[#261695] p9 EPERM unzip.git=6.0-alt4

Girar awaiter (sin) girar-builder at altlinux.org
Fri Nov 13 01:17:30 MSK 2020


http://git.altlinux.org/tasks/261695/logs/events.1.1.log

subtask  name   aarch64  armh  i586  ppc64le  x86_64
   #100  unzip       31    44    29       36      28

2020-Nov-12 22:13:47 :: task #261695 for p9 started by sin:
2020-Nov-12 22:13:47 :: message: security_update
#100 build 6.0-alt4 from /people/sin/packages/unzip.git fetched at 2020-Nov-12 22:13:46
2020-Nov-12 22:13:48 :: [x86_64] #100 unzip.git 6.0-alt4: build start
2020-Nov-12 22:13:48 :: [i586] #100 unzip.git 6.0-alt4: build start
2020-Nov-12 22:13:48 :: [ppc64le] #100 unzip.git 6.0-alt4: build start
2020-Nov-12 22:13:48 :: [armh] #100 unzip.git 6.0-alt4: build start
2020-Nov-12 22:13:48 :: [aarch64] #100 unzip.git 6.0-alt4: build start
2020-Nov-12 22:14:16 :: [x86_64] #100 unzip.git 6.0-alt4: build OK
2020-Nov-12 22:14:17 :: [i586] #100 unzip.git 6.0-alt4: build OK
2020-Nov-12 22:14:19 :: [aarch64] #100 unzip.git 6.0-alt4: build OK
2020-Nov-12 22:14:24 :: [ppc64le] #100 unzip.git 6.0-alt4: build OK
2020-Nov-12 22:14:32 :: [armh] #100 unzip.git 6.0-alt4: build OK
2020-Nov-12 22:14:44 :: #100: unzip.git 6.0-alt4: build check OK
2020-Nov-12 22:14:44 :: build check OK
2020-Nov-12 22:14:49 :: noarch check OK
2020-Nov-12 22:14:51 :: plan: src +1 -1 =18119, aarch64 +2 -2 =30083, armh +2 -2 =27755, i586 +2 -2 =32162, ppc64le +2 -2 =30397, x86_64 +2 -2 =32499
#100 unzip 6.0-alt2.qa1 -> 6.0-alt4
 Fri Nov 13 2020 Evgeny Sinelnikov <sin at altlinux> 6.0-alt4
 - Build with bzip2 compression method support
 - Massive apply security patches from Fedora and openSUSE
 - Fixes:
   + CVE-2014-8139 CRC32 verification heap-based buffer overread
   + CVE-2014-8140 out-of-bounds write issue in test_compr_eb()
   + CVE-2014-8141 getZip64Data() out-of-bounds read issues
   + CVE-2014-9913 buffer overflow in zipinfo
   + CVE-2014-9636 out-of-bounds read or write and crash
   + CVE-2015-7696 fix for heap overflow
 [...]
2020-Nov-12 22:14:51 :: unzip: mentions vulnerabilities: CVE-2014-8139 CVE-2014-8140 CVE-2014-8141 CVE-2014-9913 CVE-2014-9636 CVE-2015-7696 CVE-2015-7697 CVE-2016-9844 CVE-2014-9913 CVE-2018-1000035 CVE-2018-18384
2020-Nov-12 22:15:27 :: patched apt indices
2020-Nov-12 22:15:38 :: created next repo
2020-Nov-12 22:15:48 :: duplicate provides check OK
2020-Nov-12 22:16:24 :: dependencies check OK
2020-Nov-12 22:16:46 :: [x86_64 i586 aarch64 ppc64le armh] ELF symbols check OK
2020-Nov-12 22:17:00 :: [i586] #100 unzip: install check OK
2020-Nov-12 22:17:01 :: [x86_64] #100 unzip: install check OK
2020-Nov-12 22:17:05 :: [i586] #100 unzip-debuginfo: install check OK
2020-Nov-12 22:17:06 :: [x86_64] #100 unzip-debuginfo: install check OK
2020-Nov-12 22:17:21 :: [x86_64-i586] generated apt indices
2020-Nov-12 22:17:21 :: [x86_64-i586] created next repo
2020-Nov-12 22:17:28 :: [x86_64-i586] dependencies check OK
2020-Nov-12 22:17:28 :: gears inheritance check OK
2020-Nov-12 22:17:28 :: srpm inheritance check OK
girar-check-perms: access to unzip DENIED for sin: project `unzip' is not listed in acl file for repository `p9'
check-subtask-perms: #100: unzip: needs approvals from members of @maint and @tester groups
2020-Nov-12 22:17:30 :: acl check FAILED
2020-Nov-12 22:17:30 :: task #261695 for p9 EPERM


More information about the Sisyphus-incominger mailing list