forked from pool/docker
Accepting request 973798 from Virtualization:containers
OBS-URL: https://build.opensuse.org/request/show/973798 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/docker?expand=0&rev=120
This commit is contained in:
commit
be2248fdb1
@ -1,7 +1,7 @@
|
|||||||
From f6170a9d05df85cc61f3e5373eceed61ef3d741e Mon Sep 17 00:00:00 2001
|
From 63d19d6ef58457e8aba6346157c9601e38f60929 Mon Sep 17 00:00:00 2001
|
||||||
From: Aleksa Sarai <asarai@suse.de>
|
From: Aleksa Sarai <asarai@suse.de>
|
||||||
Date: Wed, 8 Mar 2017 12:41:54 +1100
|
Date: Wed, 8 Mar 2017 12:41:54 +1100
|
||||||
Subject: [PATCH 1/5] SECRETS: daemon: allow directory creation in /run/secrets
|
Subject: [PATCH 1/6] SECRETS: daemon: allow directory creation in /run/secrets
|
||||||
|
|
||||||
Since FileMode can have the directory bit set, allow a SecretStore
|
Since FileMode can have the directory bit set, allow a SecretStore
|
||||||
implementation to return secrets that are actually directories. This is
|
implementation to return secrets that are actually directories. This is
|
||||||
@ -73,5 +73,5 @@ index 6a50b99bd29e..583db20aa459 100644
|
|||||||
return errors.Wrap(err, "error setting ownership for secret")
|
return errors.Wrap(err, "error setting ownership for secret")
|
||||||
}
|
}
|
||||||
--
|
--
|
||||||
2.33.1
|
2.35.1
|
||||||
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
From a28715c97b87152c41538b137f8ad49003db1756 Mon Sep 17 00:00:00 2001
|
From a472a5da8d0aeb21b4cb6fbd2dc348a753c0a883 Mon Sep 17 00:00:00 2001
|
||||||
From: Aleksa Sarai <asarai@suse.de>
|
From: Aleksa Sarai <asarai@suse.de>
|
||||||
Date: Wed, 8 Mar 2017 11:43:29 +1100
|
Date: Wed, 8 Mar 2017 11:43:29 +1100
|
||||||
Subject: [PATCH 2/5] SECRETS: SUSE: implement SUSE container secrets
|
Subject: [PATCH 2/6] SECRETS: SUSE: implement SUSE container secrets
|
||||||
|
|
||||||
This allows for us to pass in host credentials to a container, allowing
|
This allows for us to pass in host credentials to a container, allowing
|
||||||
for SUSEConnect to work with containers.
|
for SUSEConnect to work with containers.
|
||||||
@ -451,5 +451,5 @@ index 000000000000..9ee33adf7497
|
|||||||
+ return nil
|
+ return nil
|
||||||
+}
|
+}
|
||||||
--
|
--
|
||||||
2.33.1
|
2.35.1
|
||||||
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
From 4914111dcaf1257a9dd3f9f7a089de17c7dc6752 Mon Sep 17 00:00:00 2001
|
From 098dd769a226407da7a695ae44cf2e41a5d13a4a Mon Sep 17 00:00:00 2001
|
||||||
From: Valentin Rothberg <vrothberg@suse.com>
|
From: Valentin Rothberg <vrothberg@suse.com>
|
||||||
Date: Mon, 2 Jul 2018 13:37:34 +0200
|
Date: Mon, 2 Jul 2018 13:37:34 +0200
|
||||||
Subject: [PATCH 3/5] PRIVATE-REGISTRY: add private-registry mirror support
|
Subject: [PATCH 3/6] PRIVATE-REGISTRY: add private-registry mirror support
|
||||||
|
|
||||||
NOTE: This is a backport/downstream patch of the upstream pull-request
|
NOTE: This is a backport/downstream patch of the upstream pull-request
|
||||||
for Moby, which is still subject to changes. Please visit
|
for Moby, which is still subject to changes. Please visit
|
||||||
@ -444,10 +444,10 @@ index c8ddd4c5cfcd..b17e9d25d6c2 100644
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
diff --git a/distribution/pull_v2.go b/distribution/pull_v2.go
|
diff --git a/distribution/pull_v2.go b/distribution/pull_v2.go
|
||||||
index 023ee2e71efd..e14cdd16b410 100644
|
index 123abf6b497a..097ead45d0fd 100644
|
||||||
--- a/distribution/pull_v2.go
|
--- a/distribution/pull_v2.go
|
||||||
+++ b/distribution/pull_v2.go
|
+++ b/distribution/pull_v2.go
|
||||||
@@ -431,7 +431,7 @@ func (p *v2Puller) pullV2Tag(ctx context.Context, ref reference.Named, platform
|
@@ -432,7 +432,7 @@ func (p *v2Puller) pullV2Tag(ctx context.Context, ref reference.Named, platform
|
||||||
// the other side speaks the v2 protocol.
|
// the other side speaks the v2 protocol.
