From f02f743fd5371235dae89e2bd0ccdc1d3a5f53487ef6ccc0b6af716cd3b829a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Mon, 22 Jul 2024 16:59:09 +0200 Subject: [PATCH] Sync from SUSE:SLFO:Main buildah revision 105b30d0ab6bc63624cb29c34c747b6e --- _service | 8 +- _servicedata | 2 +- buildah-1.34.0.tar.xz | 3 - buildah-1.35.4.tar.xz | 3 + buildah-rpmlintrc | 2 - buildah.changes | 175 +++++++++++++++++++++++++++++++++++++++++- buildah.spec | 7 +- 7 files changed, 185 insertions(+), 15 deletions(-) delete mode 100644 buildah-1.34.0.tar.xz create mode 100644 buildah-1.35.4.tar.xz diff --git a/_service b/_service index d10ae49..8017549 100644 --- a/_service +++ b/_service @@ -1,18 +1,18 @@ - + https://github.com/containers/buildah.git git buildah @PARENT_TAG@ v(.*) - v1.34.0 + v1.35.4 enable - + *.tar xz - + buildah diff --git a/_servicedata b/_servicedata index 4508626..3b22847 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://github.com/containers/buildah.git - 21ec7aceb20e475c00bb4d65ae3d5764c59ec997 \ No newline at end of file + c2926eaffff989f0718e171d0beb7ddec5b24902 \ No newline at end of file diff --git a/buildah-1.34.0.tar.xz b/buildah-1.34.0.tar.xz deleted file mode 100644 index 6785cf1..0000000 --- a/buildah-1.34.0.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:de9394dcb8ef52ce449cab479d6c75028559903025f8d281b8eeeaac355390a0 -size 11401860 diff --git a/buildah-1.35.4.tar.xz b/buildah-1.35.4.tar.xz new file mode 100644 index 0000000..85c156f --- /dev/null +++ b/buildah-1.35.4.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:40273dedadfa7c9856257a23732513f4f019c33b5be8f354578dc148baf58416 +size 11846224 diff --git a/buildah-rpmlintrc b/buildah-rpmlintrc index 4b4dbf3..ae4baf2 100644 --- a/buildah-rpmlintrc +++ b/buildah-rpmlintrc @@ -1,5 +1,3 @@ addFilter (".* E: explicit-lib-dependency libcontainers-common") -addFilter (".* E: explicit-lib-dependency libcontainers-image") -addFilter (".* E: explicit-lib-dependency libcontainers-storage") # intentionally disabled addFilter (".* W: unstripped-binary-or-object /usr/bin/buildah") diff --git a/buildah.changes b/buildah.changes index 4b81e00..3600154 100644 --- a/buildah.changes +++ b/buildah.changes @@ -1,7 +1,180 @@ +------------------------------------------------------------------- +Fri May 10 13:56:57 UTC 2024 - danish.prakash@suse.com + +- Update to version 1.35.4: + * [release-1.35] Bump to Buildah v1.35.4 + * [release-1.35] CVE-2024-3727 updates (bsc#1224117) + * integration test: handle new labels in "bud and test --unsetlabel" + * [release-1.35] Bump go-jose CVE-2024-28180 + * [release-1.35] Bump ocicrypt and go-jose CVE-2024-28180 + +------------------------------------------------------------------- +Tue Apr 02 12:49:59 UTC 2024 - dcermak@suse.com + +- Update to version 1.35.3: + * [release-1.35] Bump to Buildah v1.35.3 + * [release-1.35] correctly configure /etc/hosts and resolv.conf + * [release-1.35] buildah: refactor resolv/hosts setup. + * [release-1.35] rename the hostFile var to reflect + * [release-1.35] Bump c/common to v0.58.1 + * [release-1.35] Bump Buildah to v1.35.2 + * [release-1.35] CVE-2024-24786 protobuf to 1.33 + * [release-1.35] Bump to v1.35.2-dev + +------------------------------------------------------------------- +Tue Mar 19 10:23:06 UTC 2024 - dcermak@suse.com + +- Update to version 1.35.1: + * [release-1.35] Bump to v1.35.1 + * [release-1.35] CVE-2024-1753 container escape fix (bsc#1221677) + +------------------------------------------------------------------- +Mon Mar 18 11:25:51 UTC 2024 - Dan Čermák + +- Buildah dropped cni support, require netavark instead (boo#1221243) + +------------------------------------------------------------------- +Thu Mar 14 08:30:53 UTC 2024 - Dan Čermák + +- Remove obsolete requires libcontainers-image & libcontainers-storage + +------------------------------------------------------------------- +Thu Mar 14 05:32:57 UTC 2024 - Danish Prakash + +- Require passt for rootless networking (poo#156955) + Buildah moved to passt/pasta for rootless networking from slirp4netns + (https://github.com/containers/common/pull/1846) + +------------------------------------------------------------------- +Thu Mar 07 15:46:25 UTC 2024 - dcermak@suse.com + +- Update to version 1.35.0: + * Bump v1.35.0 + * Bump c/common v0.58.0, c/image v5.30.0, c/storage v1.53.0 + * conformance tests: don't break on trailing zeroes in layer blobs + * Add a conformance test for copying to a mounted prior stage + * fix(deps): update module github.com/stretchr/testify to v1.9.0 + * cgroups: reuse version check from c/common + * Update vendor of containers/(common,image) + * fix(deps): update github.com/containers/storage digest to eadc620 + * fix(deps): update github.com/containers/luksy digest to ceb12d4 + * fix(deps): update github.com/containers/image/v5 digest to cdc6802 + * manifest add: complain if we get artifact flags without --artifact + * Use retry logic from containers/common + * Vendor in containers/(storage,image,common) + * Update module golang.org/x/crypto to v0.20.0 + * Add comment re: Total Success task name + * tests: skip_if_no_unshare(): check for --setuid + * Properly handle build --pull=false + * [skip-ci] Update tim-actions/get-pr-commits action to v1.3.1 + * Update module go.etcd.io/bbolt to v1.3.9 + * Revert "Reduce official image size" + * Update module github.com/opencontainers/image-spec to v1.1.0 + * Reduce official image size + * Build with CNI support on FreeBSD + * build --all-platforms: skip some base "image" platforms + * Bump main to v1.35.0-dev + * Vendor in latest containers/(storage,image,common) + * Split up error messages for missing --sbom related flags + * `buildah manifest`: add artifact-related options + * cmd/buildah/manifest.go: lock lists before adding/annotating/pushing + * cmd/buildah/manifest.go: don't make struct declarations aliases + * Use golang.org/x/exp/slices.Contains + * Disable loong64 again + * Fix a couple of typos in one-line comments + * egrep is obsolescent; use grep -E + * Try Cirrus with a newer VM version + * Set CONTAINERS_CONF in the chroot-mount-flags integration test + * Update to match dependency API update + * Update github.com/openshift/imagebuilder and containers/common + * docs: correct default authfile path + * fix(deps): update module github.com/containerd/containerd to v1.7.13 + * tests: retrofit test for heredoc summary + * build, heredoc: show heredoc summary in build output + * manifest, push: add support for --retry and --retry-delay + * fix(deps): update github.com/openshift/imagebuilder digest to b767bc3 + * imagebuildah: fix crash with empty RUN + * fix(deps): update github.com/containers/luksy digest to b62d551 + * fix(deps): update module github.com/opencontainers/runc to v1.1.12 [security] + * fix(deps): update module github.com/moby/buildkit to v0.12.5 [security] + * Make buildah match podman for handling of ulimits + * docs: move footnotes to where they're applicable + * Allow users to specify no-dereference + * Run codespell on code + * Fix FreeBSD version parsing + * Fix a build break on FreeBSD + * Remove a bad FROM line + * fix(deps): update module github.com/onsi/gomega to v1.31.1 + * fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc6 + * docs: use reversed logo for dark theme in README + * build,commit: add --sbom to scan and produce SBOMs when committing + * commit: force omitHistory if the parent has layers but no history + * docs: fix a couple of typos + * internal/mkcw.Archive(): handle extra image content + * stage_executor,heredoc: honor interpreter in heredoc + * stage_executor,layers: burst cache if heredoc content is changed + * fix(deps): update module golang.org/x/crypto to v0.18.0 + * Replace map[K]bool with map[K]struct{} where it makes sense + * fix(deps): update module golang.org/x/sync to v0.6.0 + * fix(deps): update module golang.org/x/term to v0.16.0 + * Bump CI VMs + * Replace strings.SplitN with strings.Cut + * fix(deps): update github.com/containers/storage digest to ef81e9b + * fix(deps): update github.com/containers/image/v5 digest to 1b221d4 + * fix(deps): update module github.com/fsouza/go-dockerclient to v1.10.1 + * Document use of containers-transports values in buildah + * fix(deps): update module golang.org/x/crypto to v0.17.0 [security] + * chore(deps): update dependency containers/automation_images to v20231208 + * manifest: addCompression use default from containers.conf + * commit: add a --add-file flag + * mkcw: populate the rootfs using an overlay + * chore(deps): update dependency containers/automation_images to v20230517 + * [skip-ci] Update actions/stale action to v9 + * fix(deps): update module github.com/containernetworking/plugins to v1.4.0 + * fix(deps): update github.com/containers/image/v5 digest to 7a40fee + * Bump to v1.34.1-dev + * Ignore errors if label.Relabel returns ENOSUP + +------------------------------------------------------------------- +Wed Feb 28 17:18:07 UTC 2024 - Danish Prakash + +- Require cni-plugins (bsc#1220568) + +------------------------------------------------------------------- +Fri Feb 23 06:24:24 UTC 2024 - dcermak@suse.com + +- Update to version 1.34.1: + * [release-1.34] Bump to v1.34.1 + * [release-1.34] Vendor bumps (fixes bsc#1219563) + * manifest: addCompression use default from containers.conf + * Build with CNI support on FreeBSD + * tests: retrofit test for heredoc summary + * build, heredoc: show heredoc summary in build output + * docs: correct default authfile path + * Make buildah match podman for handling of ulimits + * imagebuildah: fix crash with empty RUN + * docs: move footnotes to where they're applicable + * Run codespell on code + * Fix FreeBSD version parsing + * Allow users to specify no-dereference + * Fix a build break on FreeBSD + * Remove a bad FROM line + * commit: force omitHistory if the parent has layers but no history + * docs: fix a couple of typos + * stage_executor,heredoc: honor interpreter in heredoc + * stage_executor,layers: burst cache if heredoc content is changed + * Replace map[K]bool with map[K]struct{} where it makes sense + * Replace strings.SplitN with strings.Cut + * Document use of containers-transports values in buildah + * commit: add a --add-file flag + * mkcw: populate the rootfs using an overlay + * Ignore errors if label.Relabel returns ENOSUP + * manifest: addCompression use default from containers.conf + ------------------------------------------------------------------- Thu Feb 22 12:59:44 UTC 2024 - Thorsten Kukuk -- Allow to disable apparmor support (ALP supports only SELinux) +- Allow to disable apparmor support (ALP supports only SELinux) ------------------------------------------------------------------- Thu Dec 14 07:42:07 UTC 2023 - danish.prakash@suse.com diff --git a/buildah.spec b/buildah.spec index 0f80c69..90e1abd 100644 --- a/buildah.spec +++ b/buildah.spec @@ -19,7 +19,7 @@ %define project github.com/containers/buildah Name: buildah -Version: 1.34.0 +Version: 1.35.4 Release: 0 Summary: Tool for building OCI containers License: Apache-2.0 @@ -42,10 +42,9 @@ BuildRequires: libbtrfs-devel BuildRequires: libgpgme-devel BuildRequires: libseccomp-devel BuildRequires: golang(API) >= 1.21 -Requires: cni +Requires: netavark Requires: libcontainers-common -Requires: libcontainers-image -Requires: libcontainers-storage +Requires: passt Requires: runc >= 1.0.2 Requires: slirp4netns %{go_nostrip}