From 80bca7f155102adf44a09b2bb1c5c8ec4aef095d Mon Sep 17 00:00:00 2001 From: basebuilder_pel7x64builder0 Date: Wed, 4 Jan 2023 16:49:55 +0100 Subject: [PATCH] ipmitool update Signed-off-by: basebuilder_pel7x64builder0 --- ...1-ipmitool-1.8.10-ipmievd-init.patch.patch | 48 +++ ...ool-1.8.10-ipmievd-condrestart.patch.patch | 76 ++++ ...004-ipmitool-1.8.11-set-kg-key.patch.patch | 240 +++++++++++ ...-ipmitool-1.8.11-remove-umask0.patch.patch | 28 ++ ...tool-1.8.11-bz1126333-slowswid.patch.patch | 28 ++ ...itool-1.8.11-bz878614-overname.patch.patch | 28 ++ ...or-new-Communication-Interface-USB-M.patch | 21 + SOURCES/0016-ipmitool-1.8.18-verbose.patch | 110 +++++ ...7-ipmitool-1.8.18-check-input-values.patch | 41 ++ SOURCES/0018-CVE-2020-5208.patch | 365 ++++++++++++++++ SOURCES/0019-CVE-2020-5208_2.patch | 44 ++ SOURCES/exchange-bmc-os-info | 326 +++++++++++++++ SOURCES/exchange-bmc-os-info.service | 13 + SOURCES/exchange-bmc-os-info.sysconf | 26 ++ SOURCES/ipmievd.service | 13 + SOURCES/openipmi-ipmievd.sysconf | 1 + SOURCES/set-bmc-url.sh | 11 + SPECS/ipmitool.spec | 389 ++++++++++++++++++ 18 files changed, 1808 insertions(+) create mode 100644 SOURCES/0001-ipmitool-1.8.10-ipmievd-init.patch.patch create mode 100644 SOURCES/0002-ipmitool-1.8.10-ipmievd-condrestart.patch.patch create mode 100644 SOURCES/0004-ipmitool-1.8.11-set-kg-key.patch.patch create mode 100644 SOURCES/0007-ipmitool-1.8.11-remove-umask0.patch.patch create mode 100644 SOURCES/0009-ipmitool-1.8.11-bz1126333-slowswid.patch.patch create mode 100644 SOURCES/0010-ipmitool-1.8.11-bz878614-overname.patch.patch create mode 100644 SOURCES/0015-ID-390-Support-for-new-Communication-Interface-USB-M.patch create mode 100644 SOURCES/0016-ipmitool-1.8.18-verbose.patch create mode 100644 SOURCES/0017-ipmitool-1.8.18-check-input-values.patch create mode 100644 SOURCES/0018-CVE-2020-5208.patch create mode 100644 SOURCES/0019-CVE-2020-5208_2.patch create mode 100644 SOURCES/exchange-bmc-os-info create mode 100644 SOURCES/exchange-bmc-os-info.service create mode 100644 SOURCES/exchange-bmc-os-info.sysconf create mode 100644 SOURCES/ipmievd.service create mode 100644 SOURCES/openipmi-ipmievd.sysconf create mode 100644 SOURCES/set-bmc-url.sh create mode 100644 SPECS/ipmitool.spec diff --git a/SOURCES/0001-ipmitool-1.8.10-ipmievd-init.patch.patch b/SOURCES/0001-ipmitool-1.8.10-ipmievd-init.patch.patch new file mode 100644 index 00000000..da3c9e76 --- /dev/null +++ b/SOURCES/0001-ipmitool-1.8.10-ipmievd-init.patch.patch @@ -0,0 +1,48 @@ +From 88c6180c807bcdcbe5a189fa7a2a7432cd3a750d Mon Sep 17 00:00:00 2001 +From: Boris Ranto +Date: Fri, 6 Nov 2015 12:06:52 +0100 +Subject: [PATCH 01/11] ipmitool-1.8.10-ipmievd-init.patch + +562186 - Initscript of the ipmievd service not LSB compliant + +Backported by: dgregor jsafrane +--- + contrib/ipmievd.init.redhat | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/contrib/ipmievd.init.redhat b/contrib/ipmievd.init.redhat +index 1c0253d..7cf9d24 100755 +--- a/contrib/ipmievd.init.redhat ++++ b/contrib/ipmievd.init.redhat +@@ -5,7 +5,7 @@ + # Based on example sysvinitfiles script + # Copyright (c) 2000 Red Hat Software, Inc. + # +-# chkconfig: 345 99 00 ++# chkconfig: - 99 00 + # description: ipmievd daemon to send events to syslog + # processname: ipmievd + # config: /etc/sysconfig/ipmievd +@@ -16,8 +16,8 @@ + # Should-Start: $time + # Required-Stop: $syslog ipmi + # Should-Stop: $time +-# Default-Start: 3 4 5 +-# Default-Stop: 0 1 2 6 ++# Default-Start: ++# Default-Stop: + # Short-Description: ipmievd daemon to send events to syslog + # Description: Start ipmievd to read events from BMC and + # log them to syslog. Events correspond to hardware faults, +@@ -81,7 +81,7 @@ case "$1" in + ;; + *) + echo "Usage: ipmievd {start|stop|status|reload|restart|condrestart}" +- exit 1 ++ exit 2 + ;; + esac + exit $? +-- +2.1.0 + diff --git a/SOURCES/0002-ipmitool-1.8.10-ipmievd-condrestart.patch.patch b/SOURCES/0002-ipmitool-1.8.10-ipmievd-condrestart.patch.patch new file mode 100644 index 00000000..56e41ec3 --- /dev/null +++ b/SOURCES/0002-ipmitool-1.8.10-ipmievd-condrestart.patch.patch @@ -0,0 +1,76 @@ +From a82448d0a53be621e9a1f5f7dff44e4e481e174c Mon Sep 17 00:00:00 2001 +From: Boris Ranto +Date: Fri, 6 Nov 2015 12:12:29 +0100 +Subject: [PATCH 02/11] ipmitool-1.8.10-ipmievd-condrestart.patch +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +532188 - ipmievd init script's condrestart doesn't work +Author: Ville Skyttä (ville.skytta@iki.fi) +Sent upstream as +https://sourceforge.net/tracker/?func=detail&aid=2889888&group_id=95200&atid=610552 + +Initscipt output tuning by Jan Safranek + +Backported by: dgregor jsafrane +--- + contrib/ipmievd.init.redhat | 18 ++++++++++++------ + 1 file changed, 12 insertions(+), 6 deletions(-) + +diff --git a/contrib/ipmievd.init.redhat b/contrib/ipmievd.init.redhat +index 7cf9d24..71b90b9 100755 +--- a/contrib/ipmievd.init.redhat ++++ b/contrib/ipmievd.init.redhat +@@ -44,24 +44,31 @@ test -r $IPMIEVD_CONFIG || { echo "$IPMIEVD_CONFIG does not exist"; + . /etc/init.d/functions + + start() { +- echo "Starting ipmievd:" ++ echo -n "Starting ipmievd:" + if [ -f /var/lock/subsys/ipmievd ]; then + return 0 + fi + daemon $IPMIEVD_BIN $IPMIEVD_OPTIONS + ret=$? + [ $ret -eq 0 ] && touch /var/lock/subsys/ipmievd ++ echo + return $ret + } + + stop() { +- echo "Shutting down ipmievd:" ++ echo -n "Shutting down ipmievd:" + killproc $IPMIEVD_BIN + ret=$? + [ $ret -eq 0 ] && rm -f /var/lock/subsys/ipmievd ++ echo + return $ret + } + ++restart() { ++ stop ++ start ++} ++ + case "$1" in + start) + start +@@ -72,11 +79,10 @@ case "$1" in + status) + status $IPMIEVD_BIN + ;; +- restart|reload) +- stop +- start ++ restart|reload|force-reload) ++ restart + ;; +- condrestart) ++ try-restart|condrestart) + [ -f /var/lock/subsys/ipmievd ] && restart || : + ;; + *) +-- +2.1.0 + diff --git a/SOURCES/0004-ipmitool-1.8.11-set-kg-key.patch.patch b/SOURCES/0004-ipmitool-1.8.11-set-kg-key.patch.patch new file mode 100644 index 00000000..00a396e2 --- /dev/null +++ b/SOURCES/0004-ipmitool-1.8.11-set-kg-key.patch.patch @@ -0,0 +1,240 @@ +diff -urNp old/doc/ipmitool.1 new/doc/ipmitool.1 +--- old/doc/ipmitool.1 2017-02-06 10:20:02.254362909 +0100 ++++ new/doc/ipmitool.1 2017-02-06 10:33:41.729294474 +0100 +@@ -372,6 +372,20 @@ Configure user access information on the + + Displays the list of cipher suites supported for the given + application (ipmi or sol) on the given channel. ++.TP ++\fIsetkg\fP <\fIhex\fP|\fIplain\fP> <\fBkey\fP> [<\fBchannel\fR>] ++.br ++ ++Sets K_g key to given value. Use \fIplain\fP to specify \fBkey\fR as simple ASCII string. ++Use \fIhex\fP to specify \fBkey\fR as sequence of hexadecimal codes of ASCII charactes. ++I.e. following two examples are equivalent: ++ ++.RS ++ipmitool channel setkg plain PASSWORD ++ ++ipmitool channel setkg hex 50415353574F5244 ++.RE ++ + .RE + .RE + .TP +diff -urNp old/include/ipmitool/helper.h new/include/ipmitool/helper.h +--- old/include/ipmitool/helper.h 2017-02-06 10:20:02.254362909 +0100 ++++ new/include/ipmitool/helper.h 