pool/runc
SHA256
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
166 Commits 2 Branches 0 Tags 3.1 MiB
factory
Commit Graph

166 Commits

This Branch
This Branch
All Branches
Author SHA256 Message Date
Aleksa Sarai
6a4e9d3d6c Accepting request 903380 from home:cyphar:docker 
Cherry-pick patch correctly so it applies cleanly...

OBS-URL: https://build.opensuse.org/request/show/903380
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=115
 2021-07-01 10:36:06 +00:00
Aleksa Sarai
53ec3e1834 Accepting request 903342 from home:cyphar:docker 
- Backport <https://github.com/opencontainers/runc/pull/3055> to fix issues
  with runc under openSUSE MicroOS's SELinux policy. boo#1187704
  + boo1187704-0001-cgroupv2-ebpf-ignore-inaccessible-existing-programs.patch

OBS-URL: https://build.opensuse.org/request/show/903342
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=114
 2021-07-01 06:17:25 +00:00
Dirk Mueller
0b604a862b Accepting request 901272 from home:cyphar:docker 
- Update to runc v1.0.0. Upstream changelog is available from
  https://github.com/opencontainers/runc/releases/tag/v1.0.0

  ! The usage of relative paths for mountpoints will now produce a warning
    (such configurations are outside of the spec, and in future runc will
    produce an error when given such configurations).

  * cgroupv2: devices: rework the filter generation to produce consistent
    results with cgroupv1, and always clobber any existing eBPF
    program(s) to fix runc update and avoid leaking eBPF programs
    (resulting in errors when managing containers).
  * cgroupv2: correctly convert "number of IOs" statistics in a
    cgroupv1-compatible way.
  * cgroupv2: support larger than 32-bit IO statistics on 32-bit architectures.
  * cgroupv2: wait for freeze to finish before returning from the freezing
    code, optimize the method for checking whether a cgroup is frozen.
  * cgroups/systemd: fixed "retry on dbus disconnect" logic introduced in rc94
  * cgroups/systemd: fixed returning "unit already exists" error from a systemd
    cgroup manager (regression in rc94)

  + cgroupv2: support SkipDevices with systemd driver
  + cgroup/systemd: return, not ignore, stop unit error from Destroy
  + Make "runc --version" output sane even when built with go get or
    otherwise outside of our build scripts.
  + cgroups: set SkipDevices during runc update (so we don't modify
    cgroups at all during runc update).
  + cgroup1: blkio: support BFQ weights.
  + cgroupv2: set per-device io weights if BFQ IO scheduler is available.

OBS-URL: https://build.opensuse.org/request/show/901272
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=113
 2021-06-22 06:34:42 +00:00
Dominique Leuenberger
527af93c54 Accepting request 894286 from Virtualization:containers 
OBS-URL: https://build.opensuse.org/request/show/894286
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/runc?expand=0&rev=38
 2021-05-20 17:23:42 +00:00
Aleksa Sarai
ffc5721921 Accepting request 894285 from home:cyphar:docker 
- Update to runc v1.0.0~rc95. Upstream changelog is available from
  https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc95

  This release of runc contains a fix for CVE-2021-30465, and users are
  strongly recommended to update (especially if you are providing
  semi-limited access to spawn containers to untrusted users). bsc#1185405

OBS-URL: https://build.opensuse.org/request/show/894285
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=111
 2021-05-19 10:09:39 +00:00
Dominique Leuenberger
957720091c Accepting request 892392 from Virtualization:containers 
OBS-URL: https://build.opensuse.org/request/show/892392
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/runc?expand=0&rev=37
 2021-05-15 21:15:28 +00:00
Aleksa Sarai
b43f769557 Accepting request 892389 from home:cyphar:docker 
- Update to runc v1.0.0~rc94. Upstream changelog is available from
  https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc94
  Breaking Changes:
  * cgroupv1: kernel memory limits are now always ignored, as kmemcg has
    been effectively deprecated by the kernel. Users should make use of regular
    memory cgroup controls.
  Regression Fixes:
  * seccomp: fix 32-bit compilation errors
  * runc init: fix a hang caused by deadlock in seccomp/ebpf loading code
  * runc start: fix "chdir to cwd: permission denied" for some setups
- Remove upstreamed patches:
  - 0001-cloned_binary-switch-from-error-to-warning-for-SYS_m.patch

