}/nagios/auth.serials
-%{_datadir}/check_mk/agents
 %{_datadir}/check_mk/modules
 %{_datadir}/check_mk/checks
 %{_datadir}/check_mk/pnp-templates
@@ -239,6 +246,7 @@ rmdir %{buildroot}%{_prefix}/lib/check_mk
 %doc COPYING ChangeLog AUTHORS
 
 %files agent
+%{_datadir}/check_mk/agents
 %{_bindir}/check_mk_agent
 %{_bindir}/waitmax
 %{_bindir}/mk-job
@@ -254,7 +262,7 @@ rmdir %{buildroot}%{_prefix}/lib/check_mk
 %files multisite
 %{_datadir}/check_mk/web
 %config(noreplace) %{_sysconfdir}/check_mk/multisite.mk
-%config(noreplace) %{_sysconfdir}/check_mk/multisite.mk-1.2.4p2
+%config(noreplace) %{_sysconfdir}/check_mk/multisite.mk-1.2.4p5
 %{_sysconfdir}/check_mk/multisite.d
 %attr(660, apache, nagios) %{_sysconfdir}/check_mk/conf.d/wato
 
@@ -263,6 +271,21 @@ rmdir %{buildroot}%{_prefix}/lib/check_mk
 %{_libdir}/check_mk
 
 %changelog
+* Wed Sep 17 2014 Andrea Veri <averi at fedoraproject.org> - 1.2.4p5-1
+- New upstream release. Fixes CVEs:
+  - CVE-2014-5338 
+  - CVE-2014-5339
+  - CVE-2014-5340 (BZ: #1132337, #1132339, #1132341)
+- Stop shipping the j4p_performance plugin as it's deprecated. (BZ: #1133068)
+- Turn Wato_Legacy_Eval as True as we want to prevent breakages
+  between machines running different Python and/or check-mk releases.
+  This is necessary after the 'ast' move from 'pickle' (that was
+  generating a insecure API call), however the 'ast' module is still
+  not available for RHEL / CentOS 5 machines. The patch is there to 
+  avoid miscommunications between different distribution releases. More
+  information is available at:
+  http://mathias-kettner.com/check_mk_werks.php?werk_id=984.
+
 * Tue May 27 2014 Andrea Veri <averi at fedoraproject.org> - 1.2.4p2-2
 - Install the mk-job binary on /usr/bin.
 - Make sure the proper permissions are given to /var/lib/check_mk_agent/job
diff --git a/sources b/sources
index 2153953..6d6a60d 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-1162c007d89558bc20c5655e35a0ba94  check_mk-1.2.4p2.tar.gz
+ef3055d191bd38295d1716b3f7824115  check_mk-1.2.4p5.tar.gz

More information about the scm-commits mailing list