|
||||||
p.confirmedV2 = true
|
p.confirmedV2 = true
|
||||||
|
|
||||||
@ -1142,5 +1142,5 @@ index 3e3a5b41ffbd..451a6f874bc1 100644
|
|||||||
|
|
||||||
endpoints = []APIEndpoint{
|
endpoints = []APIEndpoint{
|
||||||
--
|
--
|
||||||
2.33.1
|
2.35.1
|
||||||
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
From 29779c3e010e387ef037e5ef9a33cf05a14c79ea Mon Sep 17 00:00:00 2001
|
From 5e84bae968f7beadd92452795cfe2ce4f8995cef Mon Sep 17 00:00:00 2001
|
||||||
From: Aleksa Sarai <asarai@suse.de>
|
From: Aleksa Sarai <asarai@suse.de>
|
||||||
Date: Fri, 29 Jun 2018 17:59:30 +1000
|
Date: Fri, 29 Jun 2018 17:59:30 +1000
|
||||||
Subject: [PATCH 4/5] bsc1073877: apparmor: clobber docker-default profile on
|
Subject: [PATCH 4/6] bsc1073877: apparmor: clobber docker-default profile on
|
||||||
start
|
start
|
||||||
|
|
||||||
In the process of making docker-default reloading far less expensive,
|
In the process of making docker-default reloading far less expensive,
|
||||||
@ -85,5 +85,5 @@ index 2a2fbbd52e19..0999ac3186b7 100644
|
|||||||
}
|
}
|
||||||
|
|
||||||
--
|
--
|
||||||
2.33.1
|
2.35.1
|
||||||
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
From a6aa2a591d31f43e01ba29abdf73658b34fded49 Mon Sep 17 00:00:00 2001
|
From 98822d2010c709e64d5e86d7ec8e054861080a53 Mon Sep 17 00:00:00 2001
|
||||||
From: Michal Rostecki <mrostecki@opensuse.org>
|
From: Michal Rostecki <mrostecki@opensuse.org>
|
||||||
Date: Thu, 8 Apr 2021 14:42:02 +0100
|
Date: Thu, 8 Apr 2021 14:42:02 +0100
|
||||||
Subject: [PATCH 5/5] bsc1183855: btrfs: Do not disable quota on cleanup
|
Subject: [PATCH 5/6] bsc1183855: btrfs: Do not disable quota on cleanup
|
||||||
|
|
||||||
Before this change, cleanup of the btrfs driver (occuring on each daemon
|
Before this change, cleanup of the btrfs driver (occuring on each daemon
|
||||||
shutdown) resulted in disabling quotas. It was done with an assumption
|
shutdown) resulted in disabling quotas. It was done with an assumption
|
||||||
@ -140,5 +140,5 @@ index 8fd2854a2673..32c4f07c620d 100644
|
|||||||
}
|
}
|
||||||
if err := subvolLimitQgroup(dir, size); err != nil {
|
if err := subvolLimitQgroup(dir, size); err != nil {
|
||||||
--
|
--
|
||||||
2.33.1
|
2.35.1
|
||||||
|
|
||||||
|
41072
0006-bsc1193930-vendor-update-golang.org-x-crypto.patch
Normal file
41072
0006-bsc1193930-vendor-update-golang.org-x-crypto.patch
Normal file
File diff suppressed because it is too large
Load Diff
@ -1,3 +1,16 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Apr 29 02:51:43 UTC 2022 - Aleksa Sarai <asarai@suse.com>
|
||||||
|
|
||||||
|
- Add patch to update golang.org/x/crypto for CVE-2021-43565 and CVE-2022-27191.
|
||||||
|
bsc#1193930 bsc#1197284
|
||||||
|
* 0006-bsc1193930-vendor-update-golang.org-x-crypto.patch
|
||||||
|
- Rebase patches:
|
||||||
|
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
|
||||||
|
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
|
||||||
|
* 0003-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch
|
||||||
|
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
|
||||||
|
* 0005-bsc1183855-btrfs-Do-not-disable-quota-on-cleanup.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Apr 14 04:09:58 UTC 2022 - Aleksa Sarai <asarai@suse.com>
|
Thu Apr 14 04:09:58 UTC 2022 - Aleksa Sarai <asarai@suse.com>
|
||||||
|
|
||||||
|
@ -94,6 +94,9 @@ Patch200: 0003-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch
|
|||||||
Patch300: 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
|
Patch300: 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
|
||||||
# SUSE-BACKPORT: Backport of https://github.com/moby/moby/pull/42273. bsc#1183855 bsc#1175081
|
# SUSE-BACKPORT: Backport of https://github.com/moby/moby/pull/42273. bsc#1183855 bsc#1175081
|
||||||
Patch301: 0005-bsc1183855-btrfs-Do-not-disable-quota-on-cleanup.patch
|
Patch301: 0005-bsc1183855-btrfs-Do-not-disable-quota-on-cleanup.patch
|
||||||
|
# SUSE-BACKPORT: Backport of several golang.org/x/crypto updates.
|
||||||
|
# bsc#1193930 CVE-2021-43565 bsc#1197284 CVE-2022-27191
|
||||||
|
Patch302: 0006-bsc1193930-vendor-update-golang.org-x-crypto.patch
|
||||||
BuildRequires: audit
|
BuildRequires: audit
|
||||||
BuildRequires: bash-completion
|
BuildRequires: bash-completion
|
||||||
BuildRequires: ca-certificates
|
BuildRequires: ca-certificates
|
||||||
@ -262,6 +265,8 @@ docker container runtime configuration for kubeadm
|
|||||||
%patch300 -p1
|
%patch300 -p1
|
||||||
# bsc#1183855 bsc#1175081
|
# bsc#1183855 bsc#1175081
|
||||||
%patch301 -p1
|
%patch301 -p1
|
||||||
|
# bsc#1193930 CVE-2021-43565 bsc#1197284 CVE-2022-27191
|
||||||
|
%patch302 -p1
|
||||||
|
|
||||||
# README_SUSE.md for documentation.
|
# README_SUSE.md for documentation.
|
||||||
cp %{SOURCE103} .
|
cp %{SOURCE103} .
|
||||||
|
Loading…
Reference in New Issue
Block a user