- Update docker to 1.8.3 version:

* Fix layer IDs lead to local graph poisoning (CVE-2014-8178) (bnc#949660)
  * Fix manifest validation and parsing logic errors allow pull-by-digest validation bypass (CVE-2014-8179)
  * Add `--disable-legacy-registry` to prevent a daemon from using a v1 registry

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=39
This commit is contained in:
Flavio Castelli 2015-10-12 20:33:58 +00:00 committed by Git OBS Bridge
parent b62e4c92da
commit 2e6d120ee5
5 changed files with 18 additions and 16 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:457569ca8edd70293132789bfe51636f86cd8a46a60c6d02d5ee8600cf79f74b
size 7563667

3
docker-1.8.3.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:1bfb9c73593f63508a325f88b4ca1d59a2802784e856f54abe292b2f087b6292
size 6242212

View File

@ -4,11 +4,5 @@ addFilter ("^docker.x86_64: W: statically-linked-binary /usr/lib/docker/dockerin
addFilter ("^docker.x86_64: W: unstripped-binary-or-object /usr/lib/docker/dockerinit") addFilter ("^docker.x86_64: W: unstripped-binary-or-object /usr/lib/docker/dockerinit")
addFilter ("^docker.x86_64: W: no-manual-page-for-binary docker") addFilter ("^docker.x86_64: W: no-manual-page-for-binary docker")
addFilter ("^docker.x86_64: W: no-manual-page-for-binary nsinit") addFilter ("^docker.x86_64: W: no-manual-page-for-binary nsinit")
addFilter ("test.noarch.*: E: devel-file-in-non-devel-package") addFilter ("^docker-test.noarch: W:.*")
addFilter ("test.noarch.*: W: pem-certificate") addFilter ("^docker-test.noarch: E:.*")
addFilter ("test.noarch.*: W: non-executable-script")
addFilter ("test.noarch.*: W: hidden-file-or-dir")
addFilter ("test.noarch.*: W: files-duplicate")
addFilter ("test.noarch.*: W: script-without-shebang /usr/src/docker/docs/README.md")
addFilter ("test.noarch.*: W: sourced-script-with-shebang /etc/bash_completion.d/docker bash")
addFilter ("test.noarch.*: W: suse-filelist-forbidden-fhs23 /usr/src/docker")

View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Mon Oct 12 20:28:46 UTC 2015 - fcastelli@suse.com
- Update docker to 1.8.3 version:
* Fix layer IDs lead to local graph poisoning (CVE-2014-8178) (bnc#949660)
* Fix manifest validation and parsing logic errors allow pull-by-digest validation bypass (CVE-2014-8179)
* Add `--disable-legacy-registry` to prevent a daemon from using a v1 registry
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Sep 10 22:33:01 UTC 2015 - jmassaguerpla@suse.com Thu Sep 10 22:33:01 UTC 2015 - jmassaguerpla@suse.com

View File

@ -16,16 +16,16 @@
# #
%define git_version 0a8c2e3 %define git_version f4bf5c7
%define go_arches %ix86 x86_64 %define go_arches %ix86 x86_64
Name: docker Name: docker
Version: 1.8.2 Version: 1.8.3
Release: 0 Release: 0
Summary: The Linux container runtime Summary: The Linux container runtime
License: Apache-2.0 License: Apache-2.0
Group: System/Management Group: System/Management
Url: http://www.docker.io Url: http://www.docker.io
Source: %{name}-%{version}.tar.gz Source: %{name}-%{version}.tar.xz
Source1: docker.service Source1: docker.service
Source3: 80-docker.rules Source3: 80-docker.rules
Source4: sysconfig.docker Source4: sysconfig.docker
@ -60,7 +60,6 @@ BuildRequires: go-go-md2man
%else %else
BuildRequires: gcc5-go >= 5.0 BuildRequires: gcc5-go >= 5.0
%endif %endif
BuildRequires: fdupes
BuildRequires: libapparmor-devel BuildRequires: libapparmor-devel
BuildRequires: libbtrfs-devel >= 3.8 BuildRequires: libbtrfs-devel >= 3.8
BuildRequires: procps BuildRequires: procps
@ -127,6 +126,7 @@ Requires: go >= 1.4
%else %else
Requires: gcc5-go >= 5.0 Requires: gcc5-go >= 5.0
%endif %endif
BuildRequires: fdupes
Requires: apparmor-parser Requires: apparmor-parser
Requires: bash-completion Requires: bash-completion
Requires: libapparmor-devel Requires: libapparmor-devel
@ -149,7 +149,6 @@ Test package for docker. It contains the source code and the tests.
%patch102 -p1 %patch102 -p1
%endif %endif
cp %{SOURCE7} . cp %{SOURCE7} .
find . -name ".gitignore" | xargs rm
%build %build
%ifnarch %go_arches %ifnarch %go_arches
@ -243,6 +242,7 @@ groupadd -r docker 2>/dev/null || :
%{_bindir}/docker %{_bindir}/docker
%{_sbindir}/rcdocker %{_sbindir}/rcdocker
%{_prefix}/lib/docker/ %{_prefix}/lib/docker/
%{_prefix}/lib/docker/dockerinit
%{_unitdir}/%{name}.service %{_unitdir}/%{name}.service
%{_unitdir}/%{name}.socket %{_unitdir}/%{name}.socket
%{_prefix}/lib/udev/rules.d/80-%{name}.rules %{_prefix}/lib/udev/rules.d/80-%{name}.rules