OBS-URL: https://build.opensuse.org/request/show/892389
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=109
 2021-05-12 08:08:56 +00:00
Dominique Leuenberger
cc70148afb Accepting request 888385 from Virtualization:containers 
OBS-URL: https://build.opensuse.org/request/show/888385
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/runc?expand=0&rev=36
 2021-04-27 19:34:09 +00:00
Aleksa Sarai
89808d395e Accepting request 888384 from home:cyphar:docker 
- Backport patch to fix build on SLE-12 ppc64le.
  + 0001-cloned_binary-switch-from-error-to-warning-for-SYS_m.patch

OBS-URL: https://build.opensuse.org/request/show/888384
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=107
 2021-04-26 08:00:58 +00:00
Dominique Leuenberger
9fde01e164 Accepting request 886967 from Virtualization:containers 
OBS-URL: https://build.opensuse.org/request/show/886967
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/runc?expand=0&rev=35
 2021-04-21 18:58:57 +00:00
Aleksa Sarai
c0e255523d Accepting request 886957 from home:cyphar:docker 
Add new BZ reference.

OBS-URL: https://build.opensuse.org/request/show/886957
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=105
 2021-04-20 10:41:16 +00:00
Richard Brown
838f226703 Accepting request 876335 from Virtualization:containers 
OBS-URL: https://build.opensuse.org/request/show/876335
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/runc?expand=0&rev=34
 2021-03-03 17:34:50 +00:00
Aleksa Sarai
23b10a8174 Accepting request 876332 from home:cyphar:docker 
Add BZ reference.

OBS-URL: https://build.opensuse.org/request/show/876332
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=103
 2021-03-03 03:06:45 +00:00
Dominique Leuenberger
4df0952c85 Accepting request 869059 from Virtualization:containers 
- Update to runc v1.0.0~rc93. Upstream changelog is available from
  https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc93
  * Cgroupv2 support is no longer considered experimental.
  * Mountinfo parsing code has been reworked significantly.
  * Special ENOSYS handling for seccomp profiles to avoid making new
	syscalls unusable for glibc.
  * Various rootless containers improvements.
  * The "selinux" and "apparmor" buildtags have been removed, and now all runc
    builds will have SELinux and AppArmor support enabled.
- Update to handle the docker-runc removal. bsc#1181677
- Modernise go building for runc now that it has go.mod.

OBS-URL: https://build.opensuse.org/request/show/869059
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/runc?expand=0&rev=33
 2021-02-04 19:22:53 +00:00
Aleksa Sarai
153f71ec48 Accepting request 869056 from home:cyphar:docker 
runc 1.0.0-rc93 update.

OBS-URL: https://build.opensuse.org/request/show/869056
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=101
 2021-02-04 00:26:20 +00:00
Aleksa Sarai
819ff378e5 - Update to Docker 20.10.3-ce. See upstream changelog in the packaged 
/usr/share/doc/packages/docker/CHANGELOG.md. CVE-2021-21285 CVE-2021-21284
- Drop docker-runc, docker-test and docker-libnetwork packages. We now just use
  the upstream runc package (it's stable enough and Docker no longer pins git
  versions). docker-libnetwork is so unstable that it doesn't have any
  versioning scheme and so it really doesn't make sense to maintain the project
  as a separate package. bsc#1181641 bsc#1181677

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=100
 2021-02-02 22:19:53 +00:00
Dominique Leuenberger
cc902a25e7 Accepting request 830453 from Virtualization:containers 
OBS-URL: https://build.opensuse.org/request/show/830453
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/runc?expand=0&rev=32
 2020-08-31 14:47:44 +00:00
Aleksa Sarai
5039dc9cd9 Accepting request 830206 from home:rhafer:branches:Virtualization:containers 
- Upgrade to runc v1.0.0~rc92 (bsc#1175821). Upstream changelog is
  available from https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc92
  * Updates to CRIU support.
  * Improvements to cgroupfs performance and correctness.