2017-02-06 10:40:07.336136844 +0100 +@@ -58,6 +58,8 @@ + # define IPMI_UID_MAX 63 + #endif + ++#define IPMI_KG_BUFFER_SIZE 21 /* key plus null byte */ ++ + struct ipmi_intf; + + struct valstr { +diff -urNp old/include/ipmitool/ipmi_channel.h new/include/ipmitool/ipmi_channel.h +--- old/include/ipmitool/ipmi_channel.h 2017-02-06 10:20:02.253316684 +0100 ++++ new/include/ipmitool/ipmi_channel.h 2017-02-06 10:58:15.291287621 +0100 +@@ -49,6 +49,10 @@ + #define IPMI_GET_USER_NAME 0x46 + #define IPMI_SET_USER_PASSWORD 0x47 + #define IPMI_GET_CHANNEL_CIPHER_SUITES 0x54 ++#define IPMI_SET_CHANNEL_SECURITY_KEYS 0x56 ++ ++#define IPMI_KG_KEY_ID 1 ++#define IPMI_SET_CHANNEL_SECURITY_KEYS_OP_SET 1 + + /* These are for channel_info_t.session_support */ + #define IPMI_CHANNEL_SESSION_LESS 0x00 +@@ -137,6 +141,40 @@ int _ipmi_set_channel_access(struct ipmi + struct channel_access_t channel_access, uint8_t access_option, + uint8_t privilege_option); + ++struct set_channel_security_keys_req { ++#if WORDS_BIGENDIAN ++ uint8_t __reserved1 :4; ++ uint8_t channel :4; ++ ++ uint8_t __reserved2 :6; ++ uint8_t operation :2; ++ ++ uint8_t key_id; ++ unsigned char key_value[IPMI_KG_BUFFER_SIZE-1]; /* we don't want space for '\0' at the end */ ++#else ++ uint8_t channel :4; ++ uint8_t __reserved1 :4; ++ ++ uint8_t operation :2; ++ uint8_t __reserved2 :6; ++ ++ uint8_t key_id; ++ unsigned char key_value[IPMI_KG_BUFFER_SIZE-1]; /* we don't want space for '\0' at the end */ ++#endif ++} __attribute__ ((packed)); ++ ++struct set_channel_security_keys_rsp { ++#if WORDS_BIGENDIAN ++ uint8_t __reserved1 :6; ++ uint8_t lock_status :2; ++ unsigned char key_value; /* just the first character, use &key_value to explore the rest */ ++#else ++ uint8_t lock_status :2; ++ uint8_t __reserved1 :6; ++ unsigned char key_value; /* just the first character, use &key_value to explore the rest */ ++#endif ++} __attribute__ ((packed)); ++ + uint8_t ipmi_get_channel_medium(struct ipmi_intf * intf, uint8_t channel); + uint8_t ipmi_current_channel_medium(struct ipmi_intf * intf); + int ipmi_channel_main(struct ipmi_intf * intf, int argc, char ** argv); +diff -urNp old/include/ipmitool/ipmi_intf.h new/include/ipmitool/ipmi_intf.h +--- old/include/ipmitool/ipmi_intf.h 2017-02-06 10:20:02.254362909 +0100 ++++ new/include/ipmitool/ipmi_intf.h 2017-02-06 10:40:40.264577602 +0100 +@@ -60,7 +60,6 @@ enum LANPLUS_SESSION_STATE { + + #define IPMI_AUTHCODE_BUFFER_SIZE 20 + #define IPMI_SIK_BUFFER_SIZE IPMI_MAX_MD_SIZE +-#define IPMI_KG_BUFFER_SIZE 21 /* key plus null byte */ + + struct ipmi_session_params { + char * hostname; +diff -urNp old/lib/ipmi_channel.c new/lib/ipmi_channel.c +--- old/lib/ipmi_channel.c 2017-02-06 10:20:02.255409134 +0100 ++++ new/lib/ipmi_channel.c 2017-02-06 12:32:14.222282317 +0100 +@@ -821,6 +821,92 @@ ipmi_set_user_access(struct ipmi_intf *i + return 0; + } + ++int ++ipmi_set_channel_security_keys (struct ipmi_intf *intf, uint8_t channel, const char *method, const char *key) ++{ ++ uint8_t kgkey[IPMI_KG_BUFFER_SIZE]; ++ struct ipmi_rs *rsp; ++ struct ipmi_rq req; ++ struct set_channel_security_keys_req req_data; ++ int rc = -1; ++ ++ /* convert provided key to array of bytes */ ++ if (strcmp(method, "hex") == 0) { ++ if (strlen(key) > (IPMI_KG_BUFFER_SIZE-1)*2) { ++ lprintf(LOG_ERR, "Provided key is too long, max. length is %d bytes", (IPMI_KG_BUFFER_SIZE-1)); ++ printf_channel_usage(); ++ return -1; ++ } ++ ++ rc = ipmi_parse_hex(key, kgkey, sizeof(kgkey)-1); ++ if (rc == -1) { ++ lprintf(LOG_ERR, "Number of Kg key characters is not even"); ++ return rc; ++ } else if (rc == -3) { ++ lprintf(LOG_ERR, "Kg key is not hexadecimal number"); ++ return rc; ++ } else if (rc > (IPMI_KG_BUFFER_SIZE-1)) { ++ lprintf(LOG_ERR, "Kg key is too long"); ++ return rc; ++ } ++ ++ } else if (strcmp(method, "plain") == 0) { ++ if (strlen(key) > IPMI_KG_BUFFER_SIZE-1) { ++ lprintf(LOG_ERR, "Provided key is too long, max. length is %d bytes", (IPMI_KG_BUFFER_SIZE -1)); ++ printf_channel_usage(); ++ return rc; ++ } ++ ++ strncpy(kgkey, key, IPMI_KG_BUFFER_SIZE-1); ++ } else { ++ printf_channel_usage(); ++ return rc; ++ } ++ ++ /* assemble and send request to set kg key */ ++ memset(&req_data, 0, sizeof(req_data)); ++ req_data.channel = channel; ++ req_data.operation = IPMI_SET_CHANNEL_SECURITY_KEYS_OP_SET; ++ req_data.key_id = IPMI_KG_KEY_ID; ++ memcpy(req_data.key_value, kgkey, IPMI_KG_BUFFER_SIZE-1); ++ ++ memset(&req, 0, sizeof(req)); ++ req.msg.netfn = IPMI_NETFN_APP; ++ req.msg.cmd = IPMI_SET_CHANNEL_SECURITY_KEYS; ++ req.msg.data = (uint8_t*) &req_data; ++ req.msg.data_len = sizeof(req_data); ++ ++ rsp = intf->sendrecv(intf, &req); ++ if (rsp == NULL) { ++ lprintf(LOG_ERR, "Set Channel Security Keys command failed"); ++ return rc; ++ } ++ if (rsp->ccode > 0) { ++ const char *error = NULL; ++ switch (rsp->ccode) { ++ case 0x80: ++ error = "Key is locked"; ++ break; ++ case 0x81: ++ error = "Insufficient key bytes"; ++ break; ++ case 0x82: ++ error = "Too many key bytes"; ++ break; ++ case 0x83: ++ error = "Key value does not meet criteria for K_g key"; ++ break; ++ default: ++ error = val2str(rsp->ccode, completion_code_vals); ++ } ++ lprintf(LOG_ERR, "Error setting security key: %X (%s)", rsp->ccode, error); ++ return rc; ++ } ++ ++ lprintf(LOG_NOTICE, "Set Channel Security Keys command succeeded"); ++ return 0; ++} ++ + int + ipmi_channel_main(struct ipmi_intf *intf, int argc, char **argv) + { +@@ -890,6 +976,19 @@ ipmi_channel_main(struct ipmi_intf *intf + retval = ipmi_get_channel_cipher_suites(intf, + argv[1], /* ipmi | sol */ + channel); ++ } else if (strncmp(argv[0], "setkg", 5) == 0) { ++ if (argc < 3 || argc > 4) ++ printf_channel_usage(); ++ else { ++ uint8_t ch = 0xe; ++ char *method = argv[1]; ++ char *key = argv[2]; ++ if (argc == 4) { ++ ch = (uint8_t)strtol(argv[3], NULL, 0); ++ } ++ ++ retval = ipmi_set_channel_security_keys(intf, ch, method, key); ++ } + } else { + lprintf(LOG_ERR, "Invalid CHANNEL command: %s\n", argv[0]); + printf_channel_usage(); +@@ -916,6 +1015,10 @@ printf_channel_usage() + lprintf(LOG_NOTICE, + ""); + lprintf(LOG_NOTICE, ++" setkg hex|plain [channel]"); ++ lprintf(LOG_NOTICE, ++""); ++ lprintf(LOG_NOTICE, + "Possible privilege levels are:"); + lprintf(LOG_NOTICE, + " 1 Callback level"); +diff -urNp old/src/plugins/ipmi_intf.c new/src/plugins/ipmi_intf.c +--- old/src/plugins/ipmi_intf.c 2017-02-06 10:20:02.257501584 +0100 ++++ new/src/plugins/ipmi_intf.c 2017-02-06 10:42:12.585257810 +0100 +@@ -55,6 +55,7 @@ + #include + #include + #include ++#include + + #define IPMI_DEFAULT_PAYLOAD_SIZE 25 + diff --git a/SOURCES/0007-ipmitool-1.8.11-remove-umask0.patch.patch b/SOURCES/0007-ipmitool-1.8.11-remove-umask0.patch.patch new file mode 100644 index 00000000..d5bdc105 --- /dev/null +++ b/SOURCES/0007-ipmitool-1.8.11-remove-umask0.patch.patch @@ -0,0 +1,28 @@ +From 4ca58a30ef718975232231f1a5044554718b3404 Mon Sep 17 00:00:00 2001 +From: Boris Ranto +Date: Fri, 6 Nov 2015 12:58:31 +0100 +Subject: [PATCH 07/11] ipmitool-1.8.11-remove-umask0.patch + +CVE-2011-4339 OpenIPMI: IPMI event daemon creates PID file with world +writeable permissions + +Backported by: jsafrane +--- + lib/helper.