commit golang-github-lusitaniae-apache_exporter for openSUSE:Factory

Source-Sync Tue, 08 Aug 2023 06:54:48 -0700

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package 
golang-github-lusitaniae-apache_exporter for openSUSE:Factory checked in at 
2023-08-08 15:54:28
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/golang-github-lusitaniae-apache_exporter 
(Old)
 and      
/work/SRC/openSUSE:Factory/.golang-github-lusitaniae-apache_exporter.new.22712 
(New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "golang-github-lusitaniae-apache_exporter"

Tue Aug  8 15:54:28 2023 rev:10 rq:1102877 version:1.0.0

Changes:
--------
--- 
/work/SRC/openSUSE:Factory/golang-github-lusitaniae-apache_exporter/golang-github-lusitaniae-apache_exporter.changes
        2022-10-01 17:44:27.213811663 +0200
+++ 
/work/SRC/openSUSE:Factory/.golang-github-lusitaniae-apache_exporter.new.22712/golang-github-lusitaniae-apache_exporter.changes
     2023-08-08 15:54:35.168862524 +0200
@@ -1,0 +2,26 @@
+Tue Jul 11 11:18:57 UTC 2023 - Witek Bedyk <[email protected]>
+
+- Upgrade to version 1.0.0 (jsc#PED-5405)
+  * Improved flag parsing
+  * Added support for custom headers
+- Build with Go 1.19
+- Build using promu
+- Add _service file
+- Fix sandboxing options
+
+- Upgrade to version 0.13.4
+  * Fix denial of service vulnerability
+    (CVE-2022-32149, bsc#1204501)
+
+- Upgrade to version 0.13.3
+  * Fix uncontrolled resource consumption
+    (CVE-2022-41723, bsc#1208270)
+
+- Upgrade to version 0.13.1
+  * Fix panic caused by missing flagConfig options
+  
+- Upgrade to version 0.13.0
+  * Fix authentication bypass vulnarability
+    (CVE-2022-46146, bsc#1208046)
+
+-------------------------------------------------------------------

Old:
----
  apache_exporter-0.11.0.tar.gz

New:
----
  _service
  apache_exporter-1.0.0.obscpio
  apache_exporter.obsinfo

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ golang-github-lusitaniae-apache_exporter.spec ++++++
--- /var/tmp/diff_new_pack.sIxyxv/_old  2023-08-08 15:54:35.836866704 +0200
+++ /var/tmp/diff_new_pack.sIxyxv/_new  2023-08-08 15:54:35.844866754 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package golang-github-lusitaniae-apache_exporter
 #
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
 # Copyright (c) 2019 JoÃ£o Cavalheiro <[email protected]>
 #
 # All modifications and additions to the file contributed by third parties
@@ -18,7 +18,9 @@
 
 
 %if 0%{?rhel}
+%if 0%{?rhel} == 8
 %global debug_package %{nil}
+%endif
 # Fix ERROR: No build ID note found in
 %undefine _missing_build_ids_terminate_build
 %endif
@@ -32,7 +34,7 @@
 %define        serviceuser   prometheus
 
 Name:           golang-github-lusitaniae-apache_exporter
-Version:        0.11.0
+Version:        1.0.0
 Release:        0
 Summary:        Apache Exporter for Prometheus
 License:        MIT
@@ -41,25 +43,26 @@
 Source:         %{upstreamname}-%{version}.tar.gz
 Source1:        vendor.tar.gz
 Source2:        %{targetname}.service
+%if 0%{?suse_version} && %{with apparmor}
 Source3:        apparmor-usr.bin.%{targetname}
+%endif
 BuildRequires:  fdupes
+BuildRequires:  golang-github-prometheus-promu
 BuildRequires:  golang-packaging
-BuildRequires:  xz
 %if 0%{?rhel}
-BuildRequires:  golang >= 1.15
+BuildRequires:  golang >= 1.18
 Requires(pre):  shadow-utils
 %else
-BuildRequires:  golang(API) = 1.15
+BuildRequires:  golang(API) >= 1.19
 Requires(pre):  shadow
-%endif
 %if %{with apparmor}
 BuildRequires:  apparmor-abstractions
 BuildRequires:  apparmor-rpm-macros
 Recommends:     apparmor-abstractions
 %endif
+%endif
 ExcludeArch:    s390
-BuildRoot:      %{_tmppath}/%{name}-%{version}-build
-%{?systemd_requires}
+%{?systemd_ordering}
 
 %description
 Exports apache mod_status statistics via HTTP for Prometheus consumption.
@@ -69,15 +72,15 @@
 
 %build
 %goprep %{githubrepo}
-%gobuild -mod=vendor "" ...
+GOPATH=%{_builddir}/go promu build
 
 %install
-install -D -m0755 %{_builddir}/go/bin/%{upstreamname} 
%{buildroot}/%{_bindir}/%{targetname}
+install -D -m0755 
%{_builddir}/%{upstreamname}-%{version}/%{upstreamname}-%{version} 
%{buildroot}/%{_bindir}/%{targetname}
 install -d -m 0755 %{buildroot}%{_unitdir}
 install -m 0644 %{SOURCE2} %{buildroot}%{_unitdir}
 install -d -m 0755 %{buildroot}%{_sbindir}
 ln -s /usr/sbin/service %{buildroot}%{_sbindir}/rc%{targetname}
-%if %{with apparmor}
+%if 0%{?suse_version} && %{with apparmor}
 # AppArmor profile
 mkdir -p %{buildroot}%{_sysconfdir}/apparmor.d
 install -m 0644 %{SOURCE3} 
%{buildroot}%{_sysconfdir}/apparmor.d/usr.bin.%{targetname}
@@ -101,10 +104,10 @@
 %systemd_post %{targetname}.service
 %else
 %service_add_post %{targetname}.service
-%endif
 %if %{with apparmor}
 %apparmor_reload %{_sysconfdir}/apparmor.d/usr.bin.%{targetname}
 %endif
+%endif
 
 %preun
 %if 0%{?rhel}
@@ -127,7 +130,7 @@
 %{_bindir}/%{targetname}
 %{_unitdir}/%{targetname}.service
 %{_sbindir}/rc%{targetname}
-%if %{with apparmor}
+%if 0%{?suse_version} && %{with apparmor}
 %dir %{_sysconfdir}/apparmor.d
 %config %{_sysconfdir}/apparmor.d/usr.bin.%{targetname}
 %endif

++++++ _service ++++++
<services>
  <service name="obs_scm" mode="disabled">
    <param name="url">https://github.com/Lusitaniae/apache_exporter</param>
    <param name="scm">git</param>
    <param name="exclude">.git</param>
    <param name="versionformat">@PARENT_TAG@</param>
    <param name="revision">v1.0.0</param>
    <param name="versionrewrite-pattern">v(.*)</param>
  </service>
  <service name="tar" mode="buildtime"/>
  <service name="recompress" mode="buildtime">
    <param name="file">*.tar</param>
    <param name="compression">gz</param>
  </service>
  <service name="set_version" mode="disabled">
    <param name="basename">apache_exporter</param>
  </service>
  <service name="go_modules" mode="disabled">
    <param name="archive">apache_exporter-1.0.0.obscpio</param>
  </service>
</services>

++++++ apache_exporter.obsinfo ++++++
name: apache_exporter
version: 1.0.0
mtime: 1687770304
commit: 1e6c01ae15e65e7fc3114311098e9ce724629dce

++++++ prometheus-apache_exporter.service ++++++
--- /var/tmp/diff_new_pack.sIxyxv/_old  2023-08-08 15:54:35.924867254 +0200
+++ /var/tmp/diff_new_pack.sIxyxv/_new  2023-08-08 15:54:35.928867280 +0200
@@ -11,38 +11,19 @@
 TimeoutStopSec=20s
 SendSIGKILL=no
 
-# various hardening options
-CapabilityBoundingSet=
-AmbientCapabilities=
-StandardInput=null
-UMask=0077
-PrivateUsers=yes
-PrivateTmp=yes
-PrivateDevices=yes
-ProtectSystem=strict
-ProtectProc=invisible
-ProtectHome=yes
-ProtectKernelModules=yes
-ProtectKernelTunables=yes
-ProtectKernelLogs=yes
-ProtectControlGroups=yes
-ProtectHostname=yes
-ProtectClock=yes
-NoNewPrivileges=yes
-MountFlags=private
-LockPersonality=yes
-KeyringMode=private
-RestrictRealtime=yes
-RestrictNamespaces=yes
-RestrictSUIDSGID=yes
-DevicePolicy=closed
-PrivateIPC=yes
-RemoveIPC=yes
-MemoryDenyWriteExecute=yes
-ProcSubset=pid
-RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
-SystemCallArchitectures=native
-SystemCallFilter=~ @clock @cpu-emulation @debug @keyring @module @mount 
@raw-io @reboot @swap @obsolete splice @resources @chown @privileged @pkey 
@setuid @timer
+# added automatically, for details please see
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
+ProtectSystem=full
+ProtectHome=true
+PrivateDevices=true
+ProtectHostname=true
+ProtectClock=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+RestrictRealtime=true
+# end of automatic additions
 
 [Install]
 WantedBy=multi-user.target

++++++ vendor.tar.gz ++++++
++++ 142335 lines of diff (skipped)

commit golang-github-lusitaniae-apache_exporter for openSUSE:Factory

Reply via email to