Accepting request 1009350 from home:dancermak:branches:devel:microos

Add bugreferences from SLE & cleanup whitespaces OBS-URL: https://build.opensuse.org/request/show/1009350 OBS-URL: https://build.opensuse.org/package/show/devel:microos/podman?expand=0&rev=9
2022-10-10 11:53:28 +00:00 · 2022-10-10 11:53:28 +00:00 · 3d7160c361
commit 3d7160c361
parent 9aaae99778
1 changed files with 22 additions and 21 deletions
--- a/podman.changes
+++ b/podman.changes
@ -190,9 +190,9 @@ Thu Aug 11 08:50:55 UTC 2022 - michael@stroeder.com
    - The podman info command now includes a field for information on supported authentication plugins for improved Docker compatibility. Authentication plugins are not presently supported by Podman, so this field is always empty.
    - The podman system prune command now no longer prints the Deleted Images header if no images were pruned.
    - The podman system service command now automatically creates and moves to a sub-cgroup when running in the root cgroup (#14573).
-    - Updated Buildah to v1.27.0
+    - Updated Buildah to v1.27.0 (fixes CVE-2022-21698 / bsc#1196338)
    - Updated the containers/image library to v5.22.0
-    - Updated the containers/storage library to v1.42.0
+    - Updated the containers/storage library to v1.42.0 (fixes bsc#1196751)
    - Updated the containers/common library to v0.49.1
    - Podman will automatically create a sub-cgroup and move itself into it when it detects that it is running inside a container (#14884).
    - Fixed an incorrect release note about regexp.
@ -234,6 +234,7 @@ Wed Jun 22 09:41:22 UTC 2022 - rbrown@suse.com
  * The podman images --format command now accepts two new format directives: {{.CreatedAt}} and {{.CreatedSince}}.
  * The podman volume create command's -o option now accepts a new argument, o=noquota, to disable XFS quotas entirely and avoid potential issues when Podman is run on an XFS filesystem with existing quotas defined.
  * The podman info command now includes additional information on the machine Podman is running on, including disk utilization on the drive Podman is storing containers and images on, and CPU utilization.
+  * Fix CVE-2022-27191 / bsc#1197284
 - Drop obsolete patches:
  * 0001-Adjust-buildah-to-opencontainers-selinux-v1.10.1.patch
  * 0001-Relabel-relabel-links-instead-of-their-targets.patch
@ -465,7 +466,7 @@ Wed Mar 16 13:25:48 UTC 2022 - rbrown@suse.com
  * compat: images/load must be able to load tar with multiple images
  * System tests: fix for new systemd on rawhide
  * Remove rootless_networking option from containers.conf
-  * vendor c/psgo@v1.7.2
+  * vendor c/psgo@v1.7.2 (fixes CVE-2022-1227 / bsc#1182428)
  * Engine.Remote from containers.conf
  * vendor: bump c/common and other vendors
  * rootless: report correctly the error
@ -1211,8 +1212,8 @@ Tue Dec 07 17:54:32 UTC 2021 - michael@stroeder.com

 - Update to version 3.4.3:
  * Security
-    - This release addresses CVE-2021-4024, where the podman machine command opened the gvproxy API (used to forward ports to podman machine VMs) to the public internet on port 7777.
-    - This release addresses CVE-2021-41190, where incomplete specification of behavior regarding image manifests could lead to inconsistent decoding on different clients.
+    - This release addresses CVE-2021-4024 / bsc#1193166, where the podman machine command opened the gvproxy API (used to forward ports to podman machine VMs) to the public internet on port 7777.
+    - This release addresses CVE-2021-41190 / bsc#1193273, where incomplete specification of behavior regarding image manifests could lead to inconsistent decoding on different clients.
  * Features
    - The --secret type=mount option to podman create and podman run supports a new option, target=, which specifies where in the container the secret will be mounted (#12287).
  * Bugfixes
@ -2128,7 +2129,7 @@ Bugfixes
    - Configuration options for slirp4netns can now be set system-wide via the NetworkCmdOptions configuration option in containers.conf.
    - The MTU of slirp4netns can now be configured via the mtu= network command option (e.g. podman run --net slirp4netns:mtu=9000).
  * Security
-    - A fix for CVE-2021-20199 is included. Podman between v1.8.0 and v2.2.1 used 127.0.0.1 as the source address for all traffic forwarded into rootless containers by a forwarded port; this has been changed to address the issue.
+    - A fix for CVE-2021-20199 / bsc#1181640 is included. Podman between v1.8.0 and v2.2.1 used 127.0.0.1 as the source address for all traffic forwarded into rootless containers by a forwarded port; this has been changed to address the issue.
  * Changes
    - Shortname aliasing support has now been turned on by default. All Podman commands that must pull an image will, if a TTY is available, prompt the user about what image to pull.
    - The podman load command no longer accepts a NAME[:TAG] argument. The presence of this argument broke CLI compatibility with Docker by making docker load commands unusable with Podman (#7387).