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/lib/helper.c b/lib/helper.c +index d934fc0..998b2e6 100644 +--- a/lib/helper.c ++++ b/lib/helper.c +@@ -658,7 +658,6 @@ ipmi_start_daemon(struct ipmi_intf *intf) + #endif + + chdir("/"); +- umask(0); + + for (fd=0; fd<64; fd++) { + if (fd != intf->fd) +-- +2.1.0 + diff --git a/SOURCES/0009-ipmitool-1.8.11-bz1126333-slowswid.patch.patch b/SOURCES/0009-ipmitool-1.8.11-bz1126333-slowswid.patch.patch new file mode 100644 index 00000000..7b3d9206 --- /dev/null +++ b/SOURCES/0009-ipmitool-1.8.11-bz1126333-slowswid.patch.patch @@ -0,0 +1,28 @@ +From 850661bd57c0c98c319fd30d9e9697c1667ad457 Mon Sep 17 00:00:00 2001 +From: Boris Ranto +Date: Wed, 11 Nov 2015 17:58:43 +0100 +Subject: [PATCH 09/11] ipmitool-1.8.11-bz1126333-slowswid.patch + +See rhbz#1194420 for details. + +Backported by: aledvink +--- + lib/ipmi_sdr.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/lib/ipmi_sdr.c b/lib/ipmi_sdr.c +index fa7b082..9bc5ac2 100644 +--- a/lib/ipmi_sdr.c ++++ b/lib/ipmi_sdr.c +@@ -572,6 +572,8 @@ ipmi_sdr_get_sensor_reading_ipmb(struct ipmi_intf *intf, uint8_t sensor, + uint32_t save_addr; + uint32_t save_channel; + ++ if (target == (uint8_t) 0xb1) ++ return ipmi_sdr_get_sensor_reading(intf, sensor); + if ( BRIDGE_TO_SENSOR(intf, target, channel) ) { + lprintf(LOG_DEBUG, + "Bridge to Sensor " +-- +2.1.0 + diff --git a/SOURCES/0010-ipmitool-1.8.11-bz878614-overname.patch.patch b/SOURCES/0010-ipmitool-1.8.11-bz878614-overname.patch.patch new file mode 100644 index 00000000..637328a5 --- /dev/null +++ b/SOURCES/0010-ipmitool-1.8.11-bz878614-overname.patch.patch @@ -0,0 +1,28 @@ +From bf51496f56ffd53c75045129f539c182a38f4671 Mon Sep 17 00:00:00 2001 +From: Boris Ranto +Date: Wed, 11 Nov 2015 18:14:52 +0100 +Subject: [PATCH 10/11] ipmitool-1.8.11-bz878614-overname.patch + +See rhbz#878614 for details. + +Backported by: aledvink +--- + include/ipmitool/ipmi_sdr.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/include/ipmitool/ipmi_sdr.h b/include/ipmitool/ipmi_sdr.h +index ccf0cf0..47d3949 100644 +--- a/include/ipmitool/ipmi_sdr.h ++++ b/include/ipmitool/ipmi_sdr.h +@@ -819,7 +819,7 @@ static const char *sensor_type_desc[] __attribute__ ((unused)) = { + "Version Change", "FRU State" }; + + struct sensor_reading { +- char s_id[17]; /* name of the sensor */ ++ char s_id[33]; /* name of the sensor */ + struct sdr_record_full_sensor *full; + struct sdr_record_compact_sensor *compact; + uint8_t s_reading_valid; /* read value valididity */ +-- +2.1.0 + diff --git a/SOURCES/0015-ID-390-Support-for-new-Communication-Interface-USB-M.patch b/SOURCES/0015-ID-390-Support-for-new-Communication-Interface-USB-M.patch new file mode 100644 index 00000000..d3bfba5a --- /dev/null +++ b/SOURCES/0015-ID-390-Support-for-new-Communication-Interface-USB-M.patch @@ -0,0 +1,21 @@ +diff -urNp old/configure.ac new/configure.ac +--- old/configure.ac 2017-02-02 14:20:33.230784269 +0100 ++++ new/configure.ac 2017-02-02 14:22:53.528510336 +0100 +@@ -63,7 +63,7 @@ xenable_intf_imb=yes + xenable_intf_lipmi=yes + xenable_intf_open=yes + #xenable_intf_serial=yes +-xenable_intf_usb=no ++xenable_intf_usb=yes + xenable_ipmishell=yes + + dnl set some things so we build with GNU tools on Solaris +@@ -209,7 +209,7 @@ fi + dnl enable IPMI USB interface + AC_ARG_ENABLE([intf-usb], + [AC_HELP_STRING([--enable-intf-usb], +- [enable IPMI USB interface [default=auto]])], ++ [enable IPMI USB interface [default=yes]])], + [xenable_intf_usb=$enableval], + [xenable_intf_usb=$xenable_intf_usb]) + if test "x$xenable_intf_usb" = "xstatic" || test "x$xenable_intf_usb" = "xplugin"; then diff --git a/SOURCES/0016-ipmitool-1.8.18-verbose.patch b/SOURCES/0016-ipmitool-1.8.18-verbose.patch new file mode 100644 index 00000000..6c7bdb6e --- /dev/null +++ b/SOURCES/0016-ipmitool-1.8.18-verbose.patch @@ -0,0 +1,110 @@ +diff -urNp old/lib/ipmi_picmg.c new/lib/ipmi_picmg.c +--- old/lib/ipmi_picmg.c 2016-07-31 07:29:49.000000000 +0200 ++++ new/lib/ipmi_picmg.c 2017-10-03 15:38:48.711790645 +0200 +@@ -2353,28 +2353,28 @@ picmg_discover(struct ipmi_intf *intf) { + req.msg.data_len = 1; + msg_data = 0; + +- lprintf(LOG_INFO, "Running Get PICMG Properties my_addr %#x, transit %#x, target %#x", ++ lprintf(LOG_DEBUG, "Running Get PICMG Properties my_addr %#x, transit %#x, target %#x", + intf->my_addr, intf->transit_addr, intf->target_addr); + rsp = intf->sendrecv(intf, &req); + if (rsp == NULL) { +- lprintf(LOG_INFO,"No response from Get PICMG Properties"); ++ lprintf(LOG_DEBUG,"No response from Get PICMG Properties"); + } else if (rsp->ccode != 0) { +- lprintf(LOG_INFO,"Error response %#x from Get PICMG Properities", ++ lprintf(LOG_DEBUG,"Error response %#x from Get PICMG Properities", + rsp->ccode); + } else if (rsp->data_len < 4) { +- lprintf(LOG_INFO,"Invalid Get PICMG Properties response length %d", ++ lprintf(LOG_DEBUG,"Invalid Get PICMG Properties response length %d", + rsp->data_len); + } else if (rsp->data[0] != 0) { +- lprintf(LOG_INFO,"Invalid Get PICMG Properties group extension %#x", ++ lprintf(LOG_DEBUG,"Invalid Get PICMG Properties group extension %#x", + rsp->data[0]); + } else if ((rsp->data[1] & 0x0F) != PICMG_EXTENSION_ATCA_MAJOR_VERSION + && (rsp->data[1] & 0x0F) != PICMG_EXTENSION_AMC0_MAJOR_VERSION + && (rsp->data[1] & 0x0F) != PICMG_EXTENSION_UTCA_MAJOR_VERSION) { +- lprintf(LOG_INFO,"Unknown PICMG Extension Version %d.%d", ++ lprintf(LOG_DEBUG,"Unknown PICMG Extension Version %d.%d", + (rsp->data[1] & 0x0F), (rsp->data[1] >> 4)); + } else { + picmg_avail = 1; +- lprintf(LOG_INFO, "Discovered PICMG Extension Version %d.%d", ++ lprintf(LOG_DEBUG, "Discovered PICMG Extension Version %d.%d", + (rsp->data[1] & 0x0f), (rsp->data[1] >> 4)); + } + +diff -urNp old/lib/ipmi_vita.c new/lib/ipmi_vita.c +--- old/lib/ipmi_vita.c 2018-01-05 10:29:51.290694252 +0100 ++++ new/lib/ipmi_vita.c 2018-01-05 12:09:56.480413217 +0100 +@@ -184,7 +184,7 @@ vita_discover(struct ipmi_intf *intf) + + msg_data = GROUP_EXT_VITA; + +- lprintf(LOG_INFO, "Running Get VSO Capabilities my_addr %#x, " ++ lprintf(LOG_DEBUG, "Running Get VSO Capabilities my_addr %#x, " + "transit %#x, target %#x", + intf->my_addr, intf->transit_addr, intf->target_addr); + +@@ -193,29 +193,29 @@ vita_discover(struct ipmi_intf *intf) + if (rsp == NULL) { + lprintf(LOG_ERR, "No valid response received"); + } else if (rsp->ccode == 0xC1) { +- lprintf(LOG_INFO, "Invalid completion code received: %s", ++ lprintf(LOG_DEBUG, "Invalid completion code received: %s", + val2str(rsp->ccode, completion_code_vals)); + } else if (rsp->ccode == 0xCC) { +- lprintf(LOG_INFO, "Invalid data field received: %s", ++ lprintf(LOG_DEBUG, "Invalid data field received: %s", + val2str(rsp->ccode, completion_code_vals)); + } else if (rsp->ccode != 0) { +- lprintf(LOG_INFO, "Invalid completion code received: %s", ++ lprintf(LOG_DEBUG, "Invalid completion code received: %s", + val2str(rsp->ccode, completion_code_vals)); + } else if (rsp->data_len < 5) { +- lprintf(LOG_INFO, "Invalid response length %d", ++ lprintf(LOG_DEBUG, "Invalid response length %d", + rsp->data_len); + } else if (rsp->data[0] != GROUP_EXT_VITA) { +- lprintf(LOG_INFO, "Invalid group extension %#x", ++ lprintf(LOG_DEBUG, "Invalid group extension %#x", + rsp->data[0]); + } else if ((rsp->data[3] & 0x03) != 0) { +- lprintf(LOG_INFO, "Unknown VSO Standard %d", ++ lprintf(LOG_DEBUG, "Unknown VSO Standard %d", + (rsp->data[3] & 0x03)); + } else if ((rsp->data[4] & 0x0F) != 1) { +- lprintf(LOG_INFO, "Unknown VSO Specification Revision %d.