Uploaded image for project: 'Red Hat Fuse'
  1. Red Hat Fuse
  2. ENTESB-15610

patch:add command from 7.8.0.GA can't extract everything from hot fix patch for 7.8

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • fuse-7.9-GA
    • fuse-7.8-GA
    • Patching
    • None
    • False
    • False
    • % %
    • ?
    • Undefined

      When Fuse 7.8.0.GA is used to patch:find and patch:add a hotfix/cve patch, the descriptor is not fully read. After patch:update, the patch is already added and there are missing entries in extracted (by patch mechanism from 7.8.0.GA) patch descriptor:

      --- fuse-karaf-maintenance-patch-7.8.0.fuse-sb2-780040.patch	2021-01-19 11:55:48.473957906 +0100
+++ /data/servers/fuse-karaf-7.8.0.fuse-780038/patches/fuse-karaf-maintenance-patch-7.8.0.fuse-sb2-780040.patch	2021-01-19 11:40:54.206928506 +0100
@@ -13,8 +13,13 @@
 bundle.4.range = [1.50,2)
 bundle.5 = mvn:org.apache.aries.proxy/org.apache.aries.proxy/1.1.8
 bundle.count = 6
+configPackage.0 = org.bouncycastle/1.68
+configPackage.0.range = [1.66,1.68)
+configPackage.count = 1
 file.0 = lib/ext/bcprov-jdk15on-1.68.jar
+file.0.delete = lib/ext/bcprov-jdk15on-*.jar
 file.1 = lib/ext/bcpkix-jdk15on-1.68.jar
+file.1.delete = lib/ext/bcpkix-jdk15on-*.jar
 file.count = 2
 cve.0 = CVE-2020-28052
 cve.0.description = bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible

              ggrzybek Grzegorz Grzybek
              ggrzybek Grzegorz Grzybek
              Emil Cervenan Emil Cervenan
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: