docker-stable

pool/docker-stable

SHA256

Fork 0

Commit Graph

Author	SHA256	Message	Date
Aleksa Sarai	bb577e6225	- Always clear SUSEConnect suse_* secrets when starting containers regardless of whether the daemon was built with SUSEConnect support. Not doing this causes containers from SUSEConnect-enabled daemons to fail to start when running with SUSEConnect-disabled (i.e. upstream) daemons. This was a long-standing issue with our secrets support but until recently this would've required migrating from SLE packages to openSUSE packages (which wasn't supported). However, as SLE Micro 6.x and SLES 16 will move away from in-built SUSEConnect support, this is now a practical issue users will run into. bsc#1244035 + 0001-SECRETS-SUSE-always-clear-our-internal-secrets.patch - Rearrange patches: - 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch + 0002-SECRETS-daemon-allow-directory-creation-in-run-secre.patch - 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch + 0003-SECRETS-SUSE-implement-SUSE-container-secrets.patch - 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch + 0004-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch - 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch + 0005-bsc1073877-apparmor-clobber-docker-default-profile-o.patch - 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch + 0006-SLE12-revert-apparmor-remove-version-conditionals-fr.patch - 0006-CVE-2024-2365x-update-buildkit-to-include-CVE-patche.patch + 0007-CVE-2024-2365x-update-buildkit-to-include-CVE-patche.patch - 0007-bsc1221916-update-to-patched-buildkit-version-to-fix.patch + 0008-bsc1221916-update-to-patched-buildkit-version-to-fix.patch - 0008-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch + 0009-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch - 0009-CVE-2024-41110-AuthZ-plugin-securty-fixes.patch + 0010-CVE-2024-41110-AuthZ-plugin-securty-fixes.patch - 0010-CVE-2024-29018-libnet-Don-t-forward-to-upstream-reso.patch + 0011-CVE-2024-29018-libnet-Don-t-forward-to-upstream-reso.patch - 0011-CVE-2025-22868-vendor-jws-split-token-into-fixed-num.patch + 0012-CVE-2025-22868-vendor-jws-split-token-into-fixed-num.patch - 0012-CVE-2025-22869-vendor-ssh-limit-the-size-of-the-inte.patch + 0013-CVE-2025-22869-vendor-ssh-limit-the-size-of-the-inte.patch - 0013-TESTS-backport-fixes-for-integration-tests.patch + 0014-TESTS-backport-fixes-for-integration-tests.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker-stable?expand=0&rev=25	2025-06-04 06:14:16 +00:00

Author

SHA256

Message

Date

Aleksa Sarai

bb577e6225

- Always clear SUSEConnect suse_* secrets when starting containers regardless

of whether the daemon was built with SUSEConnect support. Not doing this
  causes containers from SUSEConnect-enabled daemons to fail to start when
  running with SUSEConnect-disabled (i.e. upstream) daemons.
  This was a long-standing issue with our secrets support but until recently
  this would've required migrating from SLE packages to openSUSE packages
  (which wasn't supported). However, as SLE Micro 6.x and SLES 16 will move
  away from in-built SUSEConnect support, this is now a practical issue users
  will run into. bsc#1244035
  + 0001-SECRETS-SUSE-always-clear-our-internal-secrets.patch
- Rearrange patches:
  - 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  + 0002-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  - 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  + 0003-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  - 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  + 0004-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  - 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  + 0005-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  - 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
  + 0006-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
  - 0006-CVE-2024-2365x-update-buildkit-to-include-CVE-patche.patch
  + 0007-CVE-2024-2365x-update-buildkit-to-include-CVE-patche.patch
  - 0007-bsc1221916-update-to-patched-buildkit-version-to-fix.patch
  + 0008-bsc1221916-update-to-patched-buildkit-version-to-fix.patch
  - 0008-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch
  + 0009-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch
  - 0009-CVE-2024-41110-AuthZ-plugin-securty-fixes.patch
  + 0010-CVE-2024-41110-AuthZ-plugin-securty-fixes.patch
  - 0010-CVE-2024-29018-libnet-Don-t-forward-to-upstream-reso.patch
  + 0011-CVE-2024-29018-libnet-Don-t-forward-to-upstream-reso.patch
  - 0011-CVE-2025-22868-vendor-jws-split-token-into-fixed-num.patch
  + 0012-CVE-2025-22868-vendor-jws-split-token-into-fixed-num.patch
  - 0012-CVE-2025-22869-vendor-ssh-limit-the-size-of-the-inte.patch
  + 0013-CVE-2025-22869-vendor-ssh-limit-the-size-of-the-inte.patch
  - 0013-TESTS-backport-fixes-for-integration-tests.patch
  + 0014-TESTS-backport-fixes-for-integration-tests.patch

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker-stable?expand=0&rev=25

2025-06-04 06:14:16 +00:00

1 Commits