%d", ++ lprintf(LOG_DEBUG, "Unknown VSO Specification Revision %d.%d", + (rsp->data[4] & 0x0F), (rsp->data[4] >> 4)); + } else { + vita_avail = 1; +- lprintf(LOG_INFO, "Discovered VITA 46.11 Revision %d.%d", ++ lprintf(LOG_DEBUG, "Discovered VITA 46.11 Revision %d.%d", + (rsp->data[4] & 0x0F), (rsp->data[4] >> 4)); + } + +diff -urNp old/lib/ipmi_main.c new/lib/ipmi_main.c +--- old/lib/ipmi_main.c 2018-01-08 15:31:37.159786062 +0100 ++++ new/lib/ipmi_main.c 2018-01-08 15:32:35.960077134 +0100 +@@ -904,7 +904,7 @@ ipmi_main(int argc, char ** argv, + } else if (!ipmi_oem_active(ipmi_main_intf, "i82571spt")) { + lprintf(LOG_DEBUG, "Acquire IPMB address"); + addr = ipmi_acquire_ipmb_address(ipmi_main_intf); +- lprintf(LOG_INFO, "Discovered IPMB address 0x%x", addr); ++ lprintf(LOG_DEBUG, "Discovered IPMB address 0x%x", addr); + } + + /* +@@ -956,7 +956,7 @@ ipmi_main(int argc, char ** argv, + ipmi_main_intf->transit_addr, + ipmi_main_intf->transit_channel); + if (ipmi_main_intf->target_ipmb_addr) { +- lprintf(LOG_INFO, "Discovered Target IPMB-0 address %#x", ++ lprintf(LOG_DEBUG, "Discovered Target IPMB-0 address %#x", + ipmi_main_intf->target_ipmb_addr); + } + } diff --git a/SOURCES/0017-ipmitool-1.8.18-check-input-values.patch b/SOURCES/0017-ipmitool-1.8.18-check-input-values.patch new file mode 100644 index 00000000..030fd2a4 --- /dev/null +++ b/SOURCES/0017-ipmitool-1.8.18-check-input-values.patch @@ -0,0 +1,41 @@ +diff -urNp old/doc/ipmitool.1 new/doc/ipmitool.1 +--- old/doc/ipmitool.1 2017-10-03 16:10:50.446539988 +0200 ++++ new/doc/ipmitool.1 2017-10-03 16:16:37.039673239 +0200 +@@ -3170,13 +3170,14 @@ SOL configuration data for the currently + + Enable, disable or show status of SOL payload for the user on the specified channel. + .TP +-\fIset\fP <\fBparameter\fR> <\fBvalue\fR> [<\fBchannel\fR>] ++\fIset\fP <\fBparameter\fR> <\fBvalue\fR> [<\fBchannel\fR>] [\fBnoguard\fR] + .br + + Configure parameters for Serial Over Lan. If no channel is given, + it will display SOL configuration data for the currently used + channel. Configuration parameter updates are automatically guarded +-with the updates to the set\-in\-progress parameter. ++with the updates to the set\-in\-progress parameter, unless \fInoguard\fR ++parameter is present. + .RS + .TP + Valid parameters and values are: +diff -urNp old/lib/ipmi_sol.c new/lib/ipmi_sol.c +--- old/lib/ipmi_sol.c 2017-10-03 16:10:50.447539996 +0200 ++++ new/lib/ipmi_sol.c 2017-10-03 16:18:37.079006949 +0200 +@@ -1875,7 +1875,7 @@ static void + print_sol_usage(void) + { + lprintf(LOG_NOTICE, "SOL Commands: info []"); +- lprintf(LOG_NOTICE, " set [channel]"); ++ lprintf(LOG_NOTICE, " set [channel] [noguard]"); + lprintf(LOG_NOTICE, " payload [channel] [userid]"); + lprintf(LOG_NOTICE, " activate [] [instance=]"); + lprintf(LOG_NOTICE, " deactivate [instance=]"); +@@ -1890,6 +1890,8 @@ print_sol_usage(void) + static void + print_sol_set_usage(void) + { ++ lprintf(LOG_NOTICE, "\nSOL set usage: \n"); ++ lprintf(LOG_NOTICE, " sol set [channel] [noguard]\n"); + lprintf(LOG_NOTICE, "\nSOL set parameters and values: \n"); + lprintf(LOG_NOTICE, " set-in-progress set-complete | " + "set-in-progress | commit-write"); diff --git a/SOURCES/0018-CVE-2020-5208.patch b/SOURCES/0018-CVE-2020-5208.patch new file mode 100644 index 00000000..d6e4bd11 --- /dev/null +++ b/SOURCES/0018-CVE-2020-5208.patch @@ -0,0 +1,365 @@ +From 9f436aae2d85c38e0679049bf09f291773079008 Mon Sep 17 00:00:00 2001 +From: Chrostoper Ertl +Date: Thu, 28 Nov 2019 16:33:59 +0000 +Subject: [PATCH] Fixes for CVE-2020-5208 + +see https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp + +This patch is combination of following commits: + +pick e824c23316ae50beb7f7488f2055ac65e8b341f2 fru: Fix buffer overflow vulnerabilities +pick 840fb1cbb4fb365cb9797300e3374d4faefcdb10 fru: Fix buffer overflow in ipmi_spd_print_fru +pick 41d7026946fafbd4d1ec0bcaca3ea30a6e8eed22 session: Fix buffer overflow in ipmi_get_session_info +pick d45572d71e70840e0d4c50bf48218492b79c1a10 lanp: Fix buffer overflows in get_lan_param_select +pick 7ccea283dd62a05a320c1921e3d8d71a87772637 fru, sdr: Fix id_string buffer overflows + +[vdolezal@redhat.com]: fixed memleak of `spd_data` in + lib/dimm_spd.c:ipmi_spd_print_fru() +--- + lib/dimm_spd.c | 11 ++++++++++- + lib/ipmi_fru.c | 35 ++++++++++++++++++++++++++++++++--- + lib/ipmi_lanp.c | 14 +++++++------- + lib/ipmi_sdr.c | 40 ++++++++++++++++++++++++---------------- + lib/ipmi_session.c | 12 ++++++++---- + 5 files changed, 81 insertions(+), 31 deletions(-) + +diff --git a/lib/dimm_spd.c b/lib/dimm_spd.c +index 41e30db..ebcc94c 100644 +--- a/lib/dimm_spd.c ++++ b/lib/dimm_spd.c +@@ -1621,7 +1621,7 @@ ipmi_spd_print_fru(struct ipmi_intf * intf, uint8_t id) + struct ipmi_rq req; + struct fru_info fru; + uint8_t *spd_data, msg_data[4]; +- int len, offset; ++ uint32_t len, offset; + + msg_data[0] = id; + +@@ -1697,6 +1697,15 @@ ipmi_spd_print_fru(struct ipmi_intf * intf, uint8_t id) + } + + len = rsp->data[0]; ++ if(rsp->data_len < 1 ++ || len > rsp->data_len - 1 ++ || len > fru.size - offset) ++ { ++ printf(" Not enough buffer size"); ++ free(spd_data); ++ spd_data = NULL; ++ return -1; ++ } + memcpy(&spd_data[offset], rsp->data + 1, len); + offset += len; + } while (offset < fru.size); +diff --git a/lib/ipmi_fru.c b/lib/ipmi_fru.c +index cf00eff..98bc984 100644 +--- a/lib/ipmi_fru.c ++++ b/lib/ipmi_fru.c +@@ -615,7 +615,10 @@ int + read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + uint32_t offset, uint32_t length, uint8_t *frubuf) + { +- uint32_t off = offset, tmp, finish; ++ uint32_t off = offset; ++ uint32_t tmp; ++ uint32_t finish; ++ uint32_t size_left_in_buffer; + struct ipmi_rs * rsp; + struct ipmi_rq req; + uint8_t msg_data[4]; +@@ -628,10 +631,12 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + + finish = offset + length; + if (finish > fru->size) { ++ memset(frubuf + fru->size, 0, length - fru->size); + finish = fru->size; + lprintf(LOG_NOTICE, "Read FRU Area length %d too large, " + "Adjusting to %d", + offset + length, finish - offset); ++ length = finish - offset; + } + + memset(&req, 0, sizeof(req)); +@@ -667,6 +672,7 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + } + } + ++ size_left_in_buffer = length; + do { + tmp = fru->access ? off >> 1 : off; + msg_data[0] = id; +@@ -707,9 +713,18 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + } + + tmp = fru->access ? rsp->data[0] << 1 : rsp->data[0]; ++ if(rsp->data_len < 1 ++ || tmp > rsp->data_len - 1 ++ || tmp > size_left_in_buffer) ++ { ++ printf(" Not enough buffer size"); ++ return -1; ++ } ++ + memcpy(frubuf, rsp->data + 1, tmp); + off += tmp; + frubuf += tmp; ++ size_left_in_buffer -= tmp; + /* sometimes the size returned in the Info command + * is too large. return 0 so higher level function + * still attempts to parse what was returned */ +@@ -742,7 +757,9 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + uint32_t offset, uint32_t length, uint8_t *frubuf) + { + static uint32_t fru_data_rqst_size = 20; +- uint32_t off = offset, tmp, finish; ++ uint32_t off = offset; ++ uint32_t tmp, finish; ++ uint32_t size_left_in_buffer; + struct ipmi_rs * rsp; + struct ipmi_rq req; + uint8_t msg_data[4]; +@@ -755,10 +772,12 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + + finish = offset + length; + if (finish > fru->size) { ++ memset(frubuf + fru->size, 0, length - fru->size); + finish = fru->size; + lprintf(LOG_NOTICE, "Read FRU Area length %d too large, " + "Adjusting to %d", + offset + length, finish - offset); ++ length = finish - offset; + } + + memset(&req, 0, sizeof(req)); +@@ -773,6 +792,8 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + if (fru->access && fru_data_rqst_size > 16) + #endif + fru_data_rqst_size = 16; ++ ++ size_left_in_buffer = length; + do { + tmp = fru->access ? off >> 1 : off; + msg_data[0] = id; +@@ -804,8 +825,16 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + } + + tmp = fru->access ? rsp->data[0] << 1 : rsp->data[0]; ++ if(rsp->data_len < 1 ++ || tmp > rsp->data_len - 1 ++ || tmp > size_left_in_buffer) ++ { ++ printf(" Not enough buffer size"); ++ return -1; ++ } + memcpy((frubuf + off)-offset, rsp->data + 1, tmp); + off += tmp; ++ size_left_in_buffer -= tmp; + + /* sometimes the size returned in the Info command + * is too large. return 0 so higher level function +@@ -3033,7 +3062,7 @@ ipmi_fru_print(struct ipmi_intf * intf, struct sdr_record_fru_locator * fru) + return 0; + + memset(desc, 0, sizeof(desc)); +- memcpy(desc, fru->id_string, fru->id_code & 0x01f); ++ memcpy(desc, fru->id_string, __min(fru->id_code & 0x01f, sizeof(desc))); + desc[fru->id_code & 0x01f] = 0; + printf("FRU Device Description : %s (ID %d)\n", desc, fru->device_id); + +diff --git a/lib/ipmi_lanp.c b/lib/ipmi_lanp.c +index 65d881b..022c7f1 100644 +--- a/lib/ipmi_lanp.c ++++ b/lib/ipmi_lanp.c +@@ -1809,7 +1809,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, + if (p == NULL) { + return (-1); + } +- memcpy(data, p->data, p->data_len); ++ memcpy(data, p->data, __min(p->data_len, sizeof(data))); + /* set new ipaddr */ + memcpy(data+3, temp, 4); + printf("Setting LAN Alert %d IP Address to %d.%d.%d.%d\n", alert, +@@ -1824,7 +1824,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, + if (p == NULL) { + return (-1); + } +- memcpy(data, p->data, p->data_len); ++ memcpy(data, p->data, __min(p->data_len, sizeof(data))); + /* set new macaddr */ + memcpy(data+7, temp, 6); + printf("Setting LAN Alert %d MAC Address to " +@@ -1838,7 +1838,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, + if (p == NULL) { + return (-1); + } +- memcpy(data, p->data, p->data_len); ++ memcpy(data, p->data, __min(p->data_len, sizeof(data))); + + if (strncasecmp(argv[1], "def", 3) == 0 || + strncasecmp(argv[1], "default", 7) == 0) { +@@ -1864,7 +1864,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, + if (p == NULL) { + return (-1); + } +- memcpy(data, p->data, p->data_len); ++ memcpy(data, p->data, __min(p->data_len, sizeof(data))); + + if (strncasecmp(argv[1], "on", 2) == 0 || + strncasecmp(argv[1], "yes", 3) == 0) { +@@ -1889,7 +1889,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, + if (p == NULL) { + return (-1); + } +- memcpy(data, p->data, p->data_len); ++ memcpy(data, p->data, __min(p->data_len, sizeof(data))); + + if (strncasecmp(argv[1], "pet", 3) == 0) { + printf("Setting LAN Alert %d destination to PET Trap\n", alert); +@@ -1917,7 +1917,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, + if (p == NULL) { + return (-1); + } +- memcpy(data, p->data, p->data_len); ++ memcpy(data, p->data, __min(p->data_len, sizeof(data))); + + if (str2uchar(argv[1], &data[2]) != 0) { + lprintf(LOG_ERR, "Invalid time: %s", argv[1]); +@@ -1933,7 +1933,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, + if (p == NULL) { + return (-1); + } +- memcpy(data, p->data, p->data_len); ++ memcpy(data, p->data, __min(p->data_len, sizeof(data))); + + if (str2uchar(argv[1], &data[3]) != 0) { + lprintf(LOG_ERR, "Invalid retry: %s", argv[1]); +diff --git a/lib/ipmi_sdr.c b/lib/ipmi_sdr.c +index fd2c02d..01d81f7 100644 +--- a/lib/ipmi_sdr.c ++++ b/lib/ipmi_sdr.c +@@ -2086,7 +2086,7 @@ ipmi_sdr_print_sensor_eventonly(struct ipmi_intf *intf, + return -1; + + memset(desc, 0, sizeof (desc)); +- snprintf(desc, (sensor->id_code & 0x1f) + 1, "%s", sensor->id_string); ++ snprintf(desc, sizeof(desc), "%.*s", (sensor->id_code & 0x1f) + 1, sensor->id_string); + + if (verbose) { + printf("Sensor ID : %s (0x%x)\n", +@@ -2137,7 +2137,7 @@ ipmi_sdr_print_sensor_mc_locator(struct ipmi_intf *intf, + return -1; + + memset(desc, 0, sizeof (desc)); +- snprintf(desc, (mc->id_code & 0x1f) + 1, "%s", mc->id_string); ++ snprintf(desc, sizeof(desc), "%.*s", (mc->id_code & 0x1f) + 1, mc->id_string); + + if (verbose == 0) { + if (csv_output) +@@ -2230,7 +2230,7 @@ ipmi_sdr_print_sensor_generic_locator(struct ipmi_intf *intf, + char desc[17]; + + memset(desc, 0, sizeof (desc)); +- snprintf(desc, (dev->id_code & 0x1f) + 1, "%s", dev->id_string); ++ snprintf(desc, sizeof(desc), "%.*s", (dev->id_code & 0x1f) + 1, dev->id_string); + + if (!verbose) { + if (csv_output) +@@ -2287,7 +2287,7 @@ ipmi_sdr_print_sensor_fru_locator(struct ipmi_intf *intf, + char desc[17]; + + memset(desc, 0, sizeof (desc)); +- snprintf(desc, (fru->id_code & 0x1f) + 1, "%s", fru->id_string); ++ snprintf(desc, sizeof(desc), "%.*s", (fru->id_code & 0x1f) + 1, fru->id_string); + + if (!verbose) { + if (csv_output) +@@ -2491,35 +2491,43 @@ ipmi_sdr_print_name_from_rawentry(struct ipmi_intf *intf, uint16_t id, + + int rc =0; + char desc[17]; ++ const char *id_string; ++ uint8_t id_code; + memset(desc, ' ', sizeof (desc)); + + switch ( type) { + case SDR_RECORD_TYPE_FULL_SENSOR: + record.full = (struct sdr_record_full_sensor *) raw; +- snprintf(desc, (record.full->id_code & 0x1f) +1, "%s", +- (const char *)record.full->id_string); ++ id_code = record.full->id_code; ++ id_string = record.full->id_string; + break; ++ + case SDR_RECORD_TYPE_COMPACT_SENSOR: + record.compact = (struct sdr_record_compact_sensor *) raw ; +- snprintf(desc, (record.compact->id_code & 0x1f) +1, "%s", +- (const char *)record.compact->id_string); ++ id_code = record.compact->id_code; ++ id_string = record.compact->id_string; + break; ++ + case SDR_RECORD_TYPE_EVENTONLY_SENSOR: + record.eventonly = (struct sdr_record_eventonly_sensor *) raw ; +- snprintf(desc, (record.eventonly->id_code & 0x1f) +1, "%s", +- (const char *)record.eventonly->id_string); +- break; ++ id_code = record.eventonly->id_code; ++ id_string = record.eventonly->id_string; ++ break; ++ + case SDR_RECORD_TYPE_MC_DEVICE_LOCATOR: + record.mcloc = (struct sdr_record_mc_locator *) raw ; +- snprintf(desc, (record.mcloc->id_code & 0x1f) +1, "%s", +- (const char *)record.mcloc->id_string); ++ id_code = record.mcloc->id_code; ++ id_string = record.mcloc->id_string; + break; ++ + default: + rc = -1; +- break; +- } ++ } ++ if (!rc) { ++ snprintf(desc, sizeof(desc), "%.*s", (id_code & 0x1f) + 1, id_string); ++ } + +- lprintf(LOG_INFO, "ID: 0x%04x , NAME: %-16s", id, desc); ++ lprintf(LOG_INFO, "ID: 0x%04x , NAME: %-16s", id, desc); + return rc; + } + +diff --git a/lib/ipmi_session.c b/lib/ipmi_session.c +index 141f0f4..b9af1fd 100644 +--- a/lib/ipmi_session.c ++++ b/lib/ipmi_session.c +@@ -309,8 +309,10 @@ ipmi_get_session_info(struct ipmi_intf * intf, + } + else + { +- memcpy(&session_info, rsp->data, rsp->data_len); +- print_session_info(&session_info, rsp->data_len); ++ memcpy(&session_info, rsp->data, ++ __min(rsp->data_len, sizeof(session_info))); ++ print_session_info(&session_info, ++ __min(rsp->data_len, sizeof(session_info))); + } + break; + +@@ -341,8 +343,10 @@ ipmi_get_session_info(struct ipmi_intf * intf, + break; + } + +- memcpy(&session_info, rsp->data, rsp->data_len); +- print_session_info(&session_info, rsp->data_len); ++ memcpy(&session_info, rsp->data, ++ __min(rsp->data_len, sizeof(session_info))); ++ print_session_info(&session_info, ++ __min(rsp->data_len, sizeof(session_info))); + + } while (i <= session_info.session_slot_count); + break; +-- +2.20.1 + diff --git a/SOURCES/0019-CVE-2020-5208_2.patch b/SOURCES/0019-CVE-2020-5208_2.patch new file mode 100644 index 00000000..ec0809b8 --- /dev/null +++ b/SOURCES/0019-CVE-2020-5208_2.patch @@ -0,0 +1,44 @@ +From eb7d138163c835ba5f4c34cd943c05b0e324bcc7 Mon Sep 17 00:00:00 2001 +From: Vaclav Dolezal +Date: Wed, 12 Feb 2020 15:20:32 +0100 +Subject: [PATCH] Partial fix for CVE-2020-5208 + +replacement for patch: +9452be8 channel: Fix buffer overflow + +Signed-off-by: Vaclav Dolezal +--- + lib/ipmi_channel.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/lib/ipmi_channel.c b/lib/ipmi_channel.c +index e1fc75f..81ae82e 100644 +--- a/lib/ipmi_channel.c ++++ b/lib/ipmi_channel.c +@@ -383,6 +383,11 @@ ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type, + val2str(rsp->ccode, completion_code_vals)); + return -1; + } ++ if (rsp->data_len > 17) { ++ lprintf(LOG_ERR, "Get Channel Cipher Suites failed - " ++ "received invalid data"); ++ return -1; ++ } + + + /* +@@ -418,6 +423,11 @@ ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type, + val2str(rsp->ccode, completion_code_vals)); + return -1; + } ++ if (rsp->data_len > 17) { ++ lprintf(LOG_ERR, "Get Channel Cipher Suites failed - " ++ "received invalid data"); ++ return -1; ++ } + } + + /* Copy last chunk */ +-- +2.20.1 + diff --git a/SOURCES/exchange-bmc-os-info b/SOURCES/exchange-bmc-os-info new file mode 100644 index 00000000..c23b507a --- /dev/null +++ b/SOURCES/exchange-bmc-os-info @@ -0,0 +1,326 @@ +#!/bin/sh +############################################################################# +# +# exchange-bmc-os-info: Set OS and BMC (Baseboard Management Controller) +# parameters during system startup. +# +# version: 0.72 +# +# Authors: Charles Rose +# Jordan Hargrave +# +# Description: Script to set OS information in the BMC; fetch BMC IP/URL +# and set in the OS for use by other scripts/user. +# +# BMC IP and URL are made available in /var/run/bmc-info +# +# Example to launch BMC web-interface: +# # . /var/run/bmc-info +# # xdg-open $BMC_URL +# +# See here for details: +# https://fedoraproject.org/wiki/Features/AgentFreeManagement +# +# OEM Specific: OEM specific ipmi commands go in: +# 'oem_set_os_version' and 'oem_get_bmc_url' +############################################################################# +# +# chkconfig: 345 99 00 +# description: Set OS name, hostname in BMC; make BMC IP/URL available in OS +# processname: exchange-bmc-os-info +# config: /etc/sysconfig/exchange-bmc-os-info +# +### BEGIN INIT INFO +# Provides: exchange-bmc-os-info +# Required-Start: ipmi +# Default-Start: 3 4 5 +# Default-Stop: 0 1 2 6 + + +############################################################################# +# GLOBALS +############################################################################# +CONFIGFILE=/etc/sysconfig/exchange-bmc-os-info +IPMI_TOOL=/usr/bin/ipmitool +BMC_INFO=/var/run/bmc-info + +# BMC Manufacturer ID used in 'oem_set_os_version' and 'oem_get_bmc_url' +DELL="674" +#OTHER_OEM="123" + +# Defaults for ${CONFIGFILE} +SET_OS_INFO="yes" +RESET_OS_INFO="no" +SET_BMC_INFO="yes" + +# getsysinfo and setsysinfo commands +IPMI_SET_SYSINFO="${IPMI_TOOL} mc setsysinfo" +IPMI_GET_SYSINFO="${IPMI_TOOL} mc getsysinfo" +############################################################################# +SCRIPT_NAME=$(basename $0) + +# source config +[ -r ${CONFIGFILE} ] && . ${CONFIGFILE} + +RETVAL=0 + +if [ -f /bin/gettext.sh ]; then + GETTEXT=1 + . /bin/gettext.sh + OUTPUT="eval_gettext" +else + GETTEXT=0 + OUTPUT="echo" +fi + +############################################################################# +# Get Vendor ID of BMC for use in 'oem_set_os_version' and 'oem_get_bmc_url' +# +get_bmc_vendor_id() +{ + BMC_VENDOR=$(${IPMI_TOOL} mc info 2>/dev/null | \ + sed -n "s#^Manufacturer ID.*: ##p") + [ -z "${BMC_VENDOR}" ] && RETVAL=4 +} + +# set/getsysinfo support was added to ipmitool post v1.8.12 via this patch +# http://sourceforge.net/mailarchive/message.php?msg_id=29647222 +check_ipmitool() +{ + if [ -x ${IPMI_TOOL} ]; then + [ ! ${IPMI_GET_SYSINFO} >/dev/null 2>&1 ] && \ + RETVAL=3 + else + RETVAL=2 + fi +} + +bmc_exists() +{ + check_ipmitool + [ $RETVAL -eq 0 ] && get_bmc_vendor_id + return $RETVAL +} +############################################################################# + +get_os_info() +{ + OS_HOSTNAME=$(hostname) + KERNEL_VERSION=$(uname -r -m) + + if [ -e /etc/lsb-release ] ; then + . /etc/lsb-release + NAME=${DISTRIB_ID} + VERSION="${DISTRIB_RELEASE} ${DISTRIB_CODENAME}" + fi + + # we prefer systemd's /etc/os-release over other sources + [ -e /etc/os-release ] && . /etc/os-release + + OS_NAME=${NAME} + OS_VERSION="${VERSION} kernel ${KERNEL_VERSION}" +} + +oem_set_os_version() +{ + # OS Version setting is not standard yet + # we need per vendor oem commands + case "${BMC_VENDOR}" in + $DELL) ${IPMI_SET_SYSINFO} delloem_os_version \ + "${OS_VERSION}" > /dev/null 2>&1 + return $? + ;; +# Add OEM specific commands. +# Example: +# $OTHER_OEM) ${IPMI_SET_SYSINFO} otheroem_os_version \ +# "${OS_VERSION}" > /dev/null 2>&1 +# return $? +# ;; + *) return 0 + ;; + esac +} + +set_os_info() +{ + # Set and reset OS info in the BMC + if [ "$1" = "reset" ]; then + OS_NAME="" + OS_HOSTNAME="" + OS_VERSION="" + fi + + ${IPMI_SET_SYSINFO} os_name "${OS_NAME}" >/dev/null 2>&1 \ + || RETVAL=6 + ${IPMI_SET_SYSINFO} primary_os_name "${OS_NAME}" >/dev/null 2>&1 \ + || RETVAL=6 + ${IPMI_SET_SYSINFO} system_name "${OS_HOSTNAME}" >/dev/null 2>&1 \ + || RETVAL=6 + oem_set_os_version || RETVAL=6 +} + +############################################################################# +valid_url() +{ + url="(https?|http)://[a-z0-9-]+(\.[a-z0-9-]+)+([/?].*)?" + printf -- "%s" "${TMP_URL}"| grep -Eq "^${url}" + return $? +} + +oem_get_bmc_url() +{ + # BMC URL is not standard yet + # we need per vendor oem commands + case "$BMC_VENDOR" in + $DELL) TMP_URL=$(${IPMI_GET_SYSINFO} delloem_url 2> /dev/null) + ;; +# Add OEM specific commands +# Example: +# $OTHER_OEM) +# TMP_URL=$(${IPMI_GET_SYSINFO} otheroem_url 2> /dev/null) +# ;; + *) TMP_URL="" ;; + esac + + valid_url && BMC_URL=${TMP_URL} || BMC_URL="" +} + +valid_ip() +{ + #Thanks to mkyong.com + octet="([01]?[[:digit:]][[:digit:]]?|2[0-4][[:digit:]]|25[0-5])" + + printf -- "%s" "${TMP_IPv4}"| grep -Eq "^${octet}\\.${octet}\\.${octet}\\.${octet}$" + return $? +} + +get_bmc_ip() +{ + #Thanks to http://ingvar.blog.redpill-linpro.com + for CHANNEL in `seq 1 14` + do + [ $(${IPMI_TOOL} lan print ${CHANNEL} 2>/dev/null \ + | grep -q "^Set") ] || break + done + + # Get BMC_IPv4 and BMC_URL from BMC + TMP_IPv4=$(${IPMI_TOOL} lan print ${CHANNEL} 2>/dev/null \ + | sed -n "s#^IP Address .*: ##p") + + valid_ip && BMC_IPv4=${TMP_IPv4} || BMC_IPv4="" +} + +get_bmc_info() +{ + get_bmc_ip + if [ -z "${BMC_IPv4}" ] || [ "${BMC_IPv4}" = "0.0.0.0" ]; then + BMC_IPv4="" + RETVAL=5 + else + # URL makes sense only if there is an IP + oem_get_bmc_url + fi +} + +set_bmc_info() +{ + if [ ! $(touch "${BMC_INFO}" && chmod 600 "${BMC_INFO}") ]; then + printf "BMC_IPv4=%s\n" "${BMC_IPv4}" > "${BMC_INFO}" + [ -n "${BMC_URL}" ] && \ + printf "BMC_URL=%s\n" "${BMC_URL}" >> "${BMC_INFO}" + else + RETVAL=5 + fi +} + +unset_bmc_info() +{ + [ -f ${BMC_INFO} ] && rm -f ${BMC_INFO} > /dev/null 2>&1 +} + +############################################################################# +start() +{ + if bmc_exists; then + [ "${SET_OS_INFO}" = "yes" ] && \ + get_os_info && set_os_info + + if [ "${SET_BMC_INFO}" = "yes" ]; then + get_bmc_info + if [ ${RETVAL} -eq 0 ]; then + set_bmc_info + fi + fi + fi +} + +############################################################################# +stop() +{ + if bmc_exists; then + # reset OS info while system reboots + # aids with debugging OS boot-up issues + if [ "${RESET_OS_INFO}" = "yes" ]; then + set_os_info reset + fi + unset_bmc_info + fi +} + +############################################################################# +restart() +{ + stop + [ $RETVAL -eq 0 ] && start +} + +############################################################################# +status() +{ + [ -r ${BMC_INFO} ] && \ + grep -q "BMC_IPv4" "${BMC_INFO}" >/dev/null 1>&2 && \ + BMC_STATUS="ok" || BMC_STATUS="inactive" + ${OUTPUT} "${SCRIPT_NAME}: ${BMC_STATUS}" 1>&2 + [ ${GETTEXT} -eq 1 ] && echo +} + +############################################################################# +usage() +{ + ${OUTPUT} "Usage: ${SCRIPT_NAME} {start|stop|restart|status}" 1>&2 + [ ${GETTEXT} -eq 1 ] && echo + RETVAL=1 +} + +############################################################################# +# MAIN +############################################################################# +case "$1" in + start) start ;; + stop) stop ;; + restart) restart ;; + status) status ;; + *) usage ;; +esac + +case "$RETVAL" in + 0|1) ;; + 2) ${OUTPUT} "${SCRIPT_NAME}: ipmitool(1) not found." 1>&2 ;; + 3) ${OUTPUT} "${SCRIPT_NAME}: this version of ipmitool does not support getsysinfo." 1>&2 ;; + 4) ${OUTPUT} "${SCRIPT_NAME}: failed to communicate with BMC." 1>&2 ;; + 5) ${OUTPUT} "${SCRIPT_NAME}: failed to set OS information in BMC." 1>&2 ;; + 6) ${OUTPUT} "${SCRIPT_NAME}: failed to get BMC information." 1>&2 ;; + *) ${OUTPUT} "${SCRIPT_NAME}: unexpected error." 1>&2 ;; +esac + +if [ ${RETVAL} -gt 1 ]; then + ${OUTPUT} " Return code: ${RETVAL}" 1>&2 + [ ${GETTEXT} -eq 1 ] && echo +fi + + +exit ${RETVAL} + +############################################################################# +# end of file +############################################################################# diff --git a/SOURCES/exchange-bmc-os-info.service b/SOURCES/exchange-bmc-os-info.service new file mode 100644 index 00000000..100493b3 --- /dev/null +++ b/SOURCES/exchange-bmc-os-info.service @@ -0,0 +1,13 @@ +[Unit] +Description=Exchange Information between BMC and OS +After=ipmi.service network.target +Requires=ipmi.service + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/libexec/exchange-bmc-os-info start +ExecStop=/usr/libexec/exchange-bmc-os-info stop + +[Install] +WantedBy=multi-user.target diff --git a/SOURCES/exchange-bmc-os-info.sysconf b/SOURCES/exchange-bmc-os-info.sysconf new file mode 100644 index 00000000..2f0e675b --- /dev/null +++ b/SOURCES/exchange-bmc-os-info.sysconf @@ -0,0 +1,26 @@ +# exchange-bmc-os-info +# +# Config file to control Exchange of information between +# the OS and Service Processor/Baseboard Management Controller (BMC) +# +# See here for details +# https://fedoraproject.org/wiki/Features/AgentFreeManagement + +### Set OS Info in BMC/Service Processor ### +# Name: SET_OS_INFO +# Description: Set OS Name, Version and Hostname in the Service Processor (BMC) +# Default: yes +SET_OS_INFO="yes" + +### Reset OS Info in BMC/Service Processor ### +# Name: RESET_OS_INFO +# Description: Reset OS Name, Version and Hostname in the Service Processor (BMC). +# Useful when the OS Name/Hostname should be empty on reboot +# Default: no +RESET_OS_INFO="no" + +### Set BMC/Service Processor Info in OS ### +# Name; SET_BMC_INFO +# Description: Set IP Address and URL of Service Processor/BMC in /run/bmc-info +# Default: yes +SET_BMC_INFO="yes" diff --git a/SOURCES/ipmievd.service b/SOURCES/ipmievd.service new file mode 100644 index 00000000..88c22c27 --- /dev/null +++ b/SOURCES/ipmievd.service @@ -0,0 +1,13 @@ +[Unit] +Description=Ipmievd Daemon +After=syslog.target +After=ipmi.service + +[Service] +EnvironmentFile=-/etc/sysconfig/ipmievd +ExecStart=/usr/sbin/ipmievd $IPMIEVD_OPTIONS +Type=forking +PIDFile=/var/run/ipmievd.pid + +[Install] +WantedBy=multi-user.target diff --git a/SOURCES/openipmi-ipmievd.sysconf b/SOURCES/openipmi-ipmievd.sysconf new file mode 100644 index 00000000..8cc15e02 --- /dev/null +++ b/SOURCES/openipmi-ipmievd.sysconf @@ -0,0 +1 @@ +IPMIEVD_OPTIONS="sel daemon pidfile=/var/run/ipmievd.pid" diff --git a/SOURCES/set-bmc-url.sh b/SOURCES/set-bmc-url.sh new file mode 100644 index 00000000..a179981a --- /dev/null +++ b/SOURCES/set-bmc-url.sh @@ -0,0 +1,11 @@ +# Export BMC URL +# + +BMC_INFO="/var/run/bmc-info" + +if [ "$(id -u)" = "0" ]; then + [ -f ${BMC_INFO} ] && . ${BMC_INFO} && \ + export "${BMC_URL}" "${BMC_IPv4}" >/dev/null 2>&1 +fi + +unset BMC_INFO diff --git a/SPECS/ipmitool.spec b/SPECS/ipmitool.spec new file mode 100644 index 00000000..1cf36c2f --- /dev/null +++ b/SPECS/ipmitool.spec @@ -0,0 +1,389 @@ +%global _hardened_build 1 + +Name: ipmitool +Summary: Utility for IPMI control +Version: 1.8.18 +Release: 9%{?dist} +License: BSD +Group: System Environment/Base +URL: http://ipmitool.sourceforge.net/ +Source0: http://downloads.sourceforge.net/project/%{name}/%{name}/%{version}/%{name}-%{version}.tar.bz2 +Source1: openipmi-ipmievd.sysconf +Source2: ipmievd.service +Source3: exchange-bmc-os-info.service +Source4: exchange-bmc-os-info.sysconf +Source5: set-bmc-url.sh +Source6: exchange-bmc-os-info + +BuildRequires: openssl-devel readline-devel ncurses-devel +BuildRequires: systemd-units +# bootstrap +BuildRequires: automake autoconf libtool +Requires:OpenIPMI-modalias +Requires(post): systemd-sysv +Requires(post): systemd-units +Requires(preun): systemd-units +Requires(postun): systemd-units +Obsoletes: OpenIPMI-tools < 2.0.14-3 +Provides: OpenIPMI-tools = 2.0.14-3 + +Patch1: 0001-ipmitool-1.8.10-ipmievd-init.patch.patch +Patch2: 0002-ipmitool-1.8.10-ipmievd-condrestart.patch.patch +Patch4: 0004-ipmitool-1.8.11-set-kg-key.patch.patch +Patch7: 0007-ipmitool-1.8.11-remove-umask0.patch.patch +Patch9: 0009-ipmitool-1.8.11-bz1126333-slowswid.patch.patch +Patch10: 0010-ipmitool-1.8.11-bz878614-overname.patch.patch +Patch15: 0015-ID-390-Support-for-new-Communication-Interface-USB-M.patch +Patch16: 0016-ipmitool-1.8.18-verbose.patch +Patch17: 0017-ipmitool-1.8.18-check-input-values.patch +Patch18: 0018-CVE-2020-5208.patch +Patch19: 0019-CVE-2020-5208_2.patch + + +%description +This package contains a utility for interfacing with devices that support +the Intelligent Platform Management Interface specification. IPMI is +an open standard for machine health, inventory, and remote power control. + +This utility can communicate with IPMI-enabled devices through either a +kernel driver such as OpenIPMI or over the RMCP LAN protocol defined in +the IPMI specification. IPMIv2 adds support for encrypted LAN +communications and remote Serial-over-LAN functionality. + +It provides commands for reading the Sensor Data Repository (SDR) and +displaying sensor values, displaying the contents of the System Event +Log (SEL), printing Field Replaceable Unit (FRU) information, reading and +setting LAN configuration, and chassis power control. + +%package -n bmc-snmp-proxy +Requires: net-snmp +Requires: exchange-bmc-os-info +Requires:OpenIPMI-modalias +BuildArch: noarch +Summary: Reconfigure SNMP to include host SNMP agent within BMC +%description -n bmc-snmp-proxy +Given a host with BMC, this package would extend system configuration +of net-snmp to include redirections to BMC based SNMP. + + +%package -n exchange-bmc-os-info +Requires: hostname +Requires: ipmitool OpenIPMI +Requires:OpenIPMI-modalias +BuildArch: noarch +Requires(post): systemd-sysv +Requires(post): systemd-units +Requires(preun): systemd-units +Requires(postun): systemd-units + +Summary: Let OS and BMC exchange info + +%description -n exchange-bmc-os-info +Given a host with BMC, this package would pass the hostname & +OS information to the BMC and also capture the BMC ip info +for the host OS to use. + + +%prep + +%setup -q + +%patch1 -p1 +%patch2 -p1 +%patch4 -p1 +%patch7 -p1 +%patch9 -p1 +%patch10 -p1 +%patch15 -p1 +%patch16 -p1 +%patch17 -p1 +%patch18 -p1 +%patch19 -p1 + +for f in AUTHORS ChangeLog; do + iconv -f iso-8859-1 -t utf8 < ${f} > ${f}.utf8 + mv ${f}.utf8 ${f} +done + +%build +# --disable-dependency-tracking speeds up the build +# --enable-file-security adds some security checks +# --disable-intf-free disables FreeIPMI support - we don't want to depend on +# FreeIPMI libraries, FreeIPMI has its own ipmitoool-like utility. + +# begin: release auto-tools +# Used to be needed by aarch64 support, now only cxoem patch makefiles are left. +aclocal +libtoolize --automake --copy +autoheader +automake --foreign --add-missing --copy +aclocal +autoconf +automake --foreign +# end: release auto-tools + +%configure \ + CFLAGS="%{optflags} -fno-strict-aliasing" \ + --disable-dependency-tracking --enable-file-security --disable-intf-free +make %{?_smp_mflags} + +%install +make DESTDIR=%{buildroot} install + +install -Dpm 644 %{SOURCE2} %{buildroot}%{_unitdir}/ipmievd.service +install -Dpm 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/sysconfig/ipmievd +install -Dm 644 %{SOURCE3} %{buildroot}%{_unitdir}/exchange-bmc-os-info.service +install -Dm 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/sysconfig/exchange-bmc-os-info +install -Dm 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/profile.d/set-bmc-url.sh +install -Dm 755 %{SOURCE6} %{buildroot}%{_libexecdir}/exchange-bmc-os-info + + +install -Dm 644 contrib/bmc-snmp-proxy.sysconf %{buildroot}%{_sysconfdir}/sysconfig/bmc-snmp-proxy +install -Dm 644 contrib/bmc-snmp-proxy.service %{buildroot}%{_unitdir}/bmc-snmp-proxy.service +install -Dm 755 contrib/bmc-snmp-proxy %{buildroot}%{_libexecdir}/bmc-snmp-proxy + +%post +%systemd_post ipmievd.service + +%preun +%systemd_preun ipmievd.service + +%postun +%systemd_postun_with_restart ipmievd.service + +%post -n exchange-bmc-os-info +%systemd_post exchange-bmc-os-info.service + +%preun -n exchange-bmc-os-info +%systemd_preun exchange-bmc-os-info.service + +%postun -n exchange-bmc-os-info +%systemd_postun_with_restart exchange-bmc-os-info.service + + +%triggerun -- ipmievd < 1.8.11-7 +# Save the current service runlevel info +# User must manually run systemd-sysv-convert --apply ipmievd +# to migrate them to systemd targets +/usr/bin/systemd-sysv-convert --save ipmievd >/dev/null 2>&1 ||: + +# Run these because the SysV package being removed won't do them +/sbin/chkconfig --del ipmievd >/dev/null 2>&1 || : +/bin/systemctl try-restart ipmievd.service >/dev/null 2>&1 || : + +%files +%config(noreplace) %{_sysconfdir}/sysconfig/ipmievd +%{_unitdir}/ipmievd.service +%{_bindir}/* +%{_sbindir}/* +%{_mandir}/man*/* +%doc %{_datadir}/doc/ipmitool +%{_datadir}/ipmitool + +%files -n exchange-bmc-os-info +%config(noreplace) %{_sysconfdir}/sysconfig/exchange-bmc-os-info +%{_sysconfdir}/profile.d/set-bmc-url.sh +%{_unitdir}/exchange-bmc-os-info.service +%{_libexecdir}/exchange-bmc-os-info + +%files -n bmc-snmp-proxy +%config(noreplace) %{_sysconfdir}/sysconfig/bmc-snmp-proxy +%{_unitdir}/bmc-snmp-proxy.service +%{_libexecdir}/bmc-snmp-proxy + +%changelog +* Wed Mar 04 2020 Václav Doležal - 0:1.8.18-9 +- Disable -fstrict-aliasing (RPMDiff issue) + +* Tue Mar 03 2020 Václav Doležal - 0:1.8.18-8 +- Backport fix for CVE-2020-5208 + +* Tue Feb 06 2018 Josef Ridky - 0:1.8.18-7 +- Remove debug prints shown without -v option (#1483163) + +* Tue Oct 03 2017 Josef Ridky - 0:1.8.18-6 +- Hide unrequested verbose output (#1483163) +- Fix doc for check input values (#1495098) + +* Mon Apr 10 2017 Josef Ridky - 0:1.8.18-5 +- Remove RPMDiff fix file (#1439269) related to #1398658 + +* Tue Feb 21 2017 Josef Ridky - 0:1.8.18-4 +- Fix RPMDiff issues and rebuild + +* Thu Feb 16 2017 Josef Ridky - 0:1.8.18-3 +- Fix issues with warning: dereferencing type-punned pointer + will break strict-aliasing rules from RPMDiff + +* Mon Feb 13 2017 Josef Ridky - 0:1.8.18-2 +- Fix issue in file sources + +* Thu Feb 02 2017 Josef Ridky - 0:1.8.18-1 +- New upstream release 1.8.18 (#1398658) + +* Tue May 03 2016 Boris Ranto - 0:1.8.15-7 +- New release (0:1.8.15-7) +- ID:437 - sel: Fix "sel time set