OBS-URL: https://build.opensuse.org/request/show/830206
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=98
 2020-08-29 09:35:30 +00:00
Dominique Leuenberger
7d9f939ac7 Accepting request 818193 from Virtualization:containers 
OBS-URL: https://build.opensuse.org/request/show/818193
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/runc?expand=0&rev=31
 2020-07-06 14:14:00 +00:00
Aleksa Sarai
efa986a2bb Accepting request 818188 from home:cyphar:docker 
- Upgrade to runc v1.0.0~rc91. Upstream changelog is available from
  https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc91

  * This release of runc has experimental support for cgroupv2-only systems.

- Remove upstreamed patches:
  - bsc1149954-0001-sd-notify-do-not-hang-when-NOTIFY_SOCKET-is-used-wit.patch
  - bsc1168481-0001-cgroup-devices-major-cleanups-and-minimal-transition.patch

OBS-URL: https://build.opensuse.org/request/show/818188
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=96
 2020-07-02 01:50:30 +00:00
Dominique Leuenberger
5b90164482 Accepting request 804891 from Virtualization:containers 
- Backport https://github.com/opencontainers/runc/pull/2391 to help fix
  bsc#1168481.
  + bsc1168481-0001-cgroup-devices-major-cleanups-and-minimal-transition.patch

OBS-URL: https://build.opensuse.org/request/show/804891
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/runc?expand=0&rev=30
 2020-05-14 21:22:28 +00:00
Aleksa Sarai
5dbfe9576f Accepting request 804873 from home:cyphar:docker 
- Backport https://github.com/opencontainers/runc/pull/2391 to help fix
  bsc#1168481.
  + bsc1168481-0001-cgroup-devices-major-cleanups-and-minimal-transition.patch

OBS-URL: https://build.opensuse.org/request/show/804873
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=94
 2020-05-13 07:16:34 +00:00
Dominique Leuenberger
dc99a76031 Accepting request 793810 from Virtualization:containers 
OBS-URL: https://build.opensuse.org/request/show/793810
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/runc?expand=0&rev=29
 2020-04-15 17:53:41 +00:00
Aleksa Sarai
f91cfb6e11 Accepting request 793807 from home:rhafer:branches:Virtualization:containers 
- Renamed patch:
  0001-sd-notify-do-not-hang-when-NOTIFY_SOCKET-is-used-wit.patch
  to
  bsc1149954-0001-sd-notify-do-not-hang-when-NOTIFY_SOCKET-is-used-wit.patch

- Added fix for bsc#1149954
  * 0001-sd-notify-do-not-hang-when-NOTIFY_SOCKET-is-used-wit.patch
    (cherry pick of https://github.com/opencontainers/runc/pull/1807)

OBS-URL: https://build.opensuse.org/request/show/793807
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=92
 2020-04-14 10:22:21 +00:00
Dominique Leuenberger
3aab3b1c93 Accepting request 769817 from Virtualization:containers 
OBS-URL: https://build.opensuse.org/request/show/769817
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/runc?expand=0&rev=28
 2020-02-06 12:19:01 +00:00
Aleksa Sarai
4cc7da61f8 Accepting request 766566 from home:iznogood:branches:Virtualization:containers 
- Change packagewide go version to be greater or equal to 1.10.

