|
|
|
|
@ -8,7 +8,7 @@
|
|
|
|
|
|
|
|
|
|
Name: haproxy
|
|
|
|
|
Version: 2.4.17
|
|
|
|
|
Release: 3%{?dist}.2
|
|
|
|
|
Release: 6%{?dist}
|
|
|
|
|
Summary: HAProxy reverse proxy for high availability environments
|
|
|
|
|
|
|
|
|
|
License: GPLv2+
|
|
|
|
|
@ -19,10 +19,11 @@ Source1: %{name}.service
|
|
|
|
|
Source2: %{name}.cfg
|
|
|
|
|
Source3: %{name}.logrotate
|
|
|
|
|
Source4: %{name}.sysconfig
|
|
|
|
|
Source5: halog.1
|
|
|
|
|
Source5: %{name}.sysusers
|
|
|
|
|
Source6: halog.1
|
|
|
|
|
|
|
|
|
|
Patch0: bz2174172-refuse-response-end-stream-flag.patch
|
|
|
|
|
Patch1: bz2174174-reject-empty-http-header-fields.patch
|
|
|
|
|
Patch0: bz2161140-refuse-response-end-stream-flag.patch
|
|
|
|
|
Patch1: bz2169510-reject-empty-http-header-fields.patch
|
|
|
|
|
|
|
|
|
|
BuildRequires: gcc
|
|
|
|
|
BuildRequires: lua-devel
|
|
|
|
|
@ -30,6 +31,7 @@ BuildRequires: pcre2-devel
|
|
|
|
|
BuildRequires: openssl-devel
|
|
|
|
|
BuildRequires: systemd-devel
|
|
|
|
|
BuildRequires: systemd
|
|
|
|
|
BuildRequires: systemd-rpm-macros
|
|
|
|
|
BuildRequires: make
|
|
|
|
|
|
|
|
|
|
Requires(pre): shadow-utils
|
|
|
|
|
@ -76,7 +78,8 @@ popd
|
|
|
|
|
%{__install} -p -D -m 0644 %{SOURCE2} %{buildroot}%{haproxy_confdir}/%{name}.cfg
|
|
|
|
|
%{__install} -p -D -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
|
|
|
|
|
%{__install} -p -D -m 0644 %{SOURCE4} %{buildroot}%{_sysconfdir}/sysconfig/%{name}
|
|
|
|
|
%{__install} -p -D -m 0644 %{SOURCE5} %{buildroot}%{_mandir}/man1/halog.1
|
|
|
|
|
%{__install} -p -D -m 0644 %{SOURCE5} %{buildroot}%{_sysusersdir}/%{name}.conf
|
|
|
|
|
%{__install} -p -D -m 0644 %{SOURCE6} %{buildroot}%{_mandir}/man1/halog.1
|
|
|
|
|
%{__install} -d -m 0755 %{buildroot}%{haproxy_homedir}
|
|
|
|
|
%{__install} -d -m 0755 %{buildroot}%{haproxy_datadir}
|
|
|
|
|
%{__install} -d -m 0755 %{buildroot}%{haproxy_confdir}/conf.d
|
|
|
|
|
@ -102,12 +105,7 @@ do
|
|
|
|
|
done
|
|
|
|
|
|
|
|
|
|
%pre
|
|
|
|
|
getent group %{haproxy_group} >/dev/null || \
|
|
|
|
|
groupadd -r %{haproxy_group}
|
|
|
|
|
getent passwd %{haproxy_user} >/dev/null || \
|
|
|
|
|
useradd -r -g %{haproxy_user} -d %{haproxy_homedir} \
|
|
|
|
|
-s /sbin/nologin -c "haproxy" %{haproxy_user}
|
|
|
|
|
exit 0
|
|
|
|
|
%sysusers_create_compat %{SOURCE5}
|
|
|
|
|
|
|
|
|
|
%post
|
|
|
|
|
%systemd_post %{name}.service
|
|
|
|
|
@ -136,13 +134,17 @@ exit 0
|
|
|
|
|
%{_bindir}/iprange
|
|
|
|
|
%{_bindir}/ip6range
|
|
|
|
|
%{_mandir}/man1/*
|
|
|
|
|
%{_sysusersdir}/%{name}.conf
|
|
|
|
|
|
|
|
|
|
%changelog
|
|
|
|
|
* Thu Mar 02 2023 Ryan O'Hara <rohara@redhat.com> - 2.4.17-3.2
|
|
|
|
|
- Reject empty http header field names (CVE-2023-25725, #2174174)
|
|
|
|
|
* Mon Feb 27 2023 Ryan O'Hara <rohara@redhat.com> - 2.4.17-6
|
|
|
|
|
- Reject empty http header field names (CVE-2023-25725, #2169510)
|
|
|
|
|
|
|
|
|
|
* Thu Mar 02 2023 Ryan O'Hara <rohara@redhat.com> - 2.4.17-3.1
|
|
|
|
|
- Refuse interim responses with end-stream flag set (CVE-2023-0056, #2174172)
|
|
|
|
|
* Mon Feb 27 2023 Ryan O'Hara <rohara@redhat.com> - 2.4.17-5
|
|
|
|
|
- Refuse interim responses with end-stream flag set (CVE-2023-0056, #2161140)
|
|
|
|
|
|
|
|
|
|
* Wed Nov 30 2022 Ryan O'Hara <rohara@redhat.com> - 2.4.17-4
|
|
|
|
|
- Use systemd-sysusers for user/group creation (#2095422)
|
|
|
|
|
|
|
|
|
|
* Mon Jul 25 2022 Ryan O'Hara <rohara@redhat.com> - 2.4.17-3
|
|
|
|
|
- Fix changelog and rebuild
|
|
|
|
|
|
CentOS Sources
2 years ago
committed by
MSVSphere Packaging Team