Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add patch to fix CVE-2024-27322 in R v4.1.x, v4.2.x, v4.3.x #20462

Merged
merged 1 commit into from
May 6, 2024
Merged

add patch to fix CVE-2024-27322 in R v4.1.x, v4.2.x, v4.3.x #20462

merged 1 commit into from
May 6, 2024

Conversation

boegel
Copy link
Member

@boegel boegel commented May 2, 2024

(created using eb --new-pr)

@boegel boegel added the bug fix label May 2, 2024
@boegel boegel added this to the release after 4.9.1 milestone May 2, 2024
This was referenced May 2, 2024
Merged
Merged
@boegel
Copy link
Member Author

boegel commented May 2, 2024

@boegelbot please test @ generoso
EB_ARGS="--installpath /tmp/$USER/pr20462"
CORE_CNT=16

@boegelbot
Copy link
Collaborator

@boegel: Request for testing this PR well received on login1

PR test command 'EB_PR=20462 EB_ARGS="--installpath /tmp/$USER/pr20462" EB_CONTAINER= EB_REPO=easybuild-easyconfigs /opt/software/slurm/bin/sbatch --job-name test_PR_20462 --ntasks="16" ~/boegelbot/eb_from_pr_upload_generoso.sh' executed!

  • exit code: 0
  • output:
Submitted batch job 13389

Test results coming soon (I hope)...

- notification for comment with ID 2091468226 processed

Message to humans: this is just bookkeeping information for me,
it is of no use to you (unless you think I have a bug, which I don't).

@boegel boegel changed the title add patch to fix CVE in R v4.1.x, v4.2.x, v4.3.x add patch to fix CVE-2024-27322 in R v4.1.x, v4.2.x, v4.3.x May 3, 2024
@boegel
Copy link
Member Author

boegel commented May 3, 2024

Test report by @boegel
SUCCESS
Build succeeded for 2 out of 2 (2 easyconfigs in total)
node3147.skitty.os - Linux RHEL 8.8, x86_64, Intel(R) Xeon(R) Gold 6140 CPU @ 2.30GHz, Python 3.6.8
See https://gist.github.com/boegel/c6194d1273b55c4a13eb813f77cd7de8 for a full test report.

@boegel
Copy link
Member Author

boegel commented May 3, 2024

@boegelbot please test @ jsc-zen3
EB_ARGS="--installpath /tmp/$USER/pr20462 --experimental --parallel-extensions-install"
CORE_CNT=16

@boegelbot
Copy link
Collaborator

@boegel: Request for testing this PR well received on jsczen3l1.int.jsc-zen3.fz-juelich.de

PR test command 'if [[ develop != 'develop' ]]; then EB_BRANCH=develop ./easybuild_develop.sh 2> /dev/null 1>&2; EB_PREFIX=/home/boegelbot/easybuild/develop source init_env_easybuild_develop.sh; fi; EB_PR=20462 EB_ARGS="--installpath /tmp/$USER/pr20462 --experimental --parallel-extensions-install" EB_CONTAINER= EB_REPO=easybuild-easyconfigs EB_BRANCH=develop /opt/software/slurm/bin/sbatch --job-name test_PR_20462 --ntasks="16" ~/boegelbot/eb_from_pr_upload_jsc-zen3.sh' executed!

  • exit code: 0
  • output:
Submitted batch job 4059

Test results coming soon (I hope)...

- notification for comment with ID 2092624020 processed

Message to humans: this is just bookkeeping information for me,
it is of no use to you (unless you think I have a bug, which I don't).

@boegelbot
Copy link
Collaborator

boegelbot commented May 3, 2024
edited by boegel
Loading

Test report by @boegelbot
FAILED
Build succeeded for 6 out of 7 (7 easyconfigs in total)
jsczen3c1.int.jsc-zen3.fz-juelich.de - Linux Rocky Linux 9.3, x86_64, AMD EPYC-Milan Processor (zen3), Python 3.9.18
See https://gist.github.com/boegelbot/76053f52179dc1646c48af0186af55ee for a full test report.

edit (by @boegel) failure for R-4.1.0-foss-2021a.eb can be neglected, since this is on Rocky Linux 9.3

@boegel
Copy link
Member Author

boegel commented May 3, 2024

Test report by @boegel
SUCCESS
Build succeeded for 2 out of 2 (2 easyconfigs in total)
node3138.skitty.os - Linux RHEL 8.8, x86_64, Intel(R) Xeon(R) Gold 6140 CPU @ 2.30GHz, Python 3.6.8
See https://gist.github.com/boegel/b84de7f3059dcf42b41e358450dc159a for a full test report.

@boegel
Copy link
Member Author

boegel commented May 4, 2024

Test report by @boegel
SUCCESS
Build succeeded for 3 out of 3 (3 easyconfigs in total)
node3138.skitty.os - Linux RHEL 8.8, x86_64, Intel(R) Xeon(R) Gold 6140 CPU @ 2.30GHz, Python 3.6.8
See https://gist.github.com/boegel/7868e8d542ca8f78fd86b8486cb2b659 for a full test report.

@boegelbot
Copy link
Collaborator

Test report by @boegelbot
FAILED
Build succeeded for 6 out of 7 (7 easyconfigs in total)
cnx2 - Linux Rocky Linux 8.9, x86_64, Intel(R) Xeon(R) CPU E5-2667 v3 @ 3.20GHz (haswell), Python 3.6.8
See https://gist.github.com/boegelbot/2b398b32e2856dc4f65e374df67c0fd6 for a full test report.

@boegel
Copy link
Member Author

boegel commented May 5, 2024
edited
Loading

@boegelbot please test @ generoso
EB_ARGS="--installpath /tmp/$USER/pr20462 --experimental --parallel-extensions-install R-4.3.2-gfbf-2023a.eb"

@boegelbot
Copy link
Collaborator

@boegel: Request for testing this PR well received on login1

PR test command 'EB_PR=20462 EB_ARGS="--installpath /tmp/$USER/pr20462 --experimental --parallel-extensions-install R-4.3.2-gfbf-2023a.eb" EB_CONTAINER= EB_REPO=easybuild-easyconfigs /opt/software/slurm/bin/sbatch --job-name test_PR_20462 --ntasks=4 ~/boegelbot/eb_from_pr_upload_generoso.sh' executed!

  • exit code: 0
  • output:
Submitted batch job 13403

Test results coming soon (I hope)...

- notification for comment with ID 2094685145 processed

Message to humans: this is just bookkeeping information for me,
it is of no use to you (unless you think I have a bug, which I don't).

@boegelbot
Copy link
Collaborator

boegelbot commented May 5, 2024
edited by boegel
Loading

Test report by @boegelbot
FAILED
Build succeeded for 0 out of 1 (1 easyconfigs in total)
cns1 - Linux Rocky Linux 8.9, x86_64, Intel(R) Xeon(R) CPU E5-2667 v3 @ 3.20GHz (haswell), Python 3.6.8
See https://gist.github.com/boegelbot/92d50387818e95e9724c2a835b3d384b for a full test report.

edit (by @boegel): this failed because there was stuff installed in the bot's home dir, I've manually removed /home/boegelbot/R/x86_64-pc-linux-gnu-library/4.3/

[boegelbot@cns1 ~]$ ls -lrt /home/boegelbot/R/x86_64-pc-linux-gnu-library/4.3/
total 28K
drwxrwxr-x. 11 boegelbot boegelbot 4.0K Mar 13 12:59 renv
drwxrwxr-x. 11 boegelbot boegelbot 4.0K Mar 13 12:59 digest
drwxrwxr-x.  8 boegelbot boegelbot 4.0K Mar 13 12:59 purrr
drwxrwxr-x.  8 boegelbot boegelbot 4.0K Mar 13 12:59 yaml
drwxrwxr-x. 10 boegelbot boegelbot 4.0K Mar 13 12:59 rmarkdown
drwxrwxr-x. 11 boegelbot boegelbot 4.0K Mar 13 13:00 testthat
drwxrwxr-x. 10 boegelbot boegelbot 4.0K Mar 13 13:00 xml2

@boegel
Copy link
Member Author

boegel commented May 6, 2024

@boegelbot please test @ generoso
EB_ARGS="--installpath /tmp/$USER/pr20462 --experimental --parallel-extensions-install R-4.3.2-gfbf-2023a.eb"

@boegelbot
Copy link
Collaborator

@boegel: Request for testing this PR well received on login1

PR test command 'EB_PR=20462 EB_ARGS="--installpath /tmp/$USER/pr20462 --experimental --parallel-extensions-install R-4.3.2-gfbf-2023a.eb" EB_CONTAINER= EB_REPO=easybuild-easyconfigs /opt/software/slurm/bin/sbatch --job-name test_PR_20462 --ntasks=4 ~/boegelbot/eb_from_pr_upload_generoso.sh' executed!

  • exit code: 0
  • output:
Submitted batch job 13406

Test results coming soon (I hope)...

- notification for comment with ID 2095304162 processed

Message to humans: this is just bookkeeping information for me,
it is of no use to you (unless you think I have a bug, which I don't).

@boegelbot
Copy link
Collaborator

Test report by @boegelbot
SUCCESS
Build succeeded for 1 out of 1 (1 easyconfigs in total)
cns2 - Linux Rocky Linux 8.9, x86_64, Intel(R) Xeon(R) CPU E5-2667 v3 @ 3.20GHz (haswell), Python 3.6.8
See https://gist.github.com/boegelbot/14b144a6bc05645837283ed6255971f3 for a full test report.

akesandgren
akesandgren approved these changes May 6, 2024
View reviewed changes
Copy link
Contributor

@akesandgren akesandgren left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@akesandgren
Copy link
Contributor

Going in, thanks @boegel!

@akesandgren akesandgren merged commit 5ed1ac5 into easybuilders:develop May 6, 2024
9 checks passed
@boegel boegel deleted the 20240502220228_new_pr_R410 branch May 6, 2024 09:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@akesandgren akesandgren akesandgren approved these changes

Assignees
No one assigned
Labels
bug fix
Projects
None yet
Milestone
4.9.2
Development

Successfully merging this pull request may close these issues.
3 participants
@boegel @boegelbot @akesandgren