- Update to Docker 19.03.11-ce. See upstream changelog in the packaged
/usr/share/doc/packages/docker/CHANGELOG.md. bsc#1172377 CVE-2020-13401 OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=338
This commit is contained in:
parent
b485d9a3bd
commit
9234962d3a
4
_service
4
_service
@ -3,8 +3,8 @@
|
|||||||
<param name="url">https://github.com/docker/docker-ce.git</param>
|
<param name="url">https://github.com/docker/docker-ce.git</param>
|
||||||
<param name="scm">git</param>
|
<param name="scm">git</param>
|
||||||
<param name="exclude">.git</param>
|
<param name="exclude">.git</param>
|
||||||
<param name="versionformat">19.03.5_ce_%h</param>
|
<param name="versionformat">19.03.11_ce_%h</param>
|
||||||
<param name="revision">v19.03.5</param>
|
<param name="revision">v19.03.11</param>
|
||||||
<param name="filename">docker</param>
|
<param name="filename">docker</param>
|
||||||
</service>
|
</service>
|
||||||
<service name="recompress" mode="disabled">
|
<service name="recompress" mode="disabled">
|
||||||
|
@ -0,0 +1,41 @@
|
|||||||
|
From 90511b7f36b8243baf47e140d7a974db7874e660 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Aleksa Sarai <asarai@suse.de>
|
||||||
|
Date: Wed, 3 Jun 2020 20:38:14 +1000
|
||||||
|
Subject: [PATCH] unexport testcase.Cleanup to fix Go 1.14
|
||||||
|
|
||||||
|
Backport of https://github.com/gotestyourself/gotest.tools/pull/169.
|
||||||
|
|
||||||
|
SUSE-Bugs: bsc#1172377
|
||||||
|
Signed-off-by: Aleksa Sarai <asarai@suse.de>
|
||||||
|
---
|
||||||
|
components/engine/vendor/gotest.tools/x/subtest/context.go | 6 +++---
|
||||||
|
1 file changed, 3 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/components/engine/vendor/gotest.tools/x/subtest/context.go b/components/engine/vendor/gotest.tools/x/subtest/context.go
|
||||||
|
index 878bdebf14d8..bcf13eed54ba 100644
|
||||||
|
--- a/components/engine/vendor/gotest.tools/x/subtest/context.go
|
||||||
|
+++ b/components/engine/vendor/gotest.tools/x/subtest/context.go
|
||||||
|
@@ -27,9 +27,9 @@ func (tc *testcase) Ctx() context.Context {
|
||||||
|
return tc.ctx
|
||||||
|
}
|
||||||
|
|
||||||
|
-// Cleanup runs all cleanup functions. Functions are run in the opposite order
|
||||||
|
+// cleanup runs all cleanup functions. Functions are run in the opposite order
|
||||||
|
// in which they were added. Cleanup is called automatically before Run exits.
|
||||||
|
-func (tc *testcase) Cleanup() {
|
||||||
|
+func (tc *testcase) cleanup() {
|
||||||
|
for _, f := range tc.cleanupFuncs {
|
||||||
|
// Defer all cleanup functions so they all run even if one calls
|
||||||
|
// t.FailNow() or panics. Deferring them also runs them in reverse order.
|
||||||
|
@@ -59,7 +59,7 @@ type parallel interface {
|
||||||
|
func Run(t *testing.T, name string, subtest func(t TestContext)) bool {
|
||||||
|
return t.Run(name, func(t *testing.T) {
|
||||||
|
tc := &testcase{TB: t}
|
||||||
|
- defer tc.Cleanup()
|
||||||
|
+ defer tc.cleanup()
|
||||||
|
subtest(tc)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.26.2
|
||||||
|
|
3
docker-19.03.11_ce_42e35e61f352.tar.xz
Normal file
3
docker-19.03.11_ce_42e35e61f352.tar.xz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:d39dea75d6807992e212b64c79644430730e4f4600bb7c5366932451a792ac40
|
||||||
|
size 10222200
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:8a797fea917592f68ff2dfdbef8ff25af9edb1645dcf5e6a8c5003d611948607
|
|
||||||
size 10094684
|
|
@ -1,3 +1,12 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Jun 2 08:37:06 UTC 2020 - Aleksa Sarai <asarai@suse.com>
|
||||||
|
|
||||||
|
- Update to Docker 19.03.11-ce. See upstream changelog in the packaged
|
||||||
|
/usr/share/doc/packages/docker/CHANGELOG.md. bsc#1172377 CVE-2020-13401
|
||||||
|
- Backport https://github.com/gotestyourself/gotest.tools/pull/169 so that we
|
||||||
|
can build Docker with Go 1.14 (upstream uses Go 1.13).
|
||||||
|
+ bsc1172377-0001-unexport-testcase.Cleanup-to-fix-Go-1.14.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Dec 19 15:42:26 UTC 2019 - Dominique Leuenberger <dimstar@opensuse.org>
|
Thu Dec 19 15:42:26 UTC 2019 - Dominique Leuenberger <dimstar@opensuse.org>
|
||||||
|
|
||||||
|
28
docker.spec
28
docker.spec
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package docker
|
# spec file for package docker
|
||||||
#
|
#
|
||||||
# Copyright (c) 2019 SUSE LLC
|
# Copyright (c) 2020 SUSE LLC
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
@ -42,17 +42,17 @@
|
|||||||
# helpfully injects into our build environment from the changelog). If you want
|
# helpfully injects into our build environment from the changelog). If you want
|
||||||
# to generate a new git_commit_epoch, use this:
|
# to generate a new git_commit_epoch, use this:
|
||||||
# $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP '(?<=^CommitDate: ).*')" '+%s'
|
# $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP '(?<=^CommitDate: ).*')" '+%s'
|
||||||
%define git_version 633a0ea838f1
|
%define git_version 42e35e61f352
|
||||||
%define git_commit_epoch 1573629549
|
%define git_commit_epoch 1591001995
|
||||||
|
|
||||||
# These are the git commits required. We verify them against the source to make
|
# These are the git commits required. We verify them against the source to make
|
||||||
# sure we didn't miss anything important when doing upgrades.
|
# sure we didn't miss anything important when doing upgrades.
|
||||||
%define required_containerd b34a5c8af56e510852c35414db4c1f4fa6172339
|
%define required_containerd 7ad184331fa3e55e52b890ea95e65ba581ae3429
|
||||||
%define required_dockerrunc 3e425f80a8c931f88e6d94a8c831b9d5aa481657
|
%define required_dockerrunc dc9208a3303feef5b3839f4323d9beb36df0a9dd
|
||||||
%define required_libnetwork 3eb39382bfa6a3c42f83674ab080ae13b0e34e5d
|
%define required_libnetwork 153d0769a1181bf591a9637fd487a541ec7db1e6
|
||||||
|
|
||||||
Name: %{realname}%{name_suffix}
|
Name: %{realname}%{name_suffix}
|
||||||
Version: 19.03.5_ce
|
Version: 19.03.11_ce
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: The Moby-project Linux container runtime
|
Summary: The Moby-project Linux container runtime
|
||||||
License: Apache-2.0
|
License: Apache-2.0
|
||||||
@ -83,6 +83,8 @@ Patch300: packaging-0001-revert-Remove-docker-prefix-for-containerd-and-ru
|
|||||||
Patch401: bsc1073877-0001-apparmor-clobber-docker-default-profile-on-start.patch
|
Patch401: bsc1073877-0001-apparmor-clobber-docker-default-profile-on-start.patch
|
||||||
# SUSE-BACKPORT: Backport of https://github.com/docker/docker/pull/39121. bsc#1122469
|
# SUSE-BACKPORT: Backport of https://github.com/docker/docker/pull/39121. bsc#1122469
|
||||||
Patch402: bsc1122469-0001-apparmor-allow-readby-and-tracedby.patch
|
Patch402: bsc1122469-0001-apparmor-allow-readby-and-tracedby.patch
|
||||||
|
# FIX-UPSTREAM: Backport of https://github.com/gotestyourself/gotest.tools/pull/169. bsc#1172377
|
||||||
|
Patch410: bsc1172377-0001-unexport-testcase.Cleanup-to-fix-Go-1.14.patch
|
||||||
# SUSE-FEATURE: Add support to mirror inofficial/private registries
|
# SUSE-FEATURE: Add support to mirror inofficial/private registries
|
||||||
# (https://github.com/docker/docker/pull/34319)
|
# (https://github.com/docker/docker/pull/34319)
|
||||||
Patch500: private-registry-0001-Add-private-registry-mirror-support.patch
|
Patch500: private-registry-0001-Add-private-registry-mirror-support.patch
|
||||||
@ -97,8 +99,8 @@ BuildRequires: libseccomp-devel >= 2.2
|
|||||||
BuildRequires: libtool
|
BuildRequires: libtool
|
||||||
BuildRequires: procps
|
BuildRequires: procps
|
||||||
BuildRequires: sqlite3-devel
|
BuildRequires: sqlite3-devel
|
||||||
BuildRequires: pkgconfig(libsystemd)
|
|
||||||
BuildRequires: zsh
|
BuildRequires: zsh
|
||||||
|
BuildRequires: pkgconfig(libsystemd)
|
||||||
Requires: apparmor-parser
|
Requires: apparmor-parser
|
||||||
Requires: ca-certificates-mozilla
|
Requires: ca-certificates-mozilla
|
||||||
# Required in order for networking to work. fix_bsc_1057743 is a work-around
|
# Required in order for networking to work. fix_bsc_1057743 is a work-around
|
||||||
@ -136,7 +138,7 @@ Recommends: git-core >= 1.7
|
|||||||
Conflicts: lxc < 1.0
|
Conflicts: lxc < 1.0
|
||||||
ExcludeArch: s390 ppc
|
ExcludeArch: s390 ppc
|
||||||
BuildRequires: go-go-md2man
|
BuildRequires: go-go-md2man
|
||||||
BuildRequires: golang(API) >= 1.12
|
BuildRequires: golang(API) >= 1.13
|
||||||
# KUBIC-SPECIFIC: This was required when upgrading from the original kubic
|
# KUBIC-SPECIFIC: This was required when upgrading from the original kubic
|
||||||
# packaging, when everything was renamed to -kubic. It also is
|
# packaging, when everything was renamed to -kubic. It also is
|
||||||
# used to ensure that nothing complains too much when using
|
# used to ensure that nothing complains too much when using
|
||||||
@ -263,6 +265,8 @@ docker container runtime configuration for kubeadm
|
|||||||
%patch401 -p1
|
%patch401 -p1
|
||||||
# bsc#1122469
|
# bsc#1122469
|
||||||
%patch402 -p1
|
%patch402 -p1
|
||||||
|
# bsc#1172377
|
||||||
|
%patch410 -p1
|
||||||
%if "%flavour" == "kubic"
|
%if "%flavour" == "kubic"
|
||||||
# PATCH-SUSE: Mirror patch.
|
# PATCH-SUSE: Mirror patch.
|
||||||
%patch500 -p1
|
%patch500 -p1
|
||||||
@ -349,9 +353,9 @@ popd
|
|||||||
# of the upstream vendoring scripts. This is done on-build to make sure that
|
# of the upstream vendoring scripts. This is done on-build to make sure that
|
||||||
# someone doing an update didn't miss anything.
|
# someone doing an update didn't miss anything.
|
||||||
cd components/engine
|
cd components/engine
|
||||||
grep 'RUNC_COMMIT=%{required_dockerrunc}' hack/dockerfile/install/runc.installer
|
grep 'RUNC_COMMIT:=%{required_dockerrunc}' hack/dockerfile/install/runc.installer
|
||||||
grep 'CONTAINERD_COMMIT=%{required_containerd}' hack/dockerfile/install/containerd.installer
|
grep 'CONTAINERD_COMMIT:=%{required_containerd}' hack/dockerfile/install/containerd.installer
|
||||||
grep 'LIBNETWORK_COMMIT=%{required_libnetwork}' hack/dockerfile/install/proxy.installer
|
grep 'LIBNETWORK_COMMIT:=%{required_libnetwork}' hack/dockerfile/install/proxy.installer
|
||||||
|
|
||||||
%install
|
%install
|
||||||
install -d %{buildroot}%{_bindir}
|
install -d %{buildroot}%{_bindir}
|
||||||
|
Loading…
Reference in New Issue
Block a user