Bug 35986 - use the recommended format for CVE fixes in changelog
Summary: use the recommended format for CVE fixes in changelog
Status: CLOSED FIXED
Alias: None
Product: Sisyphus
Classification: Development
Component: postgresql10 (show other bugs)
Version: unstable
Hardware: all Linux
: P3 minor
Assignee: Alexei Takaseev
QA Contact: qa-sisyphus
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-01-28 17:13 MSK by Ivan Zakharyaschev
Modified: 2019-02-14 18:41 MSK (History)
15 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Ivan Zakharyaschev 2019-01-28 17:13:40 MSK 
10.6-alt1

alexey@ has changed the format of the CVE fixes records in the changelog in .spec, so that this information is accessible to automatic processing. The format recommended in ALT is used.

Please take db58f9e5479901587beef9273e526cddfb25f4e4 for the next release (from alexey's git or git://git.altlinux.org/people/imz/packages/postgresql10.git )

commit db58f9e5479901587beef9273e526cddfb25f4e4 (HEAD -> alt, @ALT/alt)
Author: Alexey Appolonov <alexey@altlinux.org>
Date:   Wed Jan 16 20:46:31 2019 +0300

    Modifying existing 'Fixes' entries according to the policy

diff --git a/altlinux/postgresql.spec b/altlinux/postgresql.spec
index 72f41d5d3b..78f37bcecf 100644
--- a/altlinux/postgresql.spec
+++ b/altlinux/postgresql.spec
@@ -744,7 +744,7 @@ fi
 %changelog
 * Thu Nov 08 2018 Alexei Takaseev <taf@altlinux.org> 10.6-alt1
 - 10.6
-- Fix CVE-2018-16850
+- (Fixes: CVE-2018-16850)
 
 * Fri Oct 19 2018 Alexei Takaseev <taf@altlinux.org> 10.5-alt8
 - Disable package libs for --without devel. This will provide
@@ -773,15 +773,15 @@ fi
 
 * Sat Aug 11 2018 Alexei Takaseev <taf@altlinux.org> 10.5-alt1
 - 10.5
-- Fix CVE-2018-10915, CVE-2018-10925
+- (Fixes: CVE-2018-10915, CVE-2018-10925)
 
 * Wed May 09 2018 Alexei Takaseev <taf@altlinux.org> 10.4-alt1
 - 10.4
-- Fix CVE-2018-1115
+- (Fixes: CVE-2018-1115)
 
 * Fri Mar 02 2018 Alexei Takaseev <taf@altlinux.org> 10.3-alt1
 - 10.3
-- Fix CVE-2018-1058
+- (Fixes: CVE-2018-1058)
 
 * Wed Feb 07 2018 Alexei Takaseev <taf@altlinux.org> 10.2-alt1
 - 10.2
@@ -814,7 +814,7 @@ fi
 
 * Wed Aug 09 2017 Alexei Takaseev <taf@altlinux.org> 9.6.4-alt1
 - 9.6.4
-- fix CVE-2017-7547
+- (Fixes: CVE-2017-7547)
 
 * Thu May 11 2017 Alexei Takaseev <taf@altlinux.org> 9.6.3-alt2
 - Add conflict with postgresql for 1C
@@ -937,7 +937,8 @@ fi
 - Fix symlink adjustment when chroot mode enabled.
 
 * Tue Oct 11 2011 Vladimir V. Kamarzin <vvk@altlinux.org> 9.0.5-alt1
-- 9.0.5 fixes CVE-2011-2483.
+- 9.0.5.
+- (Fixes CVE-2011-2483).
 - Disable devel subpackage.
 
 * Wed Apr 27 2011 Vladimir V. Kamarzin <vvk@altlinux.org> 9.0.4-alt1
@@ -951,7 +952,8 @@ fi
 - rebuilt for debuginfo provides
 
 * Wed Feb 02 2011 Vladimir V. Kamarzin <vvk@altlinux.org> 9.0.3-alt1
-- 9.0.3. Fixes CVE-2010-4015.
+- 9.0.3.
+- (Fixes CVE-2010-4015).
 - Chroot scripts: exit silently when PG_CHROOT_DIR is not set.
 - Initscript: remove LOCKFILE when stopping the service.
 

commit 17c1dfa1f30ddaf8976e8ff417bd026d7ce4abae
Author: Alexey Appolonov <alexey@altlinux.org>
Date:   Wed Jan 16 20:45:28 2019 +0300

    Adding missed 'Fixes' entry

diff --git a/altlinux/postgresql.spec b/altlinux/postgresql.spec
index 9f5a416a8f..72f41d5d3b 100644
--- a/altlinux/postgresql.spec
+++ b/altlinux/postgresql.spec
@@ -797,6 +797,7 @@ fi
 - Remove conflicts to PG 9.1, 9.2
 - Cleanup spec
 - Remove chroot dead code
+- (Fixes: CVE-2017-12172, CVE-2017-15098)
 
 * Thu Oct 05 2017 Alexei Takaseev <taf@altlinux.org> 10.0-alt1
 - 10.0
Comment 1 Repository Robot 2019-02-14 18:41:53 MSK 
postgresql10-10.7-alt1 -> sisyphus:

Thu Feb 14 2019 Alexei Takaseev <taf@altlinux> 10.7-alt1
- 10.7
- Build with ICU
- (ALT #35986)