OBS-URL: https://build.opensuse.org/request/show/766566
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=90
 2020-02-04 02:30:22 +00:00
Dominique Leuenberger
cb9a499840 Accepting request 766725 from Virtualization:containers 
OBS-URL: https://build.opensuse.org/request/show/766725
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/runc?expand=0&rev=27
 2020-01-30 08:30:55 +00:00
Aleksa Sarai
189d2c49bd Accepting request 766724 from home:cyphar:docker 
runc 1.0.0-rc10 update

OBS-URL: https://build.opensuse.org/request/show/766724
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=88
 2020-01-24 03:07:47 +00:00
Dominique Leuenberger
341d59c649 Accepting request 765105 from Virtualization:containers 
OBS-URL: https://build.opensuse.org/request/show/765105
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/runc?expand=0&rev=26
 2020-01-23 15:07:57 +00:00
Aleksa Sarai
da44978e96 Accepting request 765103 from home:cyphar:docker 
- Update CVE-2019-19921 patch to match upstream PR.
  * CVE-2019-19921.patch

OBS-URL: https://build.opensuse.org/request/show/765103
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=86
 2020-01-17 03:34:42 +00:00
Dominique Leuenberger
0cad9de1a9 Accepting request 764685 from Virtualization:containers 
CVE-2019-19921

OBS-URL: https://build.opensuse.org/request/show/764685
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/runc?expand=0&rev=25
 2020-01-16 17:19:36 +00:00
Aleksa Sarai
a2c407c28a Accepting request 764682 from home:cyphar:docker 
Add bug reference for CVE-2019-19921.

OBS-URL: https://build.opensuse.org/request/show/764682
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=84
 2020-01-15 14:07:23 +00:00
Aleksa Sarai
066a3bfeaa Accepting request 764148 from home:cyphar:docker 
- Add backported fix for CVE-2019-19921.
  + CVE-2019-19921.patch

OBS-URL: https://build.opensuse.org/request/show/764148
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=83
 2020-01-14 04:49:43 +00:00
Dominique Leuenberger
60b57e9e19 Accepting request 735405 from Virtualization:containers 
OBS-URL: https://build.opensuse.org/request/show/735405
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/runc?expand=0&rev=24
 2019-10-10 09:50:05 +00:00
Aleksa Sarai
0f2a74731d Accepting request 735404 from home:cyphar:containers:maint 
- Upgrade to runc v1.0.0~rc9. Upstream changelog is available from
  https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc9
- Remove upstreamed patches:
  - CVE-2019-16884.patch

OBS-URL: https://build.opensuse.org/request/show/735404
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=81
 2019-10-05 11:52:50 +00:00
Aleksa Sarai
58623da251 Accepting request 733834 from home:cyphar:containers:maint 
Add reference to bsc#1152308.

OBS-URL: https://build.opensuse.org/request/show/733834
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=80
 2019-09-28 11:41:04 +00:00
Aleksa Sarai
3def4f837a Fix From: line for CVE-2019-16884. 
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=79
 2019-09-27 20:22:13 +00:00
Aleksa Sarai
b326742dd0 Accepting request 733753 from home:cyphar:containers:maint 
Add /proc/self/fd protections to CVE-2019-16884.patch.

OBS-URL: https://build.opensuse.org/request/show/733753
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=78
 2019-09-27 20:18:17 +00:00
Aleksa Sarai
0bdfb449d1 Accepting request 733530 from home:cyphar:containers:maint 
Fix CVE patch.

OBS-URL: https://build.opensuse.org/request/show/733530
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=77
 2019-09-27 03:17:22 +00:00
Aleksa Sarai
f3a10f34bd Accepting request 733478 from home:cyphar:containers:maint 
- Add backported fix for CVE-2019-16884.
  + CVE-2019-16884.patch
- Add runc-rpmlintrc to drop runc-test rpmlint warnings.

OBS-URL: https://build.opensuse.org/request/show/733478
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=76
 2019-09-26 15:15:16 +00:00
Dominique Leuenberger
c1c85d71d9 Accepting request 699413 from Virtualization:containers 
OBS-URL: https://build.opensuse.org/request/show/699413
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/runc?expand=0&rev=23
 2019-05-02 17:14:41 +00:00
Aleksa Sarai
48d20bc916 Accepting request 699412 from home:cyphar:runc 
- Upgrade to runc v1.0.0~rc8. Upstream changelog is available from
  https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc8
- Includes upstreamed patches for regressions (bsc#1131314 bsc#1131553).
- Remove upstreamed patches:
  - CVE-2019-5736.patch

OBS-URL: https://build.opensuse.org/request/show/699412
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=74
 2019-04-29 12:05:18 +00:00
Stephan Kulow
5f213fa519 Accepting request 674113 from Virtualization:containers 
OBS-URL: https://build.opensuse.org/request/show/674113
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/runc?expand=0&rev=22
 2019-02-24 16:03:54 +00:00
Aleksa Sarai
ba0b485e9f Accepting request 674111 from home:cyphar:cve-2019-5736 
- Add fix for CVE-2019-5736 (effectively copying /proc/self/exe during re-exec
  to avoid write attacks to the host runc binary). bsc#1121967
  + CVE-2019-5736.patch

OBS-URL: https://build.opensuse.org/request/show/674111
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=72
 2019-02-12 14:09:26 +00:00
Dominique Leuenberger
6de3818d6e Accepting request 660263 from Virtualization:containers 
OBS-URL: https://build.opensuse.org/request/show/660263
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/runc?expand=0&rev=21
 2018-12-26 23:25:07 +00:00
Aleksa Sarai
d568e44ecc Accepting request 660132 from home:clee:branches:Virtualization:containers 
- Update go requirements to >= go1.10 to fix
  * bsc#1118897 CVE-2018-16873
    go#29230 cmd/go: remote command execution during "go get -u"
  * bsc#1118898 CVE-2018-16874
    go#29231 cmd/go: directory traversal in "go get" via curly braces in import paths
  * bsc#1118899 CVE-2018-16875
    go#29233 crypto/x509: CPU denial of service

OBS-URL: https://build.opensuse.org/request/show/660132
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=70
 2018-12-20 11:15:05 +00:00
Aleksa Sarai
34ced09c11 Accepting request 657727 from home:dorf:branches:Virtualization:containers 
- Require golang = 1.10.

OBS-URL: https://build.opensuse.org/request/show/657727
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=69
 2018-12-13 07:54:13 +00:00
Dominique Leuenberger
c3baf55d81 Accepting request 652640 from Virtualization:containers 
- Upgrade to runc v1.0.0~rc6. Upstream changelog is available from
  https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc6

OBS-URL: https://build.opensuse.org/request/show/652640
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/runc?expand=0&rev=20
 2018-12-05 08:37:06 +00:00
Aleksa Sarai
801ddcf199 [ DO NOT FORWARD TO FACTORY! ] 
- Upgrade to Docker 18.09.0-ce. See upstream changelog in the packaged
  /usr/share/doc/packages/docker/CHANGELOG.md
- Add revert of an upstream patch to fix docker-* handling.
  + packaging-0001-revert-Remove-docker-prefix-for-containerd-and-runc-.patch
- Rebase patches:
  * bsc1047218-0001-man-obey-SOURCE_DATE_EPOCH-when-generating-man-pages.patch
  * bsc1073877-0001-apparmor-allow-receiving-of-signals-from-docker-kill.patch
  * bsc1073877-0002-apparmor-clobber-docker-default-profile-on-start.patch
  * private-registry-0001-Add-private-registry-mirror-support.patch
  * secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
  * secrets-0002-SUSE-implement-SUSE-container-secrets.patch
- Remove upstreamed patches:
  - bsc1100727-0001-build-add-buildmode-pie.patch

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=67
 2018-11-29 15:15:50 +00:00
Dominique Leuenberger
09bb5bc8ae Accepting request 645770 from Virtualization:containers 
OBS-URL: https://build.opensuse.org/request/show/645770
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/runc?expand=0&rev=19
 2018-11-06 14:29:02 +00:00