From b05bad2e19e16806f6d3bb716140e3274b69c24a Mon Sep 17 00:00:00 2001
From: Mawrer Ramirez <mawrer.a.ramirez.martinez@intel.com>
Date: Tue, 9 Apr 2019 07:23:46 -0500
Subject: [PATCH] Update for systemd patches (CVE-2018-15688)

This commit is a complement for the change in the stx-tools repo
(link: https://review.openstack.org/#/c/651340/), the upgrade is
required to fix the CVE-2018-15688.

The fix was done in Jan 2019 by the community and requires the
update of systemd packages.

System-config needs to be updated in order to be aligned with the
new version of systemd-219-62.el7_6.5.

systemd-config.spec:
	Update 'BuildRequires' value for the new systemd version.

update-package-versioning-for-TIS-format.patch:
	Update 'Release' value for the new version of systemd.

0703-fix-build-error-for-CentOS7.6.patch:
	Update process_http_upload function in order to support the
	new type of value '-ENOBUFS' and changes in the index file.

srpm_path:
	Update the 'mirror' value with the new systemd version.

Change-Id: I8f69532833c216f7a369f1b0596dc6607b0f2a7c
Closes-Bug: #1820756
Depends-On: I3fd97d9dabe2350a7af887a0c7de26ec95f7a7d9
Signed-off-by: Mawrer Ramirez <mawrer.a.ramirez.martinez@intel.com>
---
 .../systemd-config/centos/systemd-config.spec |  2 +-
 ...te-package-versioning-for-TIS-format.patch |  4 +--
 .../0703-fix-build-error-for-CentOS7.6.patch  | 25 ++++++++++++-------
 base/systemd/centos/srpm_path                 |  2 +-
 4 files changed, 20 insertions(+), 13 deletions(-)

diff --git a/base/systemd-config/centos/systemd-config.spec b/base/systemd-config/centos/systemd-config.spec
index 5fd73ddd3..c33fa3b80 100644
--- a/base/systemd-config/centos/systemd-config.spec
+++ b/base/systemd-config/centos/systemd-config.spec
@@ -14,7 +14,7 @@ URL: unknown
 Source: %name-%version.tar.gz
 
 BuildArch: noarch
-BuildRequires: systemd = 219-62.el7
+BuildRequires: systemd = 219-62.el7_6.5
 Requires: systemd
 
 %define debug_package %{nil}
diff --git a/base/systemd/centos/meta_patches/update-package-versioning-for-TIS-format.patch b/base/systemd/centos/meta_patches/update-package-versioning-for-TIS-format.patch
index 76e89c68f..fcb7b6c37 100644
--- a/base/systemd/centos/meta_patches/update-package-versioning-for-TIS-format.patch
+++ b/base/systemd/centos/meta_patches/update-package-versioning-for-TIS-format.patch
@@ -15,8 +15,8 @@ index 6bdbb74..3b2aa7f 100644
  Name:           systemd
  Url:            http://www.freedesktop.org/wiki/Software/systemd
  Version:        219
--Release:        62%{?dist}
-+Release:        62.el7%{?_tis_dist}.%{tis_patch_ver}
+-Release:        62%{?dist}.5
++Release:        62.el7_6.5%{?_tis_dist}.%{tis_patch_ver}
  # For a breakdown of the licensing, see README
  License:        LGPLv2+ and MIT and GPLv2+
  Summary:        A System and Service Manager
diff --git a/base/systemd/centos/patches/0703-fix-build-error-for-CentOS7.6.patch b/base/systemd/centos/patches/0703-fix-build-error-for-CentOS7.6.patch
index 0683bd27f..3d9470fe7 100644
--- a/base/systemd/centos/patches/0703-fix-build-error-for-CentOS7.6.patch
+++ b/base/systemd/centos/patches/0703-fix-build-error-for-CentOS7.6.patch
@@ -1,6 +1,6 @@
-From 424bb6c3f56f6c445b7bd3d06150ab2993f1b611 Mon Sep 17 00:00:00 2001
+From bcfe2b0e50fed2a445f4e0dd43f33aee45d9ac5f Mon Sep 17 00:00:00 2001
 From: Shuicheng Lin <shuicheng.lin@intel.com>
-Date: Tue, 8 Jan 2019 20:59:43 +0800
+Date: Tue, 2 Apr 2019 16:43:03 +0000
 Subject: [PATCH] Fix compile failure due to deprecated value
 
 Issue occur after upgrade build tool chain. Fix it per tool chain's
@@ -14,6 +14,7 @@ use MHD_HTTP_NOT_ACCEPTABLE [-Werror]
 "
 
 Signed-off-by: Shuicheng Lin <shuicheng.lin@intel.com>
+Signed-off-by: Mawrer Ramirez <mawrer.a.ramirez.martinez@intel.com>
 ---
  src/journal-remote/journal-gatewayd.c | 4 ++--
  src/journal-remote/journal-remote.c   | 4 ++--
@@ -42,19 +43,26 @@ index d1f0ce3..8364044 100644
  
  
 diff --git a/src/journal-remote/journal-remote.c b/src/journal-remote/journal-remote.c
-index a455fb6..1d7df07 100644
+index e65daf6..9780ecb 100644
 --- a/src/journal-remote/journal-remote.c
 +++ b/src/journal-remote/journal-remote.c
-@@ -526,7 +526,7 @@ static int process_http_upload(
+@@ -526,13 +526,13 @@ static int process_http_upload(
                          log_warning("Failed to process data for connection %p", connection);
-                         if (r == -E2BIG)
+                         if (r == -ENOBUFS)
                                  return mhd_respondf(connection,
 -                                                    MHD_HTTP_REQUEST_ENTITY_TOO_LARGE,
 +                                                    MHD_HTTP_PAYLOAD_TOO_LARGE,
                                                      "Entry is too large, maximum is %u bytes.\n",
                                                      DATA_SIZE_MAX);
-                         else
-@@ -579,7 +579,7 @@ static int request_handler(
+
+                         else if (r == -E2BIG)
+                                 return mhd_respondf(connection,
+-                                                    MHD_HTTP_REQUEST_ENTITY_TOO_LARGE,
++                                                    MHD_HTTP_PAYLOAD_TOO_LARGE,
+                                                     "Entry with more fields than the maximum of %u\n",
+                                                     ENTRY_FIELD_COUNT_MAX);
+
+@@ -586,7 +586,7 @@ static int request_handler(
                                             *connection_cls);
  
          if (!streq(method, "POST"))
@@ -64,5 +72,4 @@ index a455fb6..1d7df07 100644
  
          if (!streq(url, "/upload"))
 -- 
-2.7.4
-
+1.8.3.1
diff --git a/base/systemd/centos/srpm_path b/base/systemd/centos/srpm_path
index bc2313e45..bb7c557b3 100644
--- a/base/systemd/centos/srpm_path
+++ b/base/systemd/centos/srpm_path
@@ -1 +1 @@
-mirror:Source/systemd-219-62.el7.src.rpm
+mirror:Source/systemd-219-62.el7_6.5.src.rpm