[#309479] p10 EPERM glpi.git=9.5.10-alt1
Girar awaiter (zidex)
girar-builder at altlinux.org
Fri Nov 4 02:44:26 MSK 2022
https://git.altlinux.org/tasks/309479/logs/events.1.1.log
subtask name aarch64 armh i586 ppc64le x86_64
#100 glpi 1:27 2:09 59 1:39 54
2022-Nov-03 23:37:50 :: task #309479 for p10 started by zidex:
2022-Nov-03 23:37:50 :: message: security_fix
#100 build 9.5.10-alt1 from /people/zidex/packages/glpi.git fetched at 2022-Nov-03 21:40:57
2022-Nov-03 23:37:52 :: [aarch64] #100 glpi.git 9.5.10-alt1: build start
2022-Nov-03 23:37:53 :: [x86_64] #100 glpi.git 9.5.10-alt1: build start
2022-Nov-03 23:37:53 :: [i586] #100 glpi.git 9.5.10-alt1: build start
2022-Nov-03 23:37:53 :: [ppc64le] #100 glpi.git 9.5.10-alt1: build start
2022-Nov-03 23:37:53 :: [armh] #100 glpi.git 9.5.10-alt1: build start
2022-Nov-03 23:38:47 :: [x86_64] #100 glpi.git 9.5.10-alt1: build OK
2022-Nov-03 23:38:52 :: [i586] #100 glpi.git 9.5.10-alt1: build OK
2022-Nov-03 23:39:19 :: [aarch64] #100 glpi.git 9.5.10-alt1: build OK
2022-Nov-03 23:39:32 :: [ppc64le] #100 glpi.git 9.5.10-alt1: build OK
2022-Nov-03 23:40:02 :: [armh] #100 glpi.git 9.5.10-alt1: build OK
2022-Nov-03 23:40:24 :: #100: glpi.git 9.5.10-alt1: build check OK
2022-Nov-03 23:40:27 :: build check OK
2022-Nov-03 23:40:51 :: noarch check OK
2022-Nov-03 23:40:53 :: plan: src +1 -1 =17901, noarch +3 -3 =16503
#100 glpi 9.5.9-alt1 -> 9.5.10-alt1
Fri Nov 04 2022 Pavel Zilke <zidex at altlinux> 9.5.10-alt1
- New version 9.5.10
- This release fixes several security issues that has been recently discovered. Update is recommended!
- Security fixes:
+ CVE-2022-39276 : Blind SSRF in RSS feeds and planning
+ CVE-2022-39372 : Stored XSS in user information
+ CVE-2022-39376 : Improper input validation on emails links
+ CVE-2022-39370 : Improper access to debug panel
+ CVE-2022-39234 : User's session persist after permanently deleting his account
+ CVE-2022-39262 : Stored XSS on login page
[...]
2022-Nov-03 23:40:53 :: glpi: mentions vulnerabilities: CVE-2022-39276 CVE-2022-39372 CVE-2022-39376 CVE-2022-39370 CVE-2022-39234 CVE-2022-39262 CVE-2022-39277 CVE-2022-39375 CVE-2022-39323
2022-Nov-03 23:41:23 :: patched apt indices
2022-Nov-03 23:41:39 :: created next repo
2022-Nov-03 23:41:48 :: duplicate provides check OK
2022-Nov-03 23:42:36 :: dependencies check OK
2022-Nov-03 23:42:49 :: [x86_64] #100 glpi: install check OK
2022-Nov-03 23:42:49 :: [i586] #100 glpi: install check OK
2022-Nov-03 23:42:55 :: [x86_64] #100 glpi-apache2: install check OK
2022-Nov-03 23:42:57 :: [i586] #100 glpi-apache2: install check OK
2022-Nov-03 23:42:59 :: [aarch64] #100 glpi: install check OK
2022-Nov-03 23:43:02 :: [x86_64] #100 glpi-php7: install check OK
2022-Nov-03 23:43:03 :: [ppc64le] #100 glpi: install check OK
2022-Nov-03 23:43:04 :: [i586] #100 glpi-php7: install check OK
2022-Nov-03 23:43:11 :: [armh] #100 glpi: install check OK
2022-Nov-03 23:43:11 :: [aarch64] #100 glpi-apache2: install check OK
2022-Nov-03 23:43:17 :: [ppc64le] #100 glpi-apache2: install check OK
2022-Nov-03 23:43:23 :: [aarch64] #100 glpi-php7: install check OK
2022-Nov-03 23:43:29 :: [armh] #100 glpi-apache2: install check OK
2022-Nov-03 23:43:31 :: [ppc64le] #100 glpi-php7: install check OK
2022-Nov-03 23:43:47 :: [armh] #100 glpi-php7: install check OK
2022-Nov-03 23:43:48 :: gears inheritance check OK
2022-Nov-03 23:43:49 :: srpm inheritance check OK
girar-check-perms: access to glpi DENIED for zidex: project `glpi' is not listed in the acl file for repository `p10', and the policy for such projects in `p10' is to deny
check-subtask-perms: #100: glpi: needs approvals from members of @maint and @tester groups
2022-Nov-03 23:43:51 :: acl check FAILED
2022-Nov-03 23:44:12 :: created contents_index files
2022-Nov-03 23:44:22 :: created hash files: noarch src
2022-Nov-03 23:44:25 :: task #309479 for p10 EPERM
More information about the Sisyphus-incominger
mailing list