From 8f0fb1134fe133f9b7909824908de60b61fa7d00 Mon Sep 17 00:00:00 2001 From: MSVSphere Packaging Team Date: Mon, 11 Dec 2023 16:49:41 +0300 Subject: [PATCH] import openwsman-2.6.5-10.el8 --- .../openwsman-2.6.5-update-ssleay-conf.patch | 15 +++++++++++++++ SPECS/openwsman.spec | 17 ++++++++++++----- 2 files changed, 27 insertions(+), 5 deletions(-) create mode 100644 SOURCES/openwsman-2.6.5-update-ssleay-conf.patch diff --git a/SOURCES/openwsman-2.6.5-update-ssleay-conf.patch b/SOURCES/openwsman-2.6.5-update-ssleay-conf.patch new file mode 100644 index 0000000..a8b7820 --- /dev/null +++ b/SOURCES/openwsman-2.6.5-update-ssleay-conf.patch @@ -0,0 +1,15 @@ +diff -up openwsman-2.6.5/etc/ssleay.cnf.orig openwsman-2.6.5/etc/ssleay.cnf +--- openwsman-2.6.5/etc/ssleay.cnf.orig 2017-11-28 09:32:15.000000000 +0100 ++++ openwsman-2.6.5/etc/ssleay.cnf 2023-07-10 10:00:44.713426317 +0200 +@@ -2,10 +2,8 @@ + # SSLeay example configuration file. + # + +-RANDFILE = /dev/random +- + [ req ] +-default_bits = 1024 ++default_bits = 2048 + default_keyfile = privkey.pem + distinguished_name = req_distinguished_name + diff --git a/SPECS/openwsman.spec b/SPECS/openwsman.spec index e02bbcc..077401a 100644 --- a/SPECS/openwsman.spec +++ b/SPECS/openwsman.spec @@ -3,7 +3,7 @@ Name: openwsman Version: 2.6.5 -Release: 9%{?dist} +Release: 10%{?dist} Summary: Open source Implementation of WS-Management License: BSD @@ -24,6 +24,8 @@ Patch6: openwsman-2.6.5-CVE-2019-3816.patch # Patch7: fixes CVE-2019-3833, rhbz#1687865 Patch7: openwsman-2.6.5-CVE-2019-3833.patch Patch8: openwsman-2.6.5-http-unauthorized-improve.patch +# Patch9: fixes cert issue, rhbz#2220821 +Patch9: openwsman-2.6.5-update-ssleay-conf.patch BuildRequires: swig BuildRequires: libcurl-devel libxml2-devel pam-devel sblim-sfcc-devel BuildRequires: python3 python3-devel ruby ruby-devel rubygems-devel perl-interpreter @@ -133,6 +135,7 @@ You can use it to send shell commands to a remote Windows hosts. %patch6 -p1 -b .CVE-2019-3816 %patch7 -p1 -b .CVE-2019-3833 %patch8 -p1 -b .http-unauthorized-improve +%patch9 -p1 -b .update-ssleay-conf %build # Removing executable permissions on .c and .h files to fix rpmlint warnings. @@ -289,16 +292,20 @@ rm -f /var/log/wsmand.log %{_bindir}/winrs %changelog +* Thu Jul 27 2023 Vitezslav Crhonek - 2.6.5-10 +- Remove RANDFILE and increase default bits in ssleay.conf + Resolves: #2220821 + * Wed Jul 26 2023 MSVSphere Packaging Team - 2.6.5-9 - Rebuilt for MSVSphere 8.8 -* Tue Sep 20 2022 Vitezslav Crhonek - 2.6.5-9 -- Rebuild - Related: #2124894 +* Tue Feb 14 2023 Vitezslav Crhonek - 2.6.5-9 +- Add rpminspect.yaml + Related: #2105315 * Thu Sep 08 2022 Vitezslav Crhonek - 2.6.5-8 - Improve handling of HTTP 401 Unauthorized - Resolves: #2124894 + Resolves: #2105315 * Mon May 11 2020 Vitezslav Crhonek - 2.6.5-7 - Fix CVE-2019-3833