Comment 4 for bug 1917864

Reviewed: https://review.opendev.org/c/starlingx/compile/+/793743
Committed: https://opendev.org/starlingx/compile/commit/30556b9bd01d82af5f6b67ee80afeba5521c8354
Submitter: "Zuul (22348)"
Branch: f/centos8

commit 5f0f710f66852568b3a27bffafaedf0247227984
Author: Chris Friesen <email address hidden>
Date: Wed Jul 15 19:46:08 2020 -0400

    fix net/http caching of broken persistent connections

    The net/http transport code is currently broken, it keeps broken
    persistent connections in the cache if a write error happens during
    h2 handshake.

    This is documented in the upstream bug at:
    https://github.com/golang/go/issues/40213

    The problem occurs because in the "go" compiler the http2 code is
    imported into http as a bundle, with an additional "http2" prefix
    applied. This messes up the erringRoundTripper handling because
    the name doesn't match.

    The solution is to have the "go" compiler look for an interface
    instead, so we add a new dummy function that doesn't actually do
    anything and then the "go" compiler can check whether the specified
    RoundTripper implements the dummy function.

    This is slightly different from the proposed upstream fixes for the
    above upstream bug, it more closely follows how the equivalent
    problem was solved by IsHTTP2NoCachedConnError().

    Change-Id: Ia6e91acb15ff4fe996c8ea9b8a1032cede6c4aab
    Partial-Bug: 1887438
    Signed-off-by: Chris Friesen <email address hidden>

commit 49e4df5e538b239d9267baa28b100fa0edfbec69
Author: Zhixiong Chi <email address hidden>
Date: Fri Mar 5 04:05:50 2021 -0500

    bash: enable to log the shell command

    After merging the upversion commit
     https://review.opendev.org/c/starlingx/compile/+/771784,
    the new version add a condition check "syslog_history" variable to
    enable/disable the syslog of bash command.
    If the syslog_history shopt variable is unset as default, the shell
    commands won't be logged.

    Now we always enable it, since the commands run by every user in a
    login shell need to be logged to /var/log/bash.log. This is very
    important as an aid in troubleshooting and debugging issues.

    Closes-Bug: #1917864

    Change-Id: I4aa2f49a0ea4c54a0e836b8ccb33bcc173653252
    Signed-off-by: Zhixiong Chi <email address hidden>

commit 95c560dffeeeeab6a05766f327a05c06b9b3d65d
Author: Li Zhou <email address hidden>
Date: Wed Jan 27 00:50:01 2021 -0500

    python: fix CVE-2019-9636 CVE-2019-10160 CVE-2019-9948 CVE-2019-16056 in srpm build

    Upgrade python to python-2.7.5-89 for fixing above CVEs.

    This commit need work together with the commit
    <python: fix CVE-2019-9636 CVE-2019-10160 CVE-2019-9948 CVE-2019-16056
    in rpm list> for repository starlingx/tools.

    Depends-On: https://review.opendev.org/c/starlingx/tools/+/772627

    Story: 2008532
    Task: 41665
    Signed-off-by: Li Zhou <email address hidden>
    Change-Id: Iead83a4f8e617bed8182020d21d582273ae1e67e

commit 9af8123c7a2b8277408b47efc9128b9dfdcf5763
Author: Zhixiong Chi <email address hidden>
Date: Thu Jan 21 05:04:45 2021 -0500

    bash: CVE-2019-9924

    Upgrade to bash-4.2.46-34.el7.src.rpm to fix CVE-2019-9924 issue.
    Meanwhile adjust the context for the patch with new source rpm.

    Depends-On: https://review.opendev.org/c/starlingx/tools/+/771787

    Story: 2008532
    Task: 41646
    Change-Id: I4172634cfd9031cfebf4f4d49f539cb679a2f552
    Signed-off-by: Zhixiong Chi <email address hidden>

commit b01b9e73681dd5d0e1d1ef42d2fce3652fd3f060
Author: Don Penney <email address hidden>
Date: Thu Dec 17 13:27:54 2020 -0500

    Add auto-version for remaining stx/compile packages

    Update remaining StarlingX packages with hardcoded TIS_PATCH_VER to
    use PKG_GITREVCOUNT where possible, with offsets as needed to ensure
    the version is incremented above the hardcoded version.

    Story: 2008455
    Task: 41446
    Signed-off-by: Don Penney <email address hidden>
    Change-Id: Ia9d1f01614b99a07e23d3cc4afbc2fa3f33acc93