diff --git a/openwsman-2.6.5-update-ssleay-conf.patch b/openwsman-2.6.5-update-ssleay-conf.patch new file mode 100644 index 0000000000000000000000000000000000000000..a8b782018bec6a2b5c665df1ec36285117433903 --- /dev/null +++ b/openwsman-2.6.5-update-ssleay-conf.patch @@ -0,0 +1,15 @@ +diff -up openwsman-2.6.5/etc/ssleay.cnf.orig openwsman-2.6.5/etc/ssleay.cnf +--- openwsman-2.6.5/etc/ssleay.cnf.orig 2017-11-28 09:32:15.000000000 +0100 ++++ openwsman-2.6.5/etc/ssleay.cnf 2023-07-10 10:00:44.713426317 +0200 +@@ -2,10 +2,8 @@ + # SSLeay example configuration file. + # + +-RANDFILE = /dev/random +- + [ req ] +-default_bits = 1024 ++default_bits = 2048 + default_keyfile = privkey.pem + distinguished_name = req_distinguished_name + diff --git a/openwsman.spec b/openwsman.spec index 1f7ae0b3b24ed6b2b71952cb964a989ba0225032..17a0a9be22d4990c6477872251e3ef5646cb26cb 100644 --- a/openwsman.spec +++ b/openwsman.spec @@ -1,11 +1,9 @@ -%define anolis_release .0.1 - # RubyGems's macros expect gem_name to exist. %global gem_name %{name} Name: openwsman Version: 2.6.5 -Release: 9%{anolis_release}%{?dist} +Release: 10%{?dist} Summary: Open source Implementation of WS-Management License: BSD @@ -26,6 +24,8 @@ Patch6: openwsman-2.6.5-CVE-2019-3816.patch # Patch7: fixes CVE-2019-3833, rhbz#1687865 Patch7: openwsman-2.6.5-CVE-2019-3833.patch Patch8: openwsman-2.6.5-http-unauthorized-improve.patch +# Patch9: fixes cert issue, rhbz#2220821 +Patch9: openwsman-2.6.5-update-ssleay-conf.patch BuildRequires: swig BuildRequires: libcurl-devel libxml2-devel pam-devel sblim-sfcc-devel BuildRequires: python3 python3-devel ruby ruby-devel rubygems-devel perl-interpreter @@ -124,14 +124,6 @@ Requires: rubygem-%{gem_name} = %{version}-%{release} This is a command line tool for the Windows Remote Shell protocol. You can use it to send shell commands to a remote Windows hosts. -%package doc -Summary: Documents for %{name} -BuildArch: noarch -Requires: %{name} = %{?epoch:%{epoch}:}%{version}-%{release} - -%description doc -Doc pages for %{name}. - %prep %setup -q @@ -143,6 +135,7 @@ Doc pages for %{name}. %patch6 -p1 -b .CVE-2019-3816 %patch7 -p1 -b .CVE-2019-3833 %patch8 -p1 -b .http-unauthorized-improve +%patch9 -p1 -b .update-ssleay-conf %build # Removing executable permissions on .c and .h files to fix rpmlint warnings. @@ -235,21 +228,25 @@ rm -f /var/log/wsmand.log %postun client -p /sbin/ldconfig %files -n libwsman1 +%doc AUTHORS COPYING ChangeLog README.md TODO %{_libdir}/libwsman.so.* %{_libdir}/libwsman_client.so.* %{_libdir}/libwsman_curl_client_transport.so.* %files -n libwsman-devel +%doc AUTHORS COPYING ChangeLog README.md %{_includedir}/* %{_libdir}/pkgconfig/* %{_libdir}/*.so %files python3 +%doc AUTHORS COPYING ChangeLog README.md %{python3_sitearch}/*.so %{python3_sitearch}/*.py %{python3_sitearch}/__pycache__/* %files -n rubygem-%{gem_name} +%doc AUTHORS COPYING ChangeLog README.md %dir %{gem_instdir} %{gem_libdir} %{gem_extdir_mri} @@ -260,10 +257,12 @@ rm -f /var/log/wsmand.log %doc %{gem_docdir} %files perl +%doc AUTHORS COPYING ChangeLog README.md %{perl_vendorarch}/openwsman.so %{perl_vendorlib}/openwsman.pm %files server +%doc AUTHORS COPYING ChangeLog README.md # Don't remove *.so files from the server package. # the server fails to start without these files. %dir %{_sysconfdir}/openwsman @@ -285,26 +284,25 @@ rm -f /var/log/wsmand.log %{_mandir}/man8/* %files client +%doc AUTHORS COPYING ChangeLog README.md %{_libdir}/libwsman_clientpp.so.* %config(noreplace) %{_sysconfdir}/openwsman/openwsman_client.conf %files winrs %{_bindir}/winrs -%files doc -%doc AUTHORS COPYING ChangeLog README.md TODO - %changelog -* Tue Jul 04 2023 Zhao Hang - 2.6.5-9.0.1 -- Add doc sub package +* Thu Jul 27 2023 Vitezslav Crhonek - 2.6.5-10 +- Remove RANDFILE and increase default bits in ssleay.conf + Resolves: #2220821 -* Tue Sep 20 2022 Vitezslav Crhonek - 2.6.5-9 -- Rebuild - Related: #2124894 +* Tue Feb 14 2023 Vitezslav Crhonek - 2.6.5-9 +- Add rpminspect.yaml + Related: #2105315 * Thu Sep 08 2022 Vitezslav Crhonek - 2.6.5-8 - Improve handling of HTTP 401 Unauthorized - Resolves: #2124894 + Resolves: #2105315 * Mon May 11 2020 Vitezslav Crhonek - 2.6.5-7 - Fix CVE